How Did Babylon Health’s Response To Its Data Breach Measure Up?

Babylon Health suffered a data breach where users of the GP remote consultation service were able to access videos of other patients’ appointments with their doctor. The issue came to light on 9 June 2020, when a user announced on Twitter that he was able to access about 50 videos of other patients’ appointments. Babylon Health has since issued a statement confirming that they had resolved the ‘software error’ rather than a malicious attack.  The company later confirmed that their investigation showed, “three patients, who had booked and had appointments, were incorrectly presented with recordings of other patients’ consultations through a subsection of the user’s profile within the app but had not viewed them.

Experts Comments

June 12, 2020
Toni Vitale
Partner and Head of Data Protection
JMW Solicitors LLP
As they are legally required to do, Babylon Health reported the data breach to the Information Commissioner’s Office within 72 hours. Although the app has over 2.3 million users in the UK, it appears that only a handful were affected. This may have a bearing on the level of fine imposed by the ICO which can take into account the number of people affected. The ICO will also consider how swiftly Babylon Health reacted, fixing the error and communicating with patients. However, any breach of.....Read More
As they are legally required to do, Babylon Health reported the data breach to the Information Commissioner’s Office within 72 hours. Although the app has over 2.3 million users in the UK, it appears that only a handful were affected. This may have a bearing on the level of fine imposed by the ICO which can take into account the number of people affected. The ICO will also consider how swiftly Babylon Health reacted, fixing the error and communicating with patients. However, any breach of health-related data will cause much distress, particularly as videos of their private medical consultations have been made available to others. The ICO has the power to fine Babylon Health up to 4% of its worldwide annual turnover and the affected patients may each be entitled to claim compensation from Babylon Health. Given the sensitivity of the breach this could be many thousands rather than hundreds of pounds.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts