Personal Data can refer to any information that is collected about any individual and/or Company whether it is physical information stored online or otherwise in Company records.
by Victor Cherubim
In days, if not months or years gone by, stealing was primarily of cash, goods, lands, even Cattle, sheep or goats. Today, stealing or hacking is much to do with health identity care theft, as well as Intellectual Property.
The global pandemic has spurred a digital revolution from purchasing goods and services, to visiting a COVID-19 Vaccination Centre, to working and learning from home, people have doubled the amount of disclosure of their privacy, including their health details, to the amount of time spent on line. Not surprisingly with this massive digital footprint and migration, cybercrime especially about Personal Health Data, about Vaccine Platforms, Medical Research among others, has reached an all-time high.
Why Hackers are after Personal Health Data?
Hackers have made many attempts on Medical Records including of the critically vulnerable, together with the test results, stats, cures as well as research data that can accelerate vaccine immunity and other treatments, including Intellectual Property. Individuals and firms have at times been cagey and left phony or doctored details to the surprise of Cyber Criminals.
While the world is focussed on both control of the pandemic, and its variants plus the economic consequences, cyber criminals particularly have concentrated on using the pandemic to their advantage.
How information gets leaked?
Who said, “A chain is only as strong as its weakest link.” Records of people vaccinated, people on furlough, statistical data of people working from home, data similar to the “Tony Blair Foundation”which may nearly get away by claiming £ 80 thousand from the Exchequer thanks to furlough claims?Or claims from ordinary people who have used the pandemic as an alibi to stay on furlough, or claim COVID leave. According to reports, they have all been subject to cybercriminal scrutiny. Many workers have cut corners weakening their own and their employer’s personal and office computers’ security, either without proper training, proper infrastructure and exposed these devices to Cyber criminals. There have been leakage of information through so called “anti-virus” protection programs with employees working from home. Days at home during Lockdown, days at the office, devices hardly protected against risky cyber behaviour. Many, many employees had not had previous training in cyber security or how to cope with surveillance, perhaps, were the most exposed.
What regulation is in place for control of health and private information?
We know that despite firms being regulated by the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018, which was brought into effect to ensure that any Collecting of Personal Data required a “duty of care” to protect that data in a safe and secure manner. We are also aware it is extremely difficult to enforce these controls at emergency times?
What is Personal Data?
Personal Data can refer to any information that is collected about any individual and/or Company whether it is physical information stored online or otherwise in Company records. Data Protection breach may occur at any time either due to malicious action, a hack or incompetent use or other.
We are aware of a plethora of bodies, far too many types of Security agencies, types of Intelligence Gathering services, including the Police, Local Authorities, Educational institutions, Retailers, Restaurants, Gyms, Health Authorities like the NHS, Credit Agencies,
Credit Rating Agencies and even the Government – all on the act of collecting and storing personal data, including health data. It is far too much of a risk as Cyber Criminals knowthe weakest link.
Cyber Criminals are also adept at trading this information for ransom. Personal Health Information is much sought after by Life Insurance companies, Credit Rating Agencies and others.Data especially Health Data after COVID-19 is most valued information.
The Public Awareness
As much as we maybe paranoid of privacy, we cannot however, live a life in fear of Data Disclosure. Fear of transgression, accidental disclosure, lost or misfiled medical records are all waiting in the wings to occur at some time. The public has a bounden duty to be aware and take regular checks and risk assessment of their health records. We need to be able to access where we are most vulnerable and take the necessary vulnerability assessment, level of exposure, perhaps, Cyber Analytics, to contain the breach and mitigate the damage, in good time.