Secretary Fined For Accessing Scores of Patient Records

A former NHS secretary has been fined by the data protection regulator after illegally accessing the medical records of over 150 people. The Information Commissioner's Office said that a complaint was first lodged back in June 2019, after a patient raised concerns that their records had been improperly accessed by Loretta Alborghetti, from Redditch. Alborghetti worked as a medical secretary within the ophthalmology department of Worcestershire Acute Hospitals NHS Trust. She accessed this particular individual's records 33 times without consent between March 2019 and June 2019, a subsequent ICO investigation found. The regulator then found that she had accessed a total of 156 patient records without consent or a business need, viewing them more than 1800 times within the three-month period. This included the records of individuals and their family members with postcodes local to where she lived at the time. The people whose records she accessed apparently had no medical conditions relating to ophthalmology. ICO head of investigations, Andy Curry, argued that the public shouldn't have to think twice about whether their medical data is in safe hands. "We want to remind those in positions of trust that just because your job may grant you access to other people's personal information, that doesn't mean you have the legal right to look at it for your own purposes," he added. "This case shows that the ICO will take action when confidential personal records are accessed unlawfully. Curiosity is no excuse for breaching data protection laws." The size of the fine handed to Alborghetti arguably falls short of that needed to send a clear message to others. She pleaded guilty to unlawfully obtaining personal data in breach of Section 170 of the Data Protection Act 2018, according to the ICO..

This Cyber News was published on www.infosecurity-magazine.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to Secretary Fined For Accessing Scores of Patient Records

