Roche exposes medical details on website

The medical testing arm of pharmaceutical giant Roche has exposed the personal and medical details of UK customers on its website. The firm has admitted the security breach but has not explained how it happened. Customers who had registered their details with Roche Diagnostics received the first edition of an email newsletter on Wednesday which included a link via which they could update their personal details.

Users who clicked on that link were directed to a Roche website which displayed the details of someone else.

“I saw the details of the same person several times, then it changed and I saw another person’s details several times,” said Tim Trent, a newsletter recipient who is also a marketing and privacy specialist. “In all I saw six other people’s details.”

{Americans who take medication or seek knowledge about health issues enter very sensitive personal health information into drug company and health websites without understanding the massive privacy risks they expose themselves to. The story below from the UK shows one type of privacy risk from entering personal information on a corporate website: the website may be so poorly designed that your health records can be exposed to strangers. But keep in mind, the most significant privacy risk when you surf, search, or enter personal health data into ANY commercial website site is the website owner can use and sell your sensitive personal health and demographic information. Americans trust those who offer help and information about medical illnesses thanks to centuries of experience with doctors who upheld the Hippocratic Oath and protected their secrets. But corporations do not take the Hippocratic Oath. Corporations are bound by laws that require the fiduciary interests of stockholders to come first. By masquerading as “part of your health team” American corporations seek to make you think they will take care of you and preserve your privacy. Buyers beware.” ~ Dr. Deborah Peel, Patient Privacy Rights}

Leave a Reply

Your email address will not be published. Required fields are marked *