An error by NHS Highland led to all recipients of an email being able to see personal addresses.
NHS Highland, a health board in Scotland, has been reprimanded for a data breach that exposed the personal information of hundreds of HIV patients. The breach occurred when an employee sent an email containing a newsletter to a mailing list of around 900 people, but failed to use the "bcc" function to hide the recipients' email addresses. As a result, the email exposed the names and email addresses of hundreds of HIV patients, breaching their confidentiality. The Information Commissioner's Office (ICO) has issued a reprimand to NHS Highland, and has called on the health board to take steps to improve its data protection practices.
from BBC News - Technology https://ift.tt/50FOfbT
