wordpress blog stats
Connect with us

Hi, what are you looking for?

Andhra Pradesh govt website exposed medical purchase data of hundreds

An unsecured website of Andhra Pradesh government exposed the names and numbers of every person who purchased medicines from a government-run store, reported HuffPost India.

The purchases include sensitive details about purchases of Suhagra 50, a generic version of Viagra (which is used to treat erectile dysfunction), making the privacy of this data paramount. A dashboard on the Anna Sanjivini website allowed anyone with internet access details including the names and phone numbers of every person who purchased medicines from every single such store. Anna Sanjivini Stores are generic medical stores owned by the state government but operated by individuals or self-help groups. The link has since been taken down.

This vulnerability was discovered by security researcher Srinivas Kodali. It contains logs of Order ID, the Store Operator ID, Customer name, Customer phone number, details of the medicines, and the money paid. Remember that this is for each order.

Andhra Pradesh’s cavalier attitude to the sensitive data of people is significant with the draft Digital Information Security in Healthcare Act (DISHA). The draft bill gives citizens the right to prevent any transmission or disclosure of any sensitive health-related data that is likely to cause damage or distress to the owner. The bill also gives the right to give, refuse or withdraw consent for the storage and transmission of digital health data, with certain exceptions.

According to the bill, the owner of the digital health data shall have the right to know the entities which may have or has access to their digital health data, as well as, the right to be notified every time their digital health data is accessed by any clinical establishment. The bill also clarifies the government’s stance on sensitive digital health data:

Advertisement. Scroll to continue reading.

Sensitive health-related information’ means information, that if lost, compromised, or disclosed, could result in substantial harm, embarrassment, inconvenience, violence, discrimination or unfairness to an individual, including but not limited to, one’s physical or mental health condition, sexual orientation, use of narcotic or psychotropic substances, consumption of alcohol, sexual practices, Human Immunodeficiency Virus status, Sexually Transmitted Infections treatment, and abortion.

Personally Identifiable Information

(iv) Name; (v) Address; (vi) Date of Birth; (vii) Telephone Number; (viii) Email Address; (ix) Password (x) Financial information such as bank account or credit card or debit card or other payment instrument details; (xi) Physical, physiological and mental health condition; (xii) Sexual orientation; (xiii) Medical records and history; (xiv) Biometric Information; (xv) Vehicle number; (xvi) Any government number, including Aadhar, Voter’s Identity, Permanent Account Number (‘PAN’), Passport, Ration Card, Below Poverty Line (‘BPL’).

Read a summary of the draft bill here.

Written By

I cover health, policy issues such as intermediary liability, data governance, internet shutdowns, and more. Hit me up for tips.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.

Views

News

Find out how people’s health data is understood to have value and who can benefit from that value.

News

The US and other countries' retreat from a laissez-faire approach to regulating markets presents India with a rare opportunity.

News

When news that Walmart would soon accept cryptocurrency turned out to be fake, it also became a teachable moment.

News

The DSCI's guidelines are patient-centric and act as a data privacy roadmap for healthcare service providers.

News

In this excerpt from the book, the authors focus on personal data and autocracies. One in particular – Russia.  Autocracies always prioritize information control...

You May Also Like

News

Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

Advert

135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...

News

Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

News

By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