Babylon Health said it had recently leaked data, including confidential patient information. Babylon Health is a UK healthcare provider, valued at more than $ 2BN, offering teleotherapy to patients, ie remote consultation with physicians and healthcare professionals. messages and videos, through application her for mobile. The news about the leaked patient data was revealed through him Twitter, when a user of Babylon's video chat app revealed that he could see other patients' appointments. At a time when the adoption of teletherapy services is increasing more and more due to its pandemic Mesures COVID-19, such incidents indicate the weak character of teletherapy, as well as the importance of adequate protection cybersecurity and secrecy to prevent the leakage critical patient information.
At this point it is worth mentioning what Ted Wagner, Director of Information Security at SAP's National Security Services, said in an interview, and Sebastian Seiguer, its CEO. emotha, a tele-health company. In particular, Ted Wagner said that due to the pressure to provide teletherapy services to the public, not all collaboration systems have been fully tested. safety. He added that the Babylon Health data leak was most likely due to a software bug and not a malicious attack. He also noted that it is important that telecommunications providers prioritize the security of confidential information, as many personal and sensitive data are at stake. As the use of these services expands, so does the risk to the data. Over time, data leaks will hit providers that do not prioritize security. This way, customers will choose teledoc providers that they can trust, and they in turn will have information protection frameworks, such as HITRUST CSF. A thorough safety investigation is necessary as it may detect technical problems or vulnerabilities.
Sebastian Seiguer pointed out the impact that the leakage of personal data has on patients, while also mentioning what can be done to ensure the security of their privacy. In particular, he said that data leaks inevitably lead to a loss of trust, especially in patients who have been stigmatized by certain situations. Companies have a great responsibility to protect their users. If they do not respond properly, the new consumer - the patient will go somewhere else.
In addition, Ted Wagner stressed that the maturity of video collaboration technology allows secure communications, but requires a combination of people, technology and procedures to effectively mitigate security risks. There is a problem with the expansion of this technology to the general public, which may come from different platforms. Using multi-factor authentication, encryption, and strict access control may mitigate these risk factors, but some of them may make tele-health less accessible. Users who have access to the service from a less secure location or platform can open the way to cyber attacks.
Sebastian Seiguer said there are many safety features to protect consumers and patients. A leak or violation will be punished by existing frameworks. There is no need for another level of bureaucracy.
Finally, Ted Wagner stressed that, given the current NIST security checks and HIPAA regulations, he believes that there is sufficient guidance on how to ensure cooperation platforms. He also stated that the errors presented by Zoom point out the fact that software errors will occur over time and timely software updates are the "key" to reducing risks. Good security is an ongoing and demanding process. It is not enough to have security checks, but organizations must also monitor and update their systems regularly.