[MyData & Open Data] London HIV clinic accidentally reveals hundreds of patients' identities
Walter van Holst
walter.van.holst at xs4all.nl
Wed Sep 2 14:32:06 UTC 2015
On 2015-09-02 16:12, Zara Rahman wrote:
> ..and to add to that, the recipients of the newsletter never actually
> *signed up* to receive the newsletter, they just seem to have been
> added without an opt-in.
Which is dodgy from an ethical point of view, and definitely from a data
protection perspective. It is not out of line regarding anti-spam
legislation though: there was an existing relationship.
That said, the mere existence of that newsletter is an appalling breach
of doctor-patient confidentiality to begin with. Even without their
monumental screw-up regarding the use of the To: or Cc: field.
Let's hope both CIO and whatever government agency is in charge of
regulating healthcare in the UK throws the book at them. All of this is
a less useful example of open data and privacy issues. It's too bleeding
obvious.
Regards,
Walter
More information about the mydata-open-data
mailing list