NHS smartphone GP provider shares users’ consultation videos with other people after ‘software error’
ICO alerted to data breach at Babylon Health
Babylon Health, provider of the NHS GP at Hand service, has claimed that a “software error” caused videos of some patients' consultations with doctors to be shared with other users.
Yesterday, a user of the Babylon software tweeted the company revealing that the section of app that allows users to rewatch videos of previous medical consultations was offering him access to more than 50 videos – most of which were of other patients.
In response, Babylon indicated that one of its doctors had already alerted the company to the problem – which had been remedied. The incident had also been reported to data-protection regulators, it added.
“This should not have happened and we disabled patient access to this feature within two hours of one of our clinicians bringing it to our attention,” Babylon said. “Our data protection officer alerted the Information Commissioner’s Office, and we are sharing all necessary documentation with them. Only a very small number of patients were involved, and only one patient’s video was viewed. We have been in touch with everyone to offer our apologies and support.”
In a statement issued later on, the firm said that only three patients – all of whom had booked or held a doctor’s appointment yesterday – had been able to view recordings of other users’ consultations.
“This was the result of a software error rather than a malicious attack,” it said. “The problem was identified and resolved quickly. Of course, we take any security issue, however small, very seriously, and have contacted the patients affected to update, apologise to and support, where required.”
Babylon Health has an estimated 2.3 million registered users in the UK. Among these are more than 75,000 people – including health secretary Matt Hancock – who have switched their NHS GP registration to GP at Hand.
The program, which is currently available for citizens of London and Birmingham, offers video consultations around the clock, and aims to allow users to talk to a doctor within two hours. If a follow-up examination is required, it can offer physical appointments at a number of clinics in the two cities in which it currently operates.
Canadian academics claim that attack on No. 10 using Pegasus software was launched from the UAE
Contract signed with consultancy Mason Advisory
Project is separate to a wider piece of work to collate all information on national provision of ‘continuing healthcare’ services
Commercial documents reveal existing scheme for rare instances of severe adverse reactions expects approximately twentyfold increase in usage