Thiruvananthapuram: Data privacy is a sensitive issue as Information Technology leaves no aspect of our lives untouched. Even as Kerala recently debated over the propriety of handing over COVID-19 records of public to a Western agency, around 2 lakh patient records of a prominent multi-speciality hospital in Kochi were reportedly leaked on the internet.
Medical data such as test results, prescriptions, and lab reports of patients who sought treatment at the hospital in the last six years are available online. This also included highly confidential forms submitted by patients, giving consent for HIV tests.
Experts point out that this could be one of the biggest such breach of medical records even in the country. The issue was flagged by Keralite Oommen C Kurian, the head of the health department at the Delhi-based Observer Research Foundation (ORF). The hospital also has a COVID-19 testing lab and the database included COVID reports of thousands of people as well.
Folders that should have been kept highly secured were left easily accessible for anyone on the internet, leading to the data breach. After the ORF alerted, the hospital authorities partially blocked the access to the folders.
Oommen C Kurian said that these online folders had several GB of data. Apart from the details on the ailments, the records contained crucial information such as email id and phone numbers.
All patients were listed on a single index page, making it easy for the cyberfraudsters to download these.
