[BreachExchange] HIV patients hit by NHS Highland email privacy breach
Destry Winant
destry at riskbasedsecurity.com
Tue Jun 18 10:29:56 EDT 2019
https://www.bbc.com/news/uk-scotland-highlands-islands-48662386
The email addresses of almost 40 people who have HIV have been made
public by mistake.
It is understood the 37 patients in the Highlands were able to see
their own and the others people's addresses in an email from NHS
Highland.
The message contained an invitation to a support group run by a sexual
health clinic at Raigmore Hospital in Inverness.
NHS Highland said it "deeply" regretted the breach of confidentiality.
A spokeswoman said the health board had contacted each patient and
apologised to them.
She added: "As per normal procedure, a formal internal review is being
conducted to understand how this has happened and to consider any
steps to avoid this happening in future."
The charity HIV Scotland has described the breach as "unacceptable".
Chief executive Nathan Sparling said: "Confidentiality is of paramount
importance when it comes to people living with HIV, and the decision
to disclose their status should be theirs and theirs alone.
"People affected by this leak will be understandably distressed, and
HIV Scotland stands ready to support all those affected."
Mr Sparling said he was pleased NHS Highland had instigated an investigation.
More information about the BreachExchange
mailing list