Babylon Health, which operates an app that gives patients the opportunity to have private consultations with their GP via video call, has suffered a data breach.
The app, which experienced a surge in popularity during lockdown due to practices being closed, is currently under investigation for the alleged breach.
The data breach came to light when user Rory tweeted that he had access to more than 50 recordings for other patient consultations, as well as his own:
@babylonhealth Why have I got access to other patients video consultations through your app? This is a massive data breach. Over 50 video recordings are on this list! pic.twitter.com/hgkxiNWxZk
— Rory G (@Rory_Glover) June 9, 2020
The company confirmed the breach to the BBC on 9 June, stating a ‘software error’ related to a feature that lets users switch from audio to video-based consultations part-way through a call had caused a ‘small number’ of UK users to be able to see others’ sessions. Babylon Health claimed just three users were able to access other patients’ data.
Of course, questions need to be asked as to how and why this breach was allowed to occur and why consultations were being recorded.
Mark Montaldo, who heads up the data breach team here at CEL Solicitors, said: “Similarly to Zoom, which struggled to manage a drastic increase in usage during lockdown, Babylon Health has seen a rise in the number of ‘virtual patients’, as GP practices operate under new rules.
“However, such a serious data breach like this – which is likely to have affected many more than three users – is one that requires action and accountability. We’re calling for any users of the app to contact us so we can thoroughly investigate whether their private consultations have been readily available for anyone to view.”
