Data breach from Kochi hospital! 2 lakh patient records found on net

Thiruvananthapuram: Data privacy is a sensitive issue as Information Technology leaves no aspect of our lives untouched. Even as Kerala recently debated over the propriety of handing over COVID-19 records of public to a Western agency, around 2 lakh patient records of a prominent multi-speciality hospital in Kochi were reportedly leaked on the internet.

Medical data such as test results, prescriptions, and lab reports of patients who sought treatment at the hospital in the last six years are available online. This also included highly confidential forms submitted by patients, giving consent for HIV tests.

Experts point out that this could be one of the biggest such breach of medical records even in the country. The issue was flagged by Keralite Oommen C Kurian, the head of the health department at the Delhi-based Observer Research Foundation (ORF). The hospital also has a COVID-19 testing lab and the database included COVID reports of thousands of people as well.

Folders that should have been kept highly secured were left easily accessible for anyone on the internet, leading to the data breach. After the ORF alerted, the hospital authorities partially blocked the access to the folders.

Oommen C Kurian said that these online folders had several GB of data. Apart from the details on the ailments, the records contained crucial information such as email id and phone numbers.

All patients were listed on a single index page, making it easy for the cyberfraudsters to download these.

The comments posted here/below/in the given space are not on behalf of Onmanorama. The person posting the comment will be in sole ownership of its responsibility. According to the central government's IT rules, obscene or offensive statement made against a person, religion, community or nation is a punishable offense, and legal action would be taken against people who indulge in such activities.