- Business
- Data Protection
Shorter Reads
1 minute read
Published 11 June 2020
Babylon Health is one of the largest and most successful players in the rapidly growing telemedicine sector, having secured funding last year to expand into the US and across Asia. However, they are now under scrutiny after their GP video appointment app suffered a data breach. The breach has resulted in video recordings of some patients’ consultations with doctors being accessible by other patients. One user noticed this and immediately alerted Babylon Health of this issue.
Although Babylon Health has said that only a small number of users could see other users’ consultations, the full extent of the data breach will only be known after there has been a complete investigation. The severity of a data breach does not only depend on the volume but also on the categories of data that have been compromised. In this case, it relates to patient information including data relating to health, which is treated as sensitive by the GDPR and the Data Protection Act and hence requires a higher degree of protection. One would therefore expect that Babylon Health has implemented enhanced security measures for the provision of their services. Instead, the breach, which resulted from a software error as opposed to a malicious cyber-attack, demonstrates that this may not be the case which is all the more worrying.
Babylon Health’s quick response might plead in their favour, but they are nonetheless at risk of a significant fine issued against them by the ICO, given the sensitive nature of the personal data that has been compromised. If it turns out however to be a minor breach, there is still reputational damage as some users will now be reluctant to use Babylon Health’s GP video appointment app, as is highlighted in the article.
Shorter Reads
Published 11 June 2020
Babylon Health is one of the largest and most successful players in the rapidly growing telemedicine sector, having secured funding last year to expand into the US and across Asia. However, they are now under scrutiny after their GP video appointment app suffered a data breach. The breach has resulted in video recordings of some patients’ consultations with doctors being accessible by other patients. One user noticed this and immediately alerted Babylon Health of this issue.
Although Babylon Health has said that only a small number of users could see other users’ consultations, the full extent of the data breach will only be known after there has been a complete investigation. The severity of a data breach does not only depend on the volume but also on the categories of data that have been compromised. In this case, it relates to patient information including data relating to health, which is treated as sensitive by the GDPR and the Data Protection Act and hence requires a higher degree of protection. One would therefore expect that Babylon Health has implemented enhanced security measures for the provision of their services. Instead, the breach, which resulted from a software error as opposed to a malicious cyber-attack, demonstrates that this may not be the case which is all the more worrying.
Babylon Health’s quick response might plead in their favour, but they are nonetheless at risk of a significant fine issued against them by the ICO, given the sensitive nature of the personal data that has been compromised. If it turns out however to be a minor breach, there is still reputational damage as some users will now be reluctant to use Babylon Health’s GP video appointment app, as is highlighted in the article.
Need some more information? Make an enquiry below.
Subscribe
Please add your details and your areas of interest below
Article contributor
Associate
Specialising in Intellectual property disputes, Data protection and Intellectual property
Enjoy reading our articles? why not subscribe to notifications so you’ll never miss one?
Subscribe to our articlesPlease note that Collyer Bristow provides this service during office hours for general information and enquiries only and that no legal or other professional advice will be provided over the WhatsApp platform. Please also note that if you choose to use this platform your personal data is likely to be processed outside the UK and EEA, including in the US. Appropriate legal or other professional opinion should be taken before taking or omitting to take any action in respect of any specific problem. Collyer Bristow LLP accepts no liability for any loss or damage which may arise from reliance on information provided. All information will be deleted immediately upon completion of a conversation.
Close