Personal details of every covid+ case in Wales up until August 30th (18k) published by mistake by Public Health Wales in huge data breach https://twitter.com/ITVWales/status/1305493103940378624
The initials, post code, date of birth and sex of patients were uploaded to a section of the Public Health Wales website in 'human error'
The Chief Executive of Public Health Wales, Tracey Cooper tells me they were only made aware of the breach after a member of the public called them - as did a local council worker - to say the info was on the website.
BUT, the person who took that call on the same day of the breach, flagging up the issue, appeared not to realise its significance. So it wasn't until the next day that the info was taken down. 'They didn't follow our serious incident reporting procedure' says PHW CEO
That meant that the data was left public for far longer than it might have been had correct procedures been followed.
Anger from . @AndrewRTDavies of @WelshConserv that @vaughangething didn't mention data breach earlier. "The Health Minister appears to have sat on this for two weeks and done a press conference earlier today without disclosing this significant failing – and that's unacceptable."
And what do Welsh Government (who've known about this breach since Sept 2nd) have to say about all this?

Nothing.

Essentially it says 'PHW are dealing with it'
. @plaidcymru's @RhunapIorwerth says: "Any data breach is serious, and this data breach including potential means of identifying patients is of serious concern.

“Public Health Wales and the Welsh Government have to be able to explain how exactly this happened."
The CEO of Public Health Wales admits that the data breach was all Wales covid+ patients up until August 30th. "This is a big data breach, absolutely."
Speaking to me following the data breach of 18,000 covid+ patient details, the CEO of Public Health Wales also admits they have no idea who viewed the data (and by extension, where it might be now...)
So an 'external investigation' has been launched. Headed up by the Head of Information Governance at NWIS. The same NWIS that PHW has worked with throughout the pandemic when it comes to data. The same NWIS that referred itself to the ICO over letters going to the wrong addresses
NEW: Speaking to my colleague @robosbornewales ahead of tonight's Sharp End, Education Minister Kirsty Williams said the breach is 'regrettable' and hopes people aren't put off getting a test because of it.
The CEO of Public Health Wales, when I asked her, said she is not going to resign over the data breach. I can't recall another data breach as big as this occurring from Public Health Wales. (The Covid letters was not PHW)
🚨DATA BREACH RECAP🚨
📂Largest breach ever for PHW
📂Initials, DOB, sex, location of ALL 18k Welsh covid cases to Aug 30 exposed for 20hrs
📂Alert to breach not escalated
📂No idea who viewed it
📂No idea where data may be now
📂Welsh Gov: it's 'regrettable'
📂No resignations
😬
You can follow @JCrichtonSmith.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
There are a lot of misconceptions about the Turkish diaspora in Germany. Since i just finished writing an essay about this topic I thought it's time to give other people
Read more
Las mejores calculadoras online en 2020A thread http://totumat.com/2020/11/26/las-mejores-calculadoras-online-en-2020/ Cuando se estudian asignaturas que requieren de cálculos complicados, nada mejor que contar con una buena calculadora.
Read more
Mitigating #ClimateChange is as much about taking up new techs as about leaving others behindMost studies focus on #coal's global downfall but another #energy tech decline is loomingRead my new
Read more