A former staff member at Withybush Hospital inappropriately accessed electronic patient hospital records.
That individual is no longer employed by Hywel Dda after breaching patient confidentiality.
All patients affected have been contacted and offered the opportunity to discuss the situation with the health board.
TPRM report: https://www.rankiteo.com/company/hywel-dda-university-health-board
"id": "hyw24824522",
"linkid": "hywel-dda-university-health-board",
"type": "Breach",
"date": "6/2017",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Healthcare',
'location': 'Wales, UK',
'name': 'Withybush Hospital',
'type': 'Healthcare Facility'}],
'attack_vector': 'Insider Threat',
'data_breach': {'file_types_exposed': ['Electronic Patient Records'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Patient Records']},
'description': 'A former staff member at Withybush Hospital inappropriately '
'accessed electronic patient hospital records.',
'impact': {'brand_reputation_impact': 'Potentially Significant',
'data_compromised': ['Patient Records'],
'systems_affected': ['Electronic Patient Records System']},
'motivation': 'Unknown',
'response': {'communication_strategy': ['Notifying Affected Patients',
'Offering Discussion Opportunities'],
'remediation_measures': ['Termination of Employee',
'Contacting Affected Patients']},
'threat_actor': 'Former Employee',
'title': 'Unauthorized Access of Patient Records at Withybush Hospital',
'type': 'Data Breach',
'vulnerability_exploited': 'Unauthorized Access'}