Sensitive details of 500 NHS doctors exposed online due to human error

Sensitive details of 500 NHS doctors exposed online due to human error

The NHS has suffered yet another data breach thanks to inappropriate handling of sensitive data by one of their staff.

Personal details of as many as 500 NHS doctors were exposed after an internal spreadsheet containing their details was published online.

Personal details of as many as 500 specialist trainee doctors at St Helens and Knowsley Teaching Hospitals NHS Trust were exposed after an internal spreadsheet containing their sensitive and private details was published online. Details in the spreadsheet included National Insurance numbers, email addresses, and home addresses of the 500 doctors.

NHS doctors using SnapChat to share patient scans and other records

The NHS Trust acted quickly to remove the exposed data and informed the Information Commissioner’s Office about the breach.

“I’m glad the Trust acted so quickly [to remove the data,] but this should never have been loaded onto the website in the first place. It has left all of us potentially at risk of identity theft or fraud or worse. It’s pretty shocking,” said one of the affected doctors to the Health Service Journal.

In July, an Italian researcher at the North Middlesex University Hospital was fired after he revealed sensitive details of 31 women who had given birth at the hospital via a Facebook post. While the breach was a cause of concern, what was more worrying that it revealed details of several women who had not consented to be part of an internal programme on which the researcher was working on.

The recent data breach at St Helens and Knowsley Teaching Hospitals NHS Trustmakes it clear that merely updating outdated software in NHS hospitals will not prevent data breach as human factor continues to remain the largest vector for such leaks.

Sensitive details of Bupa’s insurance customers breached by rogue employee

“We’re not sure that automation would remove the risk, because robots need to be programmed by competent IT managers – and it’s looking less and less like the NHS has too many available,” said Matt Lock, director of sales engineers at Varonis to V3.

In July, the ICO also found the Royal Free NHS Foundation Trust guilty for sharing sensitive data of 1.6 million patients without adequately informing patients on how their data would be used. The Trust has been ordered to conduct a privacy impact assessment which will explain how the Trust will comply with the Data Protection Act while conducting clinical safety tests.

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”” /]