Kingsley Hayes examines data violations in the health sector

Kingsley’s article was published in Legal Futures, 15 July 2021, and can be found here.

Recently published data has revealed that the health sector had the highest number of non-cyber related data breach incidents between April and June. The sector was responsible for more than a quarter of all reported incidents (27%).

The Information Commissioner’s Office (ICO) revealed that there were 499 non-cyber related data breaches over the three-month period. More than a fifth (22%) of these were a result of confidential information being lost or stolen.

Kingsley Hayes, head of data breach at Keller Lenkner UK, said: “The health sector holds large volumes of highly confidential information from names, addresses and contact details, to sensitive medical records.

“It is concerning that it continues to appear amongst the worst affected sectors for data protection breaches. Human error is an ongoing and significant risk. The pressure of the pandemic will likely result in more avoidable mistakes that could lead to serious ramifications for those affected.

“The report also places the health sector in second place for reported cyber related data breaches. More than a fifth (21%) of those impacting the health sector were as a result of ransomware. As health services continue to be stretched beyond capacity, the risk to the protection of the private information held will remain high.”