A coding mistake by an electronic health records vendor has resulted in a data breach impacting thousands of United Kingdom patients. The incident also serves as a reminder to all healthcare entities in the U.S. and elsewhere about the variety of risks vendors can pose to the security and privacy of patient data.In a July 2 statement, NHS Digital – which oversees IT for the U.K.’s National Health Service – says a “coding error” by vendor TPP, which provides the SystmOne EHR system that’s used by general practitioners, or GPs, in England, caused data of some patients to be disseminated despite the individuals having opted out of having their information shared for clinical research and planning purposes.”The TPP coding error meant that we did not receive these preferences and so have not been able to apply them to our data,” says Nic Fox, director of primary and social care technology at NHS Digital in the statement.

Source: Click here