Skip to main content

HCA International fined 200k for Data loss #ITSecurity #DataSecurity #unencrypted


HCA International Ltd, private health firm are the latest to be fined by the ICO. They have been fined £200,000 for failing to keep data secure after it was found that conversations had by IVF patients were online.
Audio recordings of interviews with patients were being sent to a company unencrypted in India for transcription. The Indian company was unable to maintain secure access due to an unsecure server.
By failing to ensure its subcontractor had acted responsibly, HCA International failed to comply with the seventh data protection principle.
More details on the monetary penalty notice click here
Supplier Risk is a huge concern for most companies - You may have all the bells and whistles when it comes to security your infrastructure but your partners may not. Failing to ensure due diligence in the Supply chain costs - with HCA it was £200,000 - next year it would of been much more!! #EUGDPR

Comments

Post a Comment

Popular posts from this blog

Tesco - Sit up and listen

Now I am coming off IT/Cyber Security news for a moment to quickly discuss my thoughts around Tesco's recent reported huge loss in profits -  http://www.bbc.co.uk/news/business-32408661   Tesco has reported the worst results in its history with a record statutory pre-tax loss of £6.4bn for the year to the end of February. Let me start this article/blog by saying, I am no writer and admittedly my grammar is terrible but I will swallow my pride and type away to my hearts content. This is a small piece that doesn't cover everything just thoughts. Taking a step back a moment:  I spent my time at University studying Business and Marketing and I don't claim to be a genius in my field but after watching a BBC report on the recent news made by Tesco, I was dumbfounded to find out Tesco's first grocery store opened nearly 100 years ago.  In the ongoing 'Store wars' with rivals such as Lidl, Aldi, Asda, Morri...

Top 5 Considerations for Effective Security Awareness #ITSecurity #SecurityAwareness #PeopleIssue

"If you want to change attitudes, start with a change in behaviour"  This quote was taken by William Glasser, an American psychiatrist. I think it's really relative to this subject, as a user, you may be fully aware of IT/Cyber Security and how your actions can reflect on the company you work for...However it doesn't mean it is going to change the way you work. As a company you need to start to change users   behaviours ... The below is taken from the company I work for ZeroDayLab  blog, which I feel, are the key components to Security Awareness/Behaviour Training. Top 5 are below (part 2 to follow) Interested in the datasheet? please let me know... Security, The Risk of Human Error...& a Tricky Thing Called Motivation… Top 10 Considerations for Truly Effective Security Awareness Training Even though 52% of breaches are attributed to human error, security awareness is still quite a new thing for many companies....