UK National Health Service is reviewing its online vaccination platform for booking inoculations after the revelation that the system gave away sensitive information about patients.
Simply entering a person’s name, date of birth and postcode was enough to figure out if the said person had one jab, two, or none at all, the Guardian reported.
The crucial flaw of the platform was that it gave different responses depending on the user’s vaccination status and, therefore, let anyone who obtained the above-mentioned personal details about the patient know if he or she had received their jab and how many.
Such sensitive information, which should be private, could be obtained and misused by employers, while other users may fall under pressure from their anti-vaccination friends or colleagues, the Guardian suggests.
NHS Digital addressed the issue in a statement, saying it was working to revise the issue, but defended the system, with the spokesperson saying that “the system does not have any direct access to anyone’s medical record and people should not be fraudulently using the service”.
“It should only be used by people booking their own vaccines or for someone who has knowingly provided their details for this purpose,” the NHS said.
The UK is on its way out of the lockdown, with Boris Johnson’s “roadmap” the stage of which is due on May 17, when hospitality establishments can serve customers indoors, hotels can welcome non-essential guests and the attendance limit on outdoor events rises to 30. The last step is scheduled for June 21, when nightclubs and music venues can reopen normally.