Sensitive details of 500 NHS doctors exposed online due to human error

Sensitive details of 500 NHS doctors exposed online due to human error

Human Factors / Sensitive details of 500 NHS doctors exposed online due to human error

Sensitive details of 500 NHS doctors exposed online due to human error

The NHS has suffered yet another data breach thanks to inappropriate handling of sensitive data by one of their staff.

Personal details of as many as 500 NHS doctors were exposed after an internal spreadsheet containing their details was published online.

Personal details of as many as 500 specialist trainee doctors at St Helens and Knowsley Teaching Hospitals NHS Trust were exposed after an internal spreadsheet containing their sensitive and private details was published online. Details in the spreadsheet included National Insurance numbers, email addresses, and home addresses of the 500 doctors.

NHS doctors using SnapChat to share patient scans and other records

The NHS Trust acted quickly to remove the exposed data and informed the Information Commissioner's Office about the breach.

"I'm glad the Trust acted so quickly [to remove the data,] but this should never have been loaded onto the website in the first place. It has left all of us potentially at risk of identity theft or fraud or worse. It's pretty shocking," said one of the affected doctors to the Health Service Journal.

In July, an Italian researcher at the North Middlesex University Hospital was fired after he revealed sensitive details of 31 women who had given birth at the hospital via a Facebook post. While the breach was a cause of concern, what was more worrying that it revealed details of several women who had not consented to be part of an internal programme on which the researcher was working on.

The recent data breach at St Helens and Knowsley Teaching Hospitals NHS Trustmakes it clear that merely updating outdated software in NHS hospitals will not prevent data breach as human factor continues to remain the largest vector for such leaks.

Sensitive details of Bupa's insurance customers breached by rogue employee

"We're not sure that automation would remove the risk, because robots need to be programmed by competent IT managers - and it's looking less and less like the NHS has too many available," said Matt Lock, director of sales engineers at Varonis to V3.

In July, the ICO also found the Royal Free NHS Foundation Trust guilty for sharing sensitive data of 1.6 million patients without adequately informing patients on how their data would be used. The Trust has been ordered to conduct a privacy impact assessment which will explain how the Trust will comply with the Data Protection Act while conducting clinical safety tests.

The following two tabs change content below.

Jay Jay

Jay has been a technology reporter for almost a decade. When not writing about cybersecurity, he writes about mobile technology for the likes of Indian Express, TechRadar India and Android Headlines

Comments

Most Popular

Get the latest cyber news in your inbox

Join our community of cyber professionals today!