the Visit to the company Voice Integrate Nordic AB, the Swedish data Inspection board now allows with four lawyers and two it security specialists should be seen as a first step in the agency review of the comprehensive patient-dataläckan.
– It will then be asked a few questions about what type of personal data processed. We expect an explanation of how it goes. We will also look at the systems you use and what is in them, " says Suzanne Iceberg, which leads the Board's review.
also to request to be a part of the contract documents as the Voice Integrate Nordic has with the other actors. The authority has previously indicated that the audit related to the 1177 is complex, with multiple stakeholders involved.
Parts of the personuppgiftsbehandlingen have been of a sub-contractor in Thailand. The authority has already at an early stage found that the information on how the personal data processed in the framework of 1177, and by which actors is unclear.
" this should be seen as a first step in our review. More actors will be examined, " says Suzanne of the Iceberg.
the Swedish data Inspection board initiating to clarify what kind of personal data processed in the it systems and the steps that have been taken for something similar not to happen in the future.
– Under the data protection regulation, the GDPR, should personal data be protected so that unauthorized persons cannot access them and so that the data can not be disseminated in unwarranted ways. Both personuppgiftsansvariga and third party processors have a responsibility to take adequate safety precautions. When it comes to sensitive personal data relating to health, the demands are especially stringent, " says Suzanne Iceberg that leads the Board's review.
Nordic AB, has owned and managed the server on which the 2.7 million calls stored. According to Voice integrates ceo Tommy Ekström to the talks of the mistakes have become available to the public after an employee happened to plug in a internetsladd in the server. It was Computer Sweden in February was able to reveal that the recorded calls to 1177 vårdguiden at least since 2016 have been available for anyone to take part of.
More specifically, we will attempt to sort out what it is for the personal data processed in the it systems and the steps the company has taken to prevent similar situations in the future.
have an external review of 1177-the leak initiated by the Stockholm Region, and a preliminary investigation has been initiated against Medhelp, vårdentreprenören retained by the Region of Stockholm to manage the service and which, in turn, hired Voice Integrate. Medhelp has also terminated its partnership with Voice integrate.
on Friday met the representatives of Swedish Municipalities and County councils (SKL), Inera and the Stockholm Region social minister Lena Hallengren (S) to report what happened.
" What happened is unacceptable and those responsible must now ensure that something similar does not happen again, said the minister of social affairs in a statement.