Skip to main content

HCA International fined 200k for Data loss #ITSecurity #DataSecurity #unencrypted


HCA International Ltd, private health firm are the latest to be fined by the ICO. They have been fined £200,000 for failing to keep data secure after it was found that conversations had by IVF patients were online.
Audio recordings of interviews with patients were being sent to a company unencrypted in India for transcription. The Indian company was unable to maintain secure access due to an unsecure server.
By failing to ensure its subcontractor had acted responsibly, HCA International failed to comply with the seventh data protection principle.
More details on the monetary penalty notice click here
Supplier Risk is a huge concern for most companies - You may have all the bells and whistles when it comes to security your infrastructure but your partners may not. Failing to ensure due diligence in the Supply chain costs - with HCA it was £200,000 - next year it would of been much more!! #EUGDPR
Labels:

Comments

Post a Comment

Popular posts from this blog

New Venture

It's good to be back blogging...the last time I posted I worked as a Customer Success Manager for a DNS company. Since then, I have ventured to the CDN world, with the added mix of Cyber Security, WAF. Cyber Security is a true passion of mine and after nearly 10 years in this space, I love seeing how the industry and technology place has progressed and also ironically, stayed the same. I have enjoyed seeing the likes of Jane Frankland prosper in the field and be truly recognised as a thought leader with 'Women in Security' and her bestselling book 'IN Security'. Over the last few years I have met some truly amazing people, connected through the Women in Leadership platform which introduced me to a range of great individuals that broaden my knowledge into work places, diversity and pushing your own voice. Customer Success (CS), as a function is and should be the core of any business, concentrating on retention, relationship, client advocacy, project managing ...
Post a Comment
Read more

Time to get serious in 2015

Security professionals are faced with the on-going problem of stakeholders under-estimating the security flaws within their organisation. In most cases this is not the failing of the security team but depending on the market/vertical, teams are faced with budget constraints, redundancies, or most commonly, companies not taking responsibility that Security starts within. This means educating internal staff to take responsibility from the moment they walk into the office; I.e. The devices they bring, the doors that they open to 'guests',  the confidential conversations they have in open areas and the general ethos. Furthermore, there is the responsibility of your key suppliers and other third parties that you share information with.  You may have all the IT/Cyber security gadgets and resources you need but what are your suppliers doing with that data? Do they share the same vision for security and are they as vigilant as you? How do you measure that in an effici...
Post a Comment
Read more