With so many NHS employees and resources devoted to suppressing the spread of Covid-19, data security concerns have inadvertently been pushed to one side by healthcare organisations in 2020 in some cases.
It is believed that cybercriminals took advantage of this gap in data protection by launching more attacks on hospitals and other public health organisations. Meanwhile, human error has continued to be a contributing factor, causing several notable healthcare breaches in 2020 also.
The coronavirus pandemic has undoubtedly laid bare the security risks faced by healthcare organisations. Though cyberattack attempts have likely increased during the Covid-19 crisis, healthcare organisations have always been prime targets for cybercriminals, given the sensitivity of the information they hold. As such, the same risks will confront them in the years to come if changes are not made.
We have witnessed first-hand the damage that can be caused by data breaches in our support for the victims. Anyone who has suffered the effects of healthcare data breaches, or any other kind of data breach, may be able to claim compensation for the harm caused.
The risk factor of coronavirus
In the US, healthcare data breaches reportedly spiked by over 50% in 2020, and many of the breaches were more costly than those in the previous year. While we do not have overall figures for UK healthcare breaches in 2020, there are a number of noteworthy cases that highlight the risks posed to healthcare organisations in this unprecedented year. Further, there can be similarities in terms of the US organisations being attacked in the same way that ours are.
In March, the National Cyber Security Centre (NCSC) warned of the increased risk to healthcare and medical research organisations, highlighting a recent wave of ‘password spraying’ attacks, in which hackers input a range of commonly used passwords in order to try to breach accounts.
The initial warnings about the heightened threat produced by the Covid-19 pandemic were proved right in later reports. NHS Digital revealed that NHS organisations had reported a total of 21,188 malicious emails in the month of March alone, dropping to 8,085 during April and decreasing in the summer months. In this March figure, the impact of the first national lockdown on cybercrime is clear to see.
Human error healthcare breaches in 2020
A number of healthcare breaches in 2020 were caused by human error. The test and trace programme and the testing effort itself both presented security concerns. Not only did the Department of Health reportedly admit to bypassing privacy considerations before implementing the test and trace programme, but a human error at Public Health Wales also caused the personal data of 18,105 people who had tested positive for Covid-19 to be published online on a public server.
When it comes to these kinds of breaches, as a leading firm of data protection lawyers, we can help.
Making a compensation claim
All the examples of healthcare breaches in 2020 listed above highlight that data protection still seems to be a secondary consideration for many healthcare organisations. In order to lessen the risks of a medical data breach, UK healthcare organisations need to reinvigorate their data protection provisions as a matter of urgency.
As long as organisations fail to prioritise data security, we are here to help the victims of data breaches to claim compensation for the harm caused to them. If you have been affected by a data breach and wish to seek justice, contact us for free, no-obligation advice on your potential claim.
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.
First published by Author on June 07, 2021
Posted in the following categories: Claims Cybersecurity Data Government Healthcare Latest Scammers Security and tagged with cybersecurity | data breach | data controllers | data leak | government | healthcare sector | medical data breach | medical records | nhs | personal data