We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
With many businesses and other organisations opting for cloud storage to hold personal information, there is a new dimension of risk management for data controllers to deal with. Healthcare cloud data breaches can be a particular risk, as the healthcare sector has long been a target of cyberattacks, and hospitals’ cloud storage systems can contain a wealth of sensitive data.
When configured and operated correctly, cloud databases should be entirely secure; but user errors can compromise entire systems. Private information can be put at risk by these needless mistakes, leaving the victims vulnerable to data misuse.
Anyone who has had their personal security endangered by a cloud data breach may be able to claim compensation. There are no excuses for database mismanagement, so companies can be held accountable in accordance with the law. To find out more about making a claim, you can contact our team for free, no-obligation advice.
We have been approached for help and are taking legal action now for people affected by the recently revealed Deerbrook Surgery data breach who are eligible to claim with us.
Your Lawyers (T/A The Data Leak Lawyers), as a leading firm of data breach compensation experts, is often at the forefront of this still-developing area of law. When new breaches and leaks happen, it can be common for the victims to approach us for help early on. We are often in the media a lot, and we have been working in this niche area of law since 2014. This is a lot longer than most other firms out there, and is why we represent thousands of clients for singular cases and in group and multi-party actions.
Having already recovered over £1m for mostly individual clients, our experience speaks for itself. If you have been affected by the Deerbrook Surgery data breach, you can speak to our team here now for free, no-obligation advice.
With the cyber threat facing healthcare organisations across the globe and on a domestic level at a high, a significant Public Health England data breach could easily happen. With cybersecurity and data protection under such scrutiny, it is natural that doubts have been cast over all kinds of data controllers in the healthcare sector.
The spike in cyberattacks on the healthcare sector has been a much-reported issue over the past year or so, with a perception that cybercriminals have sought to take advantage of the chaos caused by the coronavirus pandemic. However, it is also true that a vast number of data breaches within the healthcare sector are caused by human error, so healthcare organisations must focus on internal training to ensure that they keep information secure.
If you have been affected by a healthcare data breach, you may be entitled to claim compensation for the harm caused. At Your Lawyers – the Data Leak Lawyers – as leading privacy claims experts, we have years of experience in data breach claims, and we can use our expertise to help you achieve the justice you deserve.
On top of the Covid-19 pandemic, healthcare organisations across the globe have also had to contend with rising healthcare cyberattacks since the outbreak began. Cybercriminals, perceiving that attention was diverted to managing the virus, have perhaps seen the pandemic as an opportunity to target hospitals and healthcare organisations under strain. The need for strong cybersecurity in the NHS has, therefore, never been more urgent.
Unfortunately, the NHS has not been known for good cybersecurity and data protection measures in the past, having suffered a number of severe cyberattacks and data breaches in recent years. One of the most infamous incidents was the WannaCry ransomware attack of 2017, where the NHS was said to be more susceptible to this attack due to a failure to follow cybersecurity recommendations.
Even within the context of the Covid-19 pandemic, there is no excuse for poor data protection by healthcare organisations, and the government must step in where funding is an issue. It is vital that action is taken to tackle the short-term threat, as well as planning for the future of cyberattacks.
Healthcare organisations hold a vast array of different data about their patients, most of which is highly private and sensitive. Confidential medical information should be safeguarded by the principle of doctor-patient confidentiality, as well as by strong data protection measures. Unfortunately, the number of cybercriminals targeting medical data appears to be on the rise around the globe.
With medical information a prime target, it is important that all healthcare organisations ensure that their systems are secure, and that employees abide by strict data protection procedures. However, in too many cases, there appears to be holes in the defences that put patient data at risk.
Any patient that has been made vulnerable to data misuse by the errors of a healthcare organisation may be able to claim compensation for the harm caused. If you think that you may have a claim to make, you can contact us for free, no-obligation advice on your potential compensation claim.
