• ramblechat@lemmy.world
    link
    fedilink
    arrow-up
    46
    arrow-down
    1
    ·
    1 year ago

    I did some IT work at a hospital, patient records including names, addresses, conditions and doctor’s notes (inc mental health notes) were stored in the database in plain text. You had to have admin access to the database (which I did), but I was stunned that I could browse anyone’s entire medical information. A few weeks after I left I sent an anonymous email to a couple of people letting them know how bad it was - I didn’t use my real one just in case they may have come after me for looking at the records.