The NHS has been forced to change its booking process for Covid vaccinations after it was discovered that information pertaining to individuals' vaccine statuses could be easily obtained from the site.
This is a worrying development in the middle of a pandemic, a time when trust in national health services is paramount wherever you live.
Why did the medical data leak occur?
In order to book a vaccination through NHS Digital, members of the public have to enter their personal details into the site, including their NHS number. However, if they don't have that information with them, they can still book an appointment with just basic information about themselves.
The problem is that if someone else knew that basic information about an individual – such as a full name, date of birth, and a postcode – the website will reveal the existing vaccine status of that person. This is due to the fact the personal details you enter determine which subsequent page you are taken to.
The Guardian – breaking the story – said that if the personal information entered suggests that an individual has already had a dose and has booked an appointment for a second, the site then asks for a booking reference to continue. But this extra verificatory step wasn't universal.
Worst of all, for those users who have had only one jab through a GP and have not booked a second, the screen lets them book their follow-up then and there, without any further verification
On top of this, if the details entered do not correspond to an existing vaccine reference, the user will be redirected to a broad screening page. If you've had both, it tells you that you don't need to book an appointment.
Why is this a big issue?
The personal data obtainable through these means – especially medical information in the middle of a pandemic – could easily be used for leverage in one way or another, particularly considering the pre-existing public discourse surrounding vaccine passports and what unvaccinated people will and won't be able to do. Some examples of ways this information could be used include:
- Employers checking to see which of their employees have been vaccinated, and pressuring them into doing so if they are yet to get the jab.
- Parents asking for members of their child's sports team to be excluded until their parents have had the jab.
- Insurance companies refusing to cover people that they believe have not been vaccinated.
- Venues canceling table bookings made by people who haven't been vaccinated by entering the details of customers into the sites.
- Homeowners revealing the vaccine status of their neighbors to other people on their street.
These are just a few instances that show how this could be used in a manipulative fashion that would seriously affect people's lives – there are, unfortunately, many more ways this information could be used during a pandemic.
What has the NHS said in response?
A spokesperson for the National Data Guardian for Health and Social Care, which regulates how medical data like this can be used by UK institutions, told the Guardian that:
"It is important that it is as simple and easy as possible for people to book their vaccinations and we understand that the website has been developed to support this aim. The NDG has contacted the organizations which run the website to ensure that they are aware of the concerns that have been raised and will discuss with them the twin important aims of protecting confidentiality whilst maintaining easy access to vaccinations for the public".
NHS Digital, the website where the leak occurred, backed this up and noted the number of people who have used the site to become vaccinated:
"The online book a coronavirus vaccination service has enabled millions of people to book their vaccinations quickly and easily, with over 17m first and second dose appointments made in over four months. The system does not have any direct access to anyone's medical record and people should not be fraudulently using the service – it should only be used by people booking their own vaccines or for someone who has knowingly provided their details for this purpose".
The NHS has failed patients
From a privacy point of view, this is shocking – particularly considering this is a government institution that depends on the trust of the citizens it serves to function. If Brits stop trusting the NHS with their medical information, then public health policy and responses will become much harder to coordinate and much less effective.
Whether someone has had a vaccine or not is personal, medical information and should be kept confidential. There are not many pieces of personal information that would demand more confidentiality, in fact. The way the website issue could be manipulated, which was discussed above, is incredibly worrying.
With vaccine passports seemingly around the corner for the UK, you'd hope the government – and the National Health Service – would be doing everything they can to assure people that their medical information will be kept secure. Unfortunately, this is not the first time that it has appeared otherwise.
Vaccine take-up is not universal – we're all familiar with the anti-vaccination movement by now – and this might give authoritative voices in the movement more ammo to shove down the throats of those they're trying to rally.
Privacy in the arena of medicine should matter deeply to the NHS because they're integral to a functioning society and health service. But with stories like this feeling increasingly common, it's harder and harder to believe their public pronouncements about the importance of keeping our data safe.