NHS test and trace contact centres have been implicated in a security controversy, after concerns were raised that staff have been using their personal email addresses for sending private health data, according to Healthcare IT News.
The test and trace scheme has been subjected to data security criticisms since its beginnings. Some worries look to have been proven right, given that a number of data breaches have exposed coronavirus test results over the past year. With the medical sector already a prime target for hackers, it seems clear to us that more needs to be done.
While the Covid-19 pandemic has challenged NHS staff and resources, it is still unacceptable that data security has been allowed to slip, particularly given that the pandemic has seen a spike in the occurrence of cyberattacks. Where sensitive medical information is at stake, there can be no room for error.
A recent postbox theft at a GP surgery in Norwich has demonstrated the sometimes unexpected forms that data crime can come in. In late May, Hellesdon Medical Practice is understood to have informed its patients that a postbox had been stolen by an unknown person, causing a severe data breach due to the private correspondence it contained.
Data security incidents like this may be relatively small in scale compared to the huge cyberattacks affecting large companies in the digital age, but they still have the potential to severely impact the victims. The Hellesdon Medical Practice data breach also raises questions about how we can ensure the security of documents sent in the post, particularly when we don’t have the benefit of firewalls and encryption, as we often do in digital data transfer.
Any data exposure incidents involving physical records should be treated with the seriousness they deserve, as they can still constitute a breach of data protection law. Where a third-party data controller fails to effectively protect your information, you could be eligible to claim compensation for the harm caused.
NHS CCTV cameras have reportedly been embroiled in a hack affecting security footage across the globe, after security company Verkada is understood to have been breached by hackers. It is said that live streams for as many as 150,000 Closed-Circuit Television (CCTV) cameras may have been viewed by unauthorised users.
Serving organisations include prisons, general businesses, schools and even psychiatric hospitals. The breach of Verkada’s cameras may have exposed the identities of many people working in, living in, or visiting affected institutions.
It is unclear exactly which feeds hackers may have viewed and what they gleaned from the footage, but it is nevertheless worrying to learn that a security firm has been subjected to such a wide-reaching breach. There is currently no evidence that any NHS camera feeds were viewed by hackers, but Verkada lists the NHS as one of its clients on the company website. Hackers have also claimed that they have been able to access the cameras of any of the affected organisations.
A woman has recently reported receiving the coronavirus test result of another unknown woman, reportedly sent in a text message by the NHS. Not only did the text reveal the negative test status of the unknown woman, it is understood that it also listed her full name, birth date and the result of her test. The recipient of the message has expressed concern that such a data breach was allowed to occur, particularly given that she took a coronavirus test in early January.
Concerns about data privacy have been linked to the Test and Trace system since its beginnings, with several data breach incidents linked to the scheme, including a major error by Public Health Wales. It is concerning that data privacy has fallen short on occasions in the effort to control the Covid-19 outbreak, especially given that mistakes such as misdirected texts can be so easily avoided.
The Test and Trace system may be designed to protect public health, but that does not mean data breaches like this can go unnoticed.
Hospitals and doctors’ surgeries host visits from large numbers of patients every day, and are treated as places of safety and refuge for those with health issues. Unfortunately, despite the fact that patient-doctor confidentiality is a principle at the heart of the medical profession, some hospitals and healthcare sector organisations are letting down the patients who trust them by failing to protect private data.
We constantly hear how much strain the NHS is under, but the lack of resources and staff is not often seen from the perspective of cybersecurity and data protection. In the wake of the coronavirus outbreak, NHS staff were put under even greater pressure to meet the demands of controlling the virus and, in some cases, data protection has been further neglected.
It is essential that healthcare organisations see data protection as a high priority, or they risk exposing patient data, as has already been the case in many previous healthcare data breaches. Whether it is a case of government funding or internal organisational issues, all healthcare organisations must step up and meet the challenge of the ongoing, and increasing, cybersecurity risks that they face.
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.