Thread: UK probe reveals breach of data security in India

Since we have the same Indian companies in the US handling our medical records, it is safe to assume that American medical records are up for sale there, too.

http://economictimes.indiatimes.com/lat ... 136241.cms

UK probe reveals breach of data security in India

18 Oct 2009, 1515 hrs IST, PTI

LONDON: A British TV investigation has revealed that confidential medical records sent to India for computerisation are being offered for sale,
sparking another round of concern over breach of data security in that country.

The investigation is scheduled to be broadcast on ITV on its Tonight programme tomorrow and is titled 'Health Records for Sale'. On the basis of the investigation, the police in Britain and their counterparts in India have reportedly launched an investigation.

Sall Anne Poole, head of investigations at the Information Commissioner's Office, said: "We are very concerned that private patients' medical records are on sale in India. The ICO will establish the full facts and will then decide what action, if any, needs to be taken. Medical records are sensitive personal information and must be held securely."

Chris Rogers, the programme's presenter, contacted two Indian salesmen through an internet chat room, and posed as a marketing executive keen to buy medical records to sell insurance and medicines.

Rogers bought 116 files with detailed medical records of British patients, from the two salesmen, whom the programme named as Jaesh Bagchandnani and Kunal Gargatti, the Daily Mail reported today.

Bagchandanai reportedly said they came from staff at an Indian 'transcription' centre where medical records are computerised.

Bagchandnani told Rogers: "We can do really good business with these leads. These leads will give you diagnose, entire diagnose of all the customers, what the customer is facing. There are 17 teams or you can say team managers.

The floor managers, they are working as freelancers for me and I am telling them to pull the data for me. They work for me."

Researchers for the programme then met Gargatti, in Mumbai. Kunal told them: "You have the doctor's name, doctor's address, doctor's phone number. Each and every thing here. I have 30,000 files to give you today, right now. I've around 140 diseases here. You just tell me which disease you're looking out for - I can give you anything."

The files procured were of patients of London Clinic, one of Britain's top private hospitals. Several hospitals in the National Health Service have also outsourced their transcription to India, sparking concern over data safety following the latest investigation.

The London Clinic said it dealt with its own files internally and did not send them to private companies. But it advised a group of consultants to use a specialist Buckingham-based IT company, DGL Information Technologies UK, with which the clinic has a contract, to help turn paper records into computerised files.

DGL itself did not handle the records but recommended that the doctors use a document-scanning service provided by a company it has a contract with, Scanning And Data Solutions, which operates from Hertfordshire.

But Scanning And Data Solutions then sub-contracted further work on the files to a company in Pune.

Scanning And Data Solutions admitted it had sent thousands of medical records to India over the past two years and said it 'had no reason to disbelieve' that it had scanned the records obtained by ITV in India. It has now suspended its operations there and requested that its partners delete all the information they hold. It has told both Hertfordshire Police and Indian police of the theft.

Company director Michael Bailey said: 'Urgent investigations are under way to ascertain how these confidential records were stolen. A serious crime has taken place.'

A spokeswoman for the London Clinic said: "The outsourcing of patient data to India was without the knowledge or consent of the clinic or its consultants. All business was ceased with the third party as soon as we were alerted to this issue. We will do all we can to assist the investigations."

Rest assured, there is more being sold, by these companies about most of us, as our banks now have these people handling their call and the employees over there have access to our info....lovely.