Welcome To The Data Leak Lawyers Blog

ICO cautions NHS staff against illegally accessing patient medical records

The Information Commissioners Office (ICO) has specifically reminded NHS staff not to access patient medical records without proper reason and / or proper authority. Illegally accessing, obtaining and/or disclosing patient medical records without permission is not only a violation of patient data protection rights, but also exposes the wrongdoer and the NHS to legal action and costly fines.

This latest ICO warning was prompted by a recent case where a former health care assistant accessed medical records belonging to several patients without a valid reason. Over a period of a year and a half, Brioney Woolfe reportedly accessed patient files belonging to 29 individuals, including her family members, colleagues and other patients.
read more

By Author

9 out of 10 healthcare organisations have dealt with data breaches

According to a Ponemon Institute study (Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data) released in May 2016, 90% of all healthcare organisations have ‘dealt with a data breach in the past two years‘.

As we know, data breaches appear to be on an upward trend for a number of reasons, including the greater reliance on digital means of storing and accessing information, as well as because data breach reporting is often mandatory in many countries, and the rules are being tightened.

This latest research doesn’t make for comfortable reading at all…
read more

By Author

Tewksbury Hospital admits data breach by former employee

A former employee stands accused of inappropriately accessing over a thousand patient records without authorisation.

It’s believed more than 1,100 patients may have had their medical records viewed without reason for a 14-year period.

Authorities were alerted to the data breach when a former patient raised concerns that their medical records may have been accessed inappropriately online. An internal review found that a hospital employee had indeed accessed the records “without a good reason” to do so. From there, it was found that the same employee had accessed a huge number of former and current patient medical records without authorisation or grounds to do so.
read more

By Author

56% of healthcare organisations plan on investing in data breach protection

A new survey reveals that many healthcare providers plan to invest in data breach protection. A recent study named IT Risks in Healthcare Infographics 2017 gathered information based on feedback provided by IT specialists working in healthcare organisations worldwide.

Off the back of breaches that have plagued the healthcare industry for years, many organisations may now be finally planning to invest more in data protection and cybersecurity.

It’s about time…
read more

By Author

Indiana Medicaid data breach may affect an “undisclosed” number of patients

Medicaid was started in the U.S to help families and individuals who struggle to pay for medical care. The social healthcare program is run by the government and provides financially limited people with free health insurance.

As we know, organisations like this are just as vulnerable as others to data breaches, data leaks, and cyber hacks.

In this instance, patient data was reportedly accidentally made live through a hyperlink (internet web link). The hyperlink was publicly accessible, meaning anyone who clicked on it could see the medical information contained on it.
read more

By Author

2017: The year of the healthcare data breaches!

Health data breaches have seen an unprecedented rise in recent times. Overwhelmed and untrained healthcare administrators appear to be making simple errors in some cases, and as a result, millions of people are at risk of their personal information being released.

On top of this, cyber criminals are targeting hospitals, GP practices and University health research facilities to steal and hold medical data for ransom. In the ever-advancing digital world, our cyber security measures are failing to keep up, and it seems like the healthcare sector still remains way off the mark.
read more

By Author

Hackers publish private information of 25,000 patients from a Lithuanian cosmetic surgery clinic

Another massive cyber-attack in a healthcare industry.

More than 25,000 private photos – including naked images – were made public by hackers on the 30^th May as they gained access to a Lithuanian surgery’s server.

The Grozio Chirurgija clinic based in Kaunas, Lithuania, was hacked earlier this year by a group calling themselves “Tsar Team”. They managed to break into the servers in March, originally releasing a portion of their database alongside a large ransom demand from the surgery.
read more

By Author

March 2017 saw a 1.5 million spike in lost or stolen medical records

Protenus, a company who protect patient privacy in the U.S., compiles a monthly report on data breaches called the Protenus Breach Barometer (PBR) using data provided by DataBreaches.net. It analyses all breaches reported to the Department of Health and Human Services (HSS) in the U.S or to the media in 2017.

Looking at breaches that compromised healthcare records for the past few months in 2017, January and February seemed relatively quiet with 388,000 and 200,000 patient records respectively. However, when compared to the massive spike of 1,519,521 compromised patient records in March, it makes the previous figures look insignificant.
read more

By Author

Are large teaching hospitals more likely to have data breaches?

A new study finds that teaching hospitals are more likely to suffer from data leaks.

In a new study published by the Journal of the American Medical Association (JAMA), researchers found that larger health care providers and teaching hospitals are more likely to have data breaches. At the John Hopkins Carey Business School, Assistant Professor Ge Bai identified that around 1,800 data breaches were reported in the last 7 years, and he found that, the larger the hospital, the more data breaches occur.
read more

By Author