cyber Breach

NHS Highland

Jul 9, 2023 1 min read
NHS Highland

The personal information of 284 diabetic patients was shared with more than 30 others as a result of a data breach at NHS Highland.

The mistake caused the patients' names, birthdates, contact information, and hospital identification numbers to become public.

The data had been entered into a spreadsheet along with notes about when patients attended or received training.

The next day, NHS Highland reported the issue to the Information Commissioner's Office (ICO), and it has written to those patients who were impacted.

No private information about medical history was disclosed.

Source: https://www.pressandjournal.co.uk/fp/news/highlands-islands/2679853/concern-as-personal-data-of-284-diabetic-patients-breached-at-nhs-highland/

TPRM report: https://scoringcyber.rankiteo.com/company/nhs-highland

"id": "nhs213011623",
"linkid": "nhs-highland",
"type": "Data Leak",
"date": "11/2020",
"severity": "25",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'customers_affected': 284,
                        'industry': 'Healthcare',
                        'name': 'NHS Highland',
                        'type': 'Healthcare'}],
 'data_breach': {'file_types_exposed': ['Spreadsheet'],
                 'number_of_records_exposed': 284,
                 'personally_identifiable_information': ['Names',
                                                         'Birthdates',
                                                         'Contact Information',
                                                         'Hospital '
                                                         'Identification '
                                                         'Numbers'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Names',
                                              'Birthdates',
                                              'Contact Information',
                                              'Hospital Identification '
                                              'Numbers']},
 'description': 'The personal information of 284 diabetic patients was shared '
                'with more than 30 others as a result of a data breach at NHS '
                "Highland. The mistake caused the patients' names, birthdates, "
                'contact information, and hospital identification numbers to '
                'become public. The data had been entered into a spreadsheet '
                'along with notes about when patients attended or received '
                'training. No private information about medical history was '
                'disclosed.',
 'impact': {'data_compromised': ['Names',
                                 'Birthdates',
                                 'Contact Information',
                                 'Hospital Identification Numbers']},
 'regulatory_compliance': {'regulatory_notifications': ['Reported to the '
                                                        'Information '
                                                        "Commissioner's Office "
                                                        '(ICO)']},
 'response': {'communication_strategy': ['Written to affected patients']},
 'title': 'Data Breach at NHS Highland',
 'type': 'Data Breach'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.