Babylon Health, an online health consultation platform has disclosed an internal error that led few users to view others’ consultation videos. While the company had patched the issue and informed concerned authorities, it was still accused of leaking the sensitive health consultation videos to others. It’s having over 2.3 million users and the affected are reported to be from the UK only.
An Internal Error Rather Than Breach!
Rory Glover, a Leeds based resident was the one who found this issue and raised concerns. As per BBC, when Rory turned to his Babylon’s GP app for checking a prescription, he found a list of about 50 consultation replay videos that weren’t belonging to him. And when checked one, he confirmed it to be offtrack and thus reported to his work colleague at Babylon.
This was soon taken to the company’s compliance department and settled the issue within two hours. It said, “On the afternoon of Tuesday 9 June we identified and resolved an issue within two hours whereby one patient accessed the introduction of another patient’s consultation recording.”
Further, “Our investigation showed that three patients, who had booked and had appointments today, were incorrectly presented with, but did not view, recordings of other patients’ consultations through a subsection of the user’s profile within the Babylon app.” The company amended this statement that the three persons include Mr Grover and two others.
The company said the engineering team was aware of the issue even before it’s reported, and was accidentally introduced after a feature of switching from audio to video was induced. Thus, the company claims the breach was “result of a software error rather than a malicious attack.” Babylon said it has informed the Information Commissioner’s Office and been in touch with those affected.