sb-eu logo
Story image

Breaking: NHS accidentally leaks data of 150,000 patients

04 Jul 2018

The NHS has reported that a coding error in its patient data management system has resulted in the data of 150,000 patients being mistreated.

According to a statement released by the Parliament, NHS Digital recently identified a supplier defect in the processing of historical patient objections to the sharing of their confidential health data.

The data for these patients was used in clinical audit and research aimed at driving improvements in outcomes for patients without their consent.

Objections recorded in GP practices running clinical software TPP’s system between March 2015 and June 2018 were not sent to NHS Digital.

As a result, these objections were not upheld by NHS Digital in its data disseminations between April 2016 and June 2018. Since being informed of the error by TPP, NHS has made the Department of Health and Social Care aware of the error on June 28. 

NHS Digital manages the contract for GP Systems of Choice on behalf of the Department of Health and Social Care.  Software vendor TPP has apologised unreservedly for its role in this matter and has committed to work with NHS Digital so that errors of this nature do not occur again.

This will ensure that patients’ wishes on how their data is used are always respected and acted upon. NHS Digital has said that it will write to all TPP GP practices to make sure that they are aware of the issue and can provide reassurance to any affected patients. 

NHS Digital will also write to every affected patient. Patients need to take no action and their objections are now being upheld. “There is not, and has never been, any risk to patient care as a result of this error,” the statement says.

NHS Digital has made the Information Commissioner’s Office and the National Data Guardian for Health and Care aware.

The NHS introduced a national data opt-out on May 25 with the intention of simplifying the process of registering an objection to data sharing for uses beyond an individual’s care.

The new arrangements give patients direct control over setting their own preferences for the secondary use of their data and do not require the use of GP systems.

Story image
Report: 151% increase in DDoS attacks compared to 2019
It comes as the security risk profile for organisations around the world increased in large part thanks to the COVID-19 pandemic, forcing greater reliance on cloud technology and thrusting digital laggards into quick and unsecured migrations.More
Story image
Proofpoint launches new SMB focused security awareness training
Proofpoint has launched security awareness training for small to medium businesses (SMBs) with the aim of reducing successful phishing attacks and malware infections to almost zero. More
Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More
Story image
Global DDoS attacks: What they are, how they work, and how to defend against them
Do not pay the ransom, and do make sure you've got strong DDoS protection, security firms warn.More
Story image
Gartner predicts 75% of CEOs to be liable for cyber-physical security incidents by 2024
The nature of CPSs means incidents can quickly lead to physical harm to people, destruction of property or environmental disasters – and Gartner’s new research indicates that these incidents will increase drastically in the next few years if the lack of spending on these assets continues.More
Story image
Ripple20 threat could affect 35% of all IT environments – ExtraHop
The vulnerabilities have the potential to ‘ripple’ through complex software supply chains, enabling attackers to steal data or execute code.More