Showing posts with label data theft. Show all posts
Showing posts with label data theft. Show all posts

Sunday, 11 August 2019

Alleged data theft by HealthEngine leaves hundreds of thousands of Australians vulnerable


Perhaps now is the time for readers to check who owns the company they might use to make medical appointment online.

ABC News, 8 August 2019: 

Australia's biggest medical appointment booking app HealthEngine is facing multi-million-dollar penalties after an ABC investigation exposed its practice of funnelling patient information to law firms. 

The Australian Competition and Consumer Commission has launched legal action against the Perth-based company in the Federal Court, accusing it of misleading and deceptive conduct. 

In June last year, the ABC revealed HealthEngine was passing on users' personal information to law firms seeking clients for personal injury claims. 

The details of the deal were contained in secret internal Slater and Gordon documents that revealed HealthEngine was sending the firm a daily list of prospective clients at part of a pilot program in 2017.



The ACCC has also accused the company of passing the personal information of approximately 135,000 patients to insurance brokers in exchange for payments.


"Patients were misled into thinking their information would stay with HealthEngine but, instead, their information was sold off to insurance brokers," ACCC chairman Rod Sims said in a statement.

The information sold included names, phone numbers, dates of birth and email addresses.

The ACCC has not said how much money the company earned form the arrangement.

The ABC revealed last year that HealthEngine had also boasted to advertisers that it could target users based on their symptoms and medical conditions. 

HealthEngine has also been accused of misleading consumers by manipulating users' reviews of medical practices. 

"We allege that HealthEngine refused to publish negative reviews and altered feedback to remove negative aspects, or to embellish it, before publishing the reviews," Mr Sims said. 

Among a range of examples, the ACCC alleges that one patient review was initially submitted as: "The practice is good just disappointed with health engine. I will call the clinic next time instead of booking online." 

But when that review was made public, it was allegedly changed to simply read: "The practice is good." 

HealthEngine is facing a fine of $1.1 million for each breach of the law, but the ACCC has yet to determine how many breaches it will allege....