Cybersecurity in the Healthcare Industry: Protecting Patient Data - In the rapidly advancing era of technology, the healthcare industry faces a critical challenge: protecting patient data from cyber threats. This article will emphasize the significance of cybersecurity in the healthcare industry and explore the ...
8 months ago Securityzap.com
Secretary Fined For Accessing Scores of Patient Records - A former NHS secretary has been fined by the data protection regulator after illegally accessing the medical records of over 150 people. The Information Commissioner's Office said that a complaint was first lodged back in June 2019, after a patient ...
10 months ago Infosecurity-magazine.com
Electronic Frontier Foundation - We're not just talking about the ballot box, but the everyday power we all have to demand government agencies make their records and data available to public scrutiny. At every level of government in the United States, there are laws that empower the ...
7 months ago Eff.org
Mend's Handy Guide to Using EPSS Scores - EPSS is a relatively recent addition to the world of freely available security scoring systems. While it's not without its flaws and limitations, EPSS can be a powerful predictor of exploits to come and a useful tool in your arsenal, as long as you ...
9 months ago Securityboulevard.com
Patch management needs a revolution, part 3: Vulnerability scores and the concept of trust - Vulnerability ratings are the foundation for a good risk-based vulnerability management program, especially if they're from a trusted party. Red Hat champions the notion of risk-based vulnerability management. For every vulnerability affecting our ...
8 months ago Redhat.com
Data Breaches in US Schools Exposed 37.6M Records - Since 2005, educational institutions in the United States have experienced 3713 data breaches, impacting over 37.6m records. According to new data by Comparitech, 2023 marked a record year, with 954 breaches recorded - a dramatic rise from 139 in ...
4 months ago Infosecurity-magazine.com
Claroty Team82: 63% of Known Exploited Vulnerabilities Tracked by CISA Are on Healthcare Organization Networks - PRESS RELEASE. NEW YORK and ORLANDO, Fla., March 12, 2024/PRNewswire/ -Claroty, the cyber-physical systems protection company, released today at the annual HIMSS24 conference a new report that uncovered concerning data about the security of medical ...
6 months ago Darkreading.com
Future Health: AI's Impact on Personalised Care in 2024 - As we dive into the era of incorporating Artificial Intelligence into healthcare, the medical sector is poised for a profound transformation. AI holds immense potential in healthcare, offering groundbreaking advancements in diagnostics, personalised ...
9 months ago Cysecurity.news
What we learned over coffee at the year's biggest healthcare event - Healthcare organizations are dedicated to providing exceptional care, prioritizing the patient's satisfaction and experience through a patient-centered approach. This approach ensures patients are firmly at the center of their care and engaged in ...
4 months ago Feedpress.me
Hospitals Must Treat Patient Data and Health With Equal Care - COMMENTARY. Hospitals are in the crosshairs: As collectors of some of the most personal and sensitive data available, hospitals are a prime target for hackers and cyberattacks. Patient data needs to be treated with as much care and sensitivity as the ...
9 months ago Darkreading.com
What is the EPSS score? How to Use It in Vulnerability Prioritization - Its purpose is to make it easier for security teams to prioritize vulnerability remediation better. The EPSS model collects information about the vulnerability from all the sources I mentioned above. On this phase the machine analyzes the connection ...
9 months ago Heimdalsecurity.com
Quest Diagnostics pays $5M for dumping patient data, waste The Register - Quest Diagnostics has agreed to pay almost $5 million to settle allegations it illegally dumped protected health information - and hazardous waste - at its facilities across California. This sum won't hurt at all for the corporation, one of the ...
7 months ago Go.theregister.com
Missouri secretary of state accused of withholding cybersecurity reviews of election authorities - Missouri Auditor Scott Fitzpatrick released an audit report on Monday that alleges Missouri Secretary of State Jay Ashcroft refused to provide him with copies of the cybersecurity reviews of Missouri's 116 local election authorities, which he said ...
8 months ago Statescoop.com
Radiology provider exposed tens of thousands of patient files | Malwarebytes - The credentials gave them access to I-MED’s radiology patient portal, and with that, to files showing patients’ full names, dates of birth, sex, which scans they received, and dates of the scans. An anonymous person has disclosed that they gained ...
1 week ago Malwarebytes.com
Health Care Network in Crisis: Cyberattack Shuts Down Operations Across US - In a statement released Thursday evening by Ascension Hospital, a nonprofit network based in St. Louis with 140 hospitals across 19 states, it was also reported that electronic health records, some phone systems, as well as several systems used to ...
5 months ago Cysecurity.news
Cerebral to pay $7 million settlement in Facebook pixel data leak case - The U.S. Federal Trade Commission has reached a settlement with telehealth firm Cerebral in which the company will pay $7,000,000 over allegations of mishandling people's sensitive health data. Cerebral is a remote telehealth company that provides ...
5 months ago Bleepingcomputer.com
IT consultant in Germany fined for exposing shoddy security The Register - A security researcher in Germany has been fined €3,000 for finding and reporting an e-commerce database vulnerability that was exposing almost 700,000 customer records. Back in June 2021, according to our pals at Heise, an contractor identified ...
8 months ago Theregister.com
Why healthcare data is often the target of ransomware attacks - Healthcare data in recent years has been a very lucrative target for cyberattacks, particularly ransomware, with attackers holding healthcare information, and potentially patient lives, for ransom. Cybercriminals are increasingly focusing on ...
4 months ago Techtarget.com
You should be worried about cloud squatting - Most security issues in the cloud can be traced back to someone doing something stupid. I do see misconfigured cloud resources, such as storage and databases, that lead to vulnerabilities that could easily be avoided. Although cloud squatting is ...
9 months ago Infoworld.com
Africa, Middle East Lead Peers in Cybersecurity, but Lag Globally - Both Africa and the Middle East lead their economic peers in cybersecurity, but the regions fall short of claiming strong scores for overall cyber resilience. According to data published by SecurityScorecard on Jan. 15 at the World Economic Forum ...
8 months ago Darkreading.com
Ransomware Attack Demands Reach a Staggering $5.2m in 2024 - The average extortion demand per ransomware attack was over $5.2m in the first half of 2024, according to a new analysis by Comparitech. This figure was calculated from 56 known ransom demands issued by threat actors from January-June 2024. The ...
3 months ago Infosecurity-magazine.com
German IT Consultant Fined Thousands for Reporting Security Failing - After discovering and reporting a vulnerability in an e-commerce database that was putting customers and their personal information at risk, a security researcher in Germany was fined €3,000 for doing so. In 2021, a contractor, known as Hendrik H., ...
8 months ago Darkreading.com
Mastermind Behind Biden AI Deepfake Indicted for Robocall Scheme - A political consultant identified as the individual who paid for a deepfake robocall created to impersonate US President Joe Biden has been indicted on charges of felony voter suppression as well as misdemeanor impersonation of a candidate. Steven ...
4 months ago Darkreading.com
Wyden Releases Documents Confirming the NSA Buys Americans' Internet Browsing Records - PRESS RELEASE. Washington, D.C. - U.S. Senator Ron Wyden, D-Ore., released documents confirming the National Security Agency buys Americans' internet records, which can reveal which websites they visit and what apps they use. In response to the ...
8 months ago Darkreading.com
SW Ontario hospitals confirm patient data compromised in cyberattack - As the fallout from last week's cyberattack against five southwestern Ontario hospitals continues to spread, the organizations confirmed Tuesday that patient information was stolen and they now fear the blackmailers might publish it online. TransForm ...
10 months ago Windsorstar.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)