It has been revealed that the National Institute for Health and Welfare (THL) in Finland suffered a data breach affecting almost 6,000 patients. THL was informed of the online leak in August 2017 by the Data Protection Ombudsman. The leaked data was subsequently removed from the two online services and search engine caches.
The affected data comprised names, personal identity codes and one laboratory result that related to antibiotic resistance between 2005 and 2015. The incident was caused by human error after an employee used the data “preparing presentation material for reporting purposes”. It has been described as an “isolated case”.
Affected patients have been informed by letter and advised to check their financial information as a precaution. No information misuse has been reported at this stage.
Juhani Eskola, director general of THL, said:
Although this is an example of human error rather than a deliberate action, it highlights the importance of effective staff training to ensure that they know how to treat confidential information.
Finnish authorities have recently begun the process of examining how national personal data storage complies with the new General Data Protection Regulation (GDPR). Read more here >>
Educate your staff
Information security is critical within the business environment. Enrol your staff on our Information Security Staff Awareness E-Learning Course so that they gain a better understanding of what is expected of them. The course advises staff on how to avoid becoming a security liability, introducing them to your internal policies on incident reporting and responses. Your staff are on the frontline, so give them the awareness training they need.