Defend free speech and individual liberty online. 

Push back against big tech and media gatekeepers.

Wales leaks data of COVID-19 test patients online

The database was online and open to the public for an entire day.
If you're tired of the destruction of civil liberties subscribe to Reclaim The Net.

Public Health Wales, the nation’s health agency, accidentally uploaded the information of 18,105 COVID-19 patients to an online public database. The information was accessible to any individual for at least 20 hours before it was removed.

Public Health Wales itself provided the information on what happened. The agency indicated that the personal data of more than 18,000 people affected by COVID-19 were erroneously uploaded to a public access database for more than 20 hours. Among the data included are the sex, geographic area, and date of birth of individuals.

PHW Chief executive Dr. Tracey Cooper said this human error should never have happened and that it was the largest data breach she has ever witnessed. So far, in 2020, the Welsh NHS has already suffered two major information breaches, which have required the Information Commissioner’s Office and the country’s government to investigate what happened.

According to the PHW, these data alone are not a problem for most people, as they offer very little to identify an individual. However, they recognized that there is a group of 1,928 people whose data can be particularly compromising (although, according to the agency, they should not represent a risk either) since they include their address of residence. This group is made up of those patients who live in nursing homes or support communities for the treatment of the virus.

Double your web browsing speed with today's sponsor. Get Brave.

The PHW also indicated that, during the time this data was available on the web, it was reviewed at least 56 times. Dr. Cooper said the information was released at 2:00 p.m. on August 30, and later that day someone was alerted to remove it. However, this person did not follow through with the protocol, which resulted in the data being deleted on September 1 at 9:55 a.m. The reason why faster action was not taken is still unknown.

Andrew RT Davies MS, a spokesperson for the Welsh Conservative party, said it was unacceptable for the health minister to release this information two weeks after the event occurred. His political counterpart, Rhun ap lorwerth MS, was also dissatisfied with the government, demanding an explanation about what happened and that they ensure better handling of the data to avoid accidents in the future.

With the coronavirus lockdowns leading to more data being collected by the government and health agencies, the leak of such data is a major setback in public trust at a time when many are already critical of government data collection.

Defend free speech and individual liberty online. 

Push back against big tech and media gatekeepers.

Share

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on telegram
Share on whatsapp