Breach Candy data breach may expedite passage of Personal Data Protection Act

According to the news reports published today medical records of over 120 million medical images of Indian patients and 1 million medical records got exposed due to a cyber incident.  The records have been made available online freely by the attackers.

The records compromised included the patient records and scans and images with details such as the name of the patient, their date of birth, the national ID, name of the medical institution, their medical history, physician names and other details that are meant to be classified.

The incident is believed to have occurred due to the compromise of industry protocol for medical image storage and could have resulted from compromise of passwords of authorized persons.

While this sort of incidents could be termed as privacy infringement and the hospital could be liable for claim of damages from the affected patients, had the PDPA (Personal Data Protection Act ) been in place (Expected to be in place shortly), there could have been a hefty penalty imposed on the hospital by the Data Protection Authority.

For the time being the Breach candy hospital may escape liability but just as the “I Love You” virus expedited the passing of the Information Technology  Act in  2000 , the Breach Candy leak could expedite the passage of the PDPA bill presently in the Parliament.



Also refer: Economic times article

Print Friendly, PDF & Email
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.