Welcome To The Data Leak Lawyers Blog
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
The circumstances surrounding the Ed Sheeran hospital data breach is not an uncommon occurrence.
Two members of staff at the Ipswich Hospital were disciplined for illegally accessing Ed Sheeran’s private medical information after he’d sustained injuries from a bicycle accident, with the star suffering from a broken his right wrist and left elbow that led to tour dates being cancelled.
One staff member embroiled in the data breach has been sacked while the other has reportedly received a written warning after being caught accessing Ed Sheeran’s personal details without any reason; but this kind of behaviour is not uncommon.
The new GDPR that came into force last month has potentially allowed for delivery drivers to be responsible for data breaches, which has led to the National Pharmacy Association (NPA) issuing a warning over the potential risks.
The GDPR outlines that the sending of personal data to the incorrect recipient falls within the scope of a data breach, meaning delivery driver errors can be classed as a data protection breach.
According to the NPA’s latest safety report, delivery drivers accounted for 5% of all dispensing errors in a period of just three months.
We’re halfway through 2018, and a recent study has suggested that over a million records have been subject to patient healthcare data breaches so far; and that was actually in the first quarter of the year.
The data released last month perhaps highlights the extent of patient healthcare data breaches and how common they are, which in turn goes to show why so many people come forward to claim for medical data breach compensation.
Other findings in the studies also highlighted a number of common problems we’re already aware of as a firm of lawyers who fight for the rights of data breach victims.
A hospital has reportedly sent the wrong medical records detailing the miscarriage data of another patient.
Liverpool Women’s Hospital were supposed to send a patient her medical records after she suffered a miscarriage at the hospital. As well as sending her own records, they somehow managed to send the medical data of another patient with the hospital notes as well.
The medical data breached in this incident included the patient’s name, address, data of birth, NHS number and notes about treatment they had received at the hospital for a miscarriage
The healthcare sector is at risk of ‘grunt bot’ attacks, which are one of many innovations hackers have come up with to save themselves time and give themselves the ability to hack their targets more easily and more efficiently.
Grunt bots – literally automated bots that can seek out weak and vulnerable systems and break into them for the hacker in seconds – can save a hacker potentially hours of manual work. The healthcare sector is at particular risk because they’re known to sometimes use outdated systems which can be more vulnerable to attack.
It’s another wake-up call that means, unless healthcare sector shapes up its cybersecurity, they are at risk.
There has been another prosecution over the access of patient records without authorisation in the NHS.
The UK’s Information Commissioner’s Office (ICO) has fined and prosecuted Michelle Harrison, formerly employed by Milton Keynes Hospital Trust, for accessing patient records without authorisation. Harrison reportedly pleaded guilty to improperly accessing the records of 12 people without any need or authorisation to do so.
This prosecution is the latest in a long line the ICO has had to enforce against NHS staff accessing medical records when they shouldn’t be.
Oswestry Orthopaedic Hospital has reported a data breach involving patients who were taking part in a study.
The hospital, based in Shropshire near the Welsh border, confirmed the data breach in a report to the Shropshire Clinical Commissioning Group’s governance board. The data breached has been described as confidential information, and an investigation is believed to have been initiated.
It’s understood that the data breach has been reported to the Information Commissioner’s Office (ICO).
Inogen Inc. have reported a medical data breach involving some 30,000 customers where the improper access of personal information occurred.
Medical data breaches are a real concern, and medical device data breaches are a current issue given that medical devices in this day and age can be computer controlled and are “smart” devices that can send data from patients to servers elsewhere.
While smart medical devices could undoubtedly save lives as the flow of data can be vitally important for patient wellbeing, medical device data breaches are a monumental worry, which is why any medial data breach involving a device-maker is a cause for alarm.
Last year’s WannaCry attack was a lucky escape, and the government is quite rightfully being urged to learn lessons from the encounter. We are almost a year on from the day that saw around one-third of all NHS Trusts in England disrupted by the malware attack that specifically targeted older (and therefore weaker) systems and servers.
The attack saw hundreds of other NHS organisations – including almost 600 GPs – infected during the attack, and some 20,000 hospital appointments and operations were cancelled.
Ultimately, the WannaCry attack was simple malware that still managed to cripple the NHS. It was a lucky escape, and future attacks involving medical data could be far, far worse.
read more
You are entitled to claim for hospital data breach compensation if your personal and medical data has ever been leaked, hacked or generally breached.
A hospital data breach can of course be very severe, given the type of data they often hold about people.
A patient can be entitled to claim compensation for any distress or serious psychological harm caused as a result of a hospital data breach. Whether it’s general data or sensitive medical data that is private and personal, the avenue for compensation is available for victims.
read more
EasyJet admits data of nine million hacked
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
