A medical practice in Co Armagh has signed an undertaking with the UK regulator to improve how it looks after patients information following a data security breach.
The breach was created when a free web-based email account, used by the Burnett Practice to inform patients of upcoming smear test appointments, was hacked.
The practice only became aware of the problem when patients reported receiving strange emails claiming to be from a doctor at the surgery, asking them to provide their bank account details. In this instance no sensitive information was accessed by the hackers, however the account included the email addresses of approximately 175 of the practice s patients.
This is just one example of the security risks that employee and owners of organisations and small businesses are unwittingly creating within their organisations. The email account was set up in good faith, but without sufficient security measures and business protocols to protect the surgery against the risk of patient details being compromised.
If your organisation holds private and personal data about clients, employees, volunteers or associates, call us today on 0800 122 3010 for a System Risk Review on your system and IT policies and protocols.