Around half of signatures used on a petition against the Royal College of Nursing’s (RCN) recommendation to accept a pay deal were ‘submitted fraudulently’, an independent investigation has found.
While investigators said there was no evidence of an internal data breach, the RCN has apologised to its members for ‘any personal distress’ the situation has caused.
The petition was created by members in March after the RCN’s governing council recommended a pay offer for NHS nursing staff in England be accepted. As reported by Nursing in Practice, the offer was later rejected by members and now the college is seeking an England-wide NHS nursing strike mandate.
The petition was submitted to the RCN after receiving the 1,000 signatures needed to call an Extraordinary General Meeting (EGM).
However, concerns then emerged that signatures had been added without the knowledge or consent of some individuals.
In April, the RCN then commissioned data security firm Dionach to conduct a digital forensic investigation into the situation.
Findings published this week suggest that approximately half of all signatures on the petition were submitted fraudulently – without the individuals’ consent – and that a third party had done so to ‘alter the results’ of the petition.
According to the executive summary of the investigation report, seen by Nursing in Practice, the petition saw a deceased member’s details used as a signature, as well as several signatures which used member’s previous surname instead of their current surname.
In addition, there were a number of duplicated signatures, as well as signatures which used the same mobile number for different members.
Further analysis had showed that there were five ‘clustered submissions’ in which signatures were being submitted on average once every 45 seconds – and all of these signatures used identical formatting for mobile phone numbers.
Meanwhile, it was also found that the ‘likely’ source of the data used was from a similar EGM petition in 2020. Investigators recognised a ‘large number of individuals’ had access to this data, including petition organisers, previous and current RCN Council members and previous and current RCN staff members.
Investigators said it was ‘unlikely that a current RCN staff member would have submitted fraudulent signatures using out of date information’ and ‘less likely that the 2023 EGM petitioners would have submitted fraudulent signatures’.
On the recommendation of the investigation, the RCN is set to enlist a further external team to contact key people who may have access to data relating to the 2020 EGM petition to try and identify who was responsible. It will also seek to establish whether there were any ‘irregularities’ with the 2020 petition data, the college said.
The RCN also confirmed that work was underway to seek a new approach to the use of petitions and that a change in the rules related to how an EGM can be called is to be considered in the coming months.
Ken Spearpoint, a principal lecturer, is one of those impacted and previously told Nursing in Practice he had been ‘disturbed’ and ‘profoundly offended’ when he learned his name had been used on the petition without his permission.
Today, he said he welcomed the report and hoped its recommendations were followed ‘so that identifiable loopholes that enable fraudulent activity of this nature to take place can be closed’.
Mr Spearpoint added that he remained ‘deeply concerned’ that an individual or group had taken ‘an active, deliberate decision to use my name and e-mail address without my knowledge or consent’ and urged those responsible to come forward.