Healthcare data breaches caused by human error can be common. As a victim of an event like this, where do you stand? Can you claim compensation, and who do you claim from?
As a leading firm of data breach and consumer action lawyers, let us give you an insight in this article.
Medical data breach claims are one of the most common types that we take forward for people, and this applies to many of the thousands of people that we represent. We can offer No Win, No Fee representation for suitable cases, and there is a path to justice even where a data breach is caused by the fault of a person.
The looming threat of human error data breaches
Healthcare data breaches caused by human error is a serious issue. With some research reportedly indicating that human error incidents make up around a third of all healthcare data breaches, it’s clear that this is a serious issue that needs to be addressed.
It can happen in so many ways, from simple leaks or disclosures where someone has not consented to data being used or shared, or even leaving a database unsecure. In the huge Virgin Media data breach group action that we’re representing people for, the company has linked an element of human error due to the fact that the incorrectly configured database reportedly stemmed from an employee’s actions. Further back, the 2017 Equifax data breach was said to have arisen from the failure of a technician to patch a known security vulnerability.
We also represent clients for the Equifax breach as well.
Human error can also be linked to cyberattacks too. If an employee falls for a phishing scam or fails to adequately secure data, there’s still an element of human error. Information could be taken off an organisation’s server and stored on a less secure personal device, or even a poor password used by an employee could be hacked. If the organisation has (as it should do) a strong password policy, the human error element can remain.
What are your rights
Human error and data breaches can often go together, but we always look past the obvious blame game when it comes to who’s at fault. Yes, there may be an element where someone has done something wrong, but we usually find that systemic problems can be the root cause.
There have been some infamous examples of healthcare data breaches caused by human error, or where an element of an employee being at fault is involved. In many of these cases, we look a how the organisation is responsible. Perhaps one of the most well-known examples is the 56 Dean Street Clinic data leak of 2015 that we’ve been heavily involved with. In reality, an employee should never have been put in a position where they had to send a mass email to hundreds of people by simply using the BCC function. This is archaic and dangerous as we saw, because the CC function was accidentally used instead, leaking personal and sensitive data to hundreds of patients.
There’s plenty of software available to use where organisations can safely send emails to thousands of people without the risk of a data leak.
In any event, the negligence of an employee can fall on to their employer. This is typically known as vicarious liability, and it means that a victim of a data breach can simply pursue their case against the organisation instead of a person.
You should never be put off by the term “human error”. When you consider the systemic problems that can really be the responsibility of the organisation, and the fact you can still claim for their negligence, you have a route to justice.
Compensation for healthcare data breaches caused by human error
To claim compensation for healthcare data breaches caused by human error, all you need to do is get in touch with the team today.
We’re more than happy to offer you free and no-obligation advice, and we also offer No Win, No Fee representation as well.
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.
First published by Matthew on July 08, 2020
Posted in the following categories: Claims Cybersecurity Employee Data Breach GDPR Healthcare Security and tagged with compensation | cybersecurity | data breach | data controllers | data leak | employee breaches | gdpr | healthcare sector | medical data breach | medical records | nhs | personal data | phishing scams