As the Bavarian Broadcasting Corporation and the US research portal ProPublica found out, there were several.
Numerous manufacturers of medical devices use cloud services to save and process data on the Internet and provide for professional exchange. The storage should have been anonymized and secure – the opposite was the case.
Doctors and hospitals are not the main culprits when manufacturers offer devices that rely on inadequately protected cloud services. You have to imagine that: it affects a total of millions of patient data from 46 countries, which were distributed on 2,300 accessible servers. It is impossible to imagine what happens when criminals use the data to attempt blackmail.
Data Protection: Toothless Tiger Called GDPR?
The developers at the manufacturers ignored the fact that the Internet is an open space. I can already hear the excuses: “Nobody can find the server who isn’t looking for it, and who is looking for the data? Who cares?”. We had hoped that the EU GDPR would create sensitivity for this topic: for personal data protection and the criminal consequences of non-compliance.
The search for those responsible for this data scandal turns out to be very difficult, even in the early stages. Doctors and hospitals will certainly have to be asked to what extent they have paid attention to the data protection of their suppliers. We can be curious to see whether the penalties will be as drastic as the GDPR provides and what consequences the case will have.
Data Protection: Cloud Governance Is A Must
For Trivadis as a cloud service provider, even the highest penalty does not help against the damage to the image of the cloud concept in general. We now have to promote the cloud to our customers again and rebuild the trust that others have broken. That is why the cloud concepts that we offer customers always include cloud governance.
Here it is checked carefully in advance, and it is determined who, why, and how can access which data. No question about it, the Internet is everywhere, and the cloud is becoming more and more complex due to hybrid and multi-cloud architectures. It is all the more important that data protection and security are taken into account at an early stage and present at all levels, from strategy to implementation in day-to-day business.
Millions of highly sensitive patient data on the Internet are the worst possible advertisement for a secure cloud. At Trivadis, we work together with providers, service providers, partners, and customers to design and implement sustainable cloud concepts with simple and secure solutions so that reality is better than any image campaign. ”
No question about it, the Internet is everywhere, and the cloud is becoming more and more complex due to hybrid and multi-cloud architectures. We now have to promote the cloud to our customers again and rebuild the trust that others have broken. The storage should have been anonymized and secure – the opposite was the case.
We can be curious to see whether the penalties will be as drastic as the GDPR provides and what consequences the case will have. At Trivadis, we work together with providers, service providers, partners, and customers to design and implement sustainable cloud concepts with simple and secure solutions so that reality is better than any image campaign. “
