Statement regarding recent reports* about a Babylon Health Data breach

Medical Solutions recognises that all patients have the right to a confidential medical service.  Maintaining patient confidentiality and data security are fundamental principles underpinning a safe, effective and trusted medical service. For over 20 years Medical Solutions has developed our operational processes and IT infrastructure around these core principles.

Medical Solutions has established a number of robust security processes to mitigate the risk of data breaches. Importantly, there is full separation between our patient facing technology (Apps) and our central consultation archive, which means that there is no automatic access to historical consultations via an App. All consultations are recorded, encrypted end to end and stored on a secure, advanced encrypted server. Access to this server is limited to a small number of authorised personnel and only having completed two-factor authentication.

Does Medical Solutions share patient data with other parties?

No, Medical Solutions will not share patient details with anyone else unless we have explicit patient consent to do so and only in the following circumstances:  
 

1. Following a consultation with one of our experienced GPs, if the Medical Solutions GP considers it beneficial to inform a patient’s own NHS GP of the consultation, and to share clinical notes securely, to maintain a complete medical record.

2. Where the patient has requested access to their own consultation record after submitting a formal subject access request (SAR) to our Data Protection Officer and having their identity verified.

Medical Solutions undergoes regular third party penetration tests to ensure our IT infrastructure remains secure, and so that patients can continue to feel safe and confident when using our services.

* Babylon Health admits GP app suffered a data breach, BBC News, 9^th June,  https://www.bbc.co.uk/news/technology-52986629