Reading:
NHS test and trace privacy
Share:
Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.
NHS test and trace contact centres have been implicated in a security controversy, after concerns were raised that staff have been using their personal email addresses for sending private health data, according to Healthcare IT News.
The test and trace scheme has been subjected to data security criticisms since its beginnings. Some worries look to have been proven right, given that a number of data breaches have exposed coronavirus test results over the past year. With the medical sector already a prime target for hackers, it seems clear to us that more needs to be done.
While the Covid-19 pandemic has challenged NHS staff and resources, it is still unacceptable that data security has been allowed to slip, particularly given that the pandemic has seen a spike in the occurrence of cyberattacks. Where sensitive medical information is at stake, there can be no room for error.
According to a whistle-blower, staff at NHS test and trace call centres have been using personal email accounts for communicating private health information. The person in question was previously employed by Sitel, a firm to which the NHS is outsourcing a large portion of the operations at the tests and trace call centres.
It was alleged that managers told staff to make use of their own email accounts for this purpose, as using internal systems was reportedly making it difficult to use the centres’ online platform to share information securely. The accounts have reportedly been used to send case details for review, with senders allegedly including names, phone numbers, dates of birth, and NHS numbers in their messages.
The ICO has since confirmed that the complaint is being addressed, which suggests that the use of personal email addresses could be in breach of the GDPR.
The call centres are not the only branch of the NHS test and trace programme to be associated with data privacy problems.
In September last year, it was revealed that Public Health Wales accidentally published the details of some 18,000 people who had tested positive for coronavirus, revealing initials, birth dates, geographical areas and sex in most cases.
The mistakes are unsurprising given that the government reportedly failed to fully review the privacy implications of the NHS test and trace programme before its rollout, which could constitute a breach of data protection law.
To add to this, Serco, a company that also plays a role in test and trace operations, suffered a ransomware attack in February this year. Though the NHS test and trace programme is understood to have not been impacted by this attack, it raises concerns about the cybersecurity of the systems involved in NHS operations nevertheless.
Anyone who has suffered the effects of a healthcare data breach may be able to make a compensation claim. The healthcare sector continues to make unacceptable errors with regard to data protection, but making a claim could motivate services to make fundamental changes to their data security measures, and force the government to increase much-needed funding.
For free, no-obligation advice on a potential compensation claim, you can contact us today or register your details to sign up for a call-back.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
