Data breach in medical practice: patient data online

Date: 26.11.2019

Responsible body: Telecom / Medical practice in Celle

Type of data protection violation: Patient data publicly accessible for several months

The patient data of a medical practice in Celle near Hanover were publicly accessible on the Internet for several months. The reason for the breakdown in data protection is said to have been a problem with a Telekom router. The medical practice reported the data leak last Friday to the Lower Saxony supervisory authority.

Telekom announced that the problem had been known since May, but that no further cases of data breaches had occurred. The data leak was fixed by an update of the router.

Media reports mention 30,000 patient files, but this figure has not yet been officially confirmed. Should further examination reveal that the volume has been correctly classified, it can be assumed that there is an extensive data mismatch. In this case, it would have to be examined whether Telekom would have to be held liable for the data leakage.

Categories of data: Details on diseases / medications as well as employment contracts, donations and business analyses of the practice

Country: Germany, Celle

Source: South German

Back to the overview of the data breaches