NHS smartphone GP provider shares users’ consultation videos with other people after ‘software error’

Written by Sam Trendall on 10 June 2020 in News
News

ICO alerted to data breach at Babylon Health

Credit: Pixabay

Babylon Health, provider of the NHS GP at Hand service, has claimed that a “software error” caused videos of some patients' consultations with doctors to be shared with other users.

Yesterday, a user of the Babylon software tweeted the company revealing that the section of app that allows users to rewatch videos of previous medical consultations was offering him access to more than 50 videos – most of which were of other patients.

In response, Babylon indicated that one of its doctors had already alerted the company to the problem – which had been remedied. The incident had also been reported to data-protection regulators, it added.

“This should not have happened and we disabled patient access to this feature within two hours of one of our clinicians bringing it to our attention,” Babylon said. “Our data protection officer alerted the Information Commissioner’s Office, and we are sharing all necessary documentation with them. Only a very small number of patients were involved, and only one patient’s video was viewed. We have been in touch with everyone to offer our apologies and support.”

In a statement issued later on, the firm said that only three patients – all of whom had booked or held a doctor’s appointment yesterday – had been able to view recordings of other users’ consultations.

“This was the result of a software error rather than a malicious attack,” it said. “The problem was identified and resolved quickly. Of course, we take any security issue, however small, very seriously, and have contacted the patients affected to update, apologise to and support, where required.”

Babylon Health has an estimated 2.3 million registered users in the UK. Among these are more than 75,000 people – including health secretary Matt Hancock – who have switched their NHS GP registration to GP at Hand.

The program, which is currently available for citizens of London and Birmingham, offers video consultations around the clock, and aims to allow users to talk to a doctor within two hours. If a follow-up examination is required, it can offer physical appointments at a number of clinics in the two cities in which it currently operates.

 

About the author

Sam Trendall is editor of PublicTechnology

Share this page

Tags

Categories

CONTRIBUTIONS FROM READERS

Please login to post a comment or register for a free account.

Related Articles

Coronavirus has been a boon for cybercriminals
9 July 2020

Fake online shops, malware, phishing emails and ransomware attacks on hospitals have been among the scams perpetrated by bad actors during the pandemic

Government declines to set date for contact-tracing app
8 July 2020

Head of Test and Trace programme Baroness Harding says she does not want to specify a timeframe as projects often do not ‘run in a smooth way’

Contact-tracing success rate drops
26 June 2020

Data shows declines in the proportion of both confirmed cases and their contacts being reached by tracers

Related Sponsored Articles

Interview: CyberArk EMEA chief on how government has become a security leader
29 May 2020

PublicTechnology talks to Rich Turner about why organisations need to adopt a ‘risk-based approach’ to security – but first make sure they get the basics right