Over 300 data leaks at Dutch hospitals this year

So far this year Dutch hospitals reported 304 leaks of sensitive information, Trouw reports based on figures from the personal data authority AP. The authority would not give details about the leak, as this could be traced to individual hospitals.

Dutch hospitals are required to report all data breaches, ranging from hackers gaining access to data to a lost USB stick, or an email sent showing the email addresses of other people. This measure was implemented at the start of this year in an attempt to encourage organization to be more careful with personal data.

According to AP, many of the reports involved unsecured connections and human error. 

The Dutch Association of Hospitals would not comment on the matter to Trouw, only pointing out that this is the first year for which figures are available - so there's nothing to compare it to. 

The obligation to report data leaks does not only cover hospitals, but all organizations. All in all AP received 4,700 reports since January 1st. If an organization does not report a leak within 72 hours, they can face a fine of up to 800 thousand euros, or 10 percent of the annual turnover.