You are not permitted to download, save or email this image. Visit image gallery to purchase the image.
The Southern District Health Board has breached patients' privacy almost once a week for the past five years, figures show.
A victim whose case is under review described the numbers as "unbelievable".
Notes recorded by a nurse detailing sexual abuse of the Dunedin woman's child were accidentally emailed to an unrelated Porse teacher in November last year.
The SDHB apologised for the mistake but the woman has made a complaint with the privacy commissioner.
She said she was staggered by the numbers released to the Otago Daily Times last week under the Official Information Act - 210 privacy breaches between mid-2014 and March this year.
A slew of those had come recently.
In 2018, there were 87 breaches, more than twice those in the previous year and three times as many as in 2016.
Health board chief executive Chris Fleming was quick to downplay the significance of the rising numbers.
"It is important to note that Southern DHB has what it considers to be a low threshold of what constitutes a privacy incident. In the vast majority of these incidents, consumer risk is negligible at best," he said.
Added to that, Mr Fleming said, staff were encouraged to document any such mistakes they made.
According to the statistics, the most common breach was sending out information to the wrong recipient, which happened 51 times, followed by leaving written information outside a controlled area and mailing patient details to the wrong medical professional.
In most cases, the outcome was noted as "raised awareness" or "improved safety".
Only once was it noted that a matter was elevated to the human resources department.
Mr Fleming said specific disciplinary outcomes for staff responsible for privacy breaches were not recorded.
The recent victim, who spoke to the ODT on condition of anonymity, said that since a meeting with the SDHB in February, she had heard little about her case.
The overwhelming fear was that the sensitive information about her family - which included her children's names and schools - had been spread widely.
"How many inboxes is that sitting in?" she said.
"That's the biggest concern."
The trauma of not knowing had led to the woman regularly visiting her doctor, and a change in medication to combat the stress had left her "like a zombie".
The SDHB was working with IT experts to find out how many times the documents had been sent out and an answer was expected soon.
Hearing about the depth of the privacy-breach problem stunned the victim.
"They've always made out to me this was an isolated incident," she said.
"I'm just another one of 200 they've `unreservedly apologised' to."
Mr Fleming said only five victims of SDHB privacy breaches had been financially compensated in the past five years.
"Due to the extraordinarily low quantum", he refused to disclose the amount paid out - for fear it would breach those people's privacy.