Written by Haim Ravia and Dotan Hammer
The Israeli Privacy Protection Authority has published guidelines regarding the use of personal medical information of patients that could be misused online due to the data breach incident at the ‘Mayanei Hayeshua’ Medical Center in Israel. The Authority has warned that indications suggest that the cyber-attack may have resulted in theft of information and that any use of this personal information, even for the purpose of artificial intelligence training, is prohibited.
According to the Israeli Privacy Protection Authority, the prohibition on exploiting this personal information extends to copying, distributing, publishing, transferring, processing, and storing the information in other databases. Misusing medical information in this manner could constitute a criminal offense, and the Privacy Protection Authority threatened that it would prosecute those who violate these restrictions.
The Privacy Protection Authority also reiterated its recommendations for individuals whose personal information was leaked. These recommendations include changing passwords, activating two-step verifications, and assessing potential risks. The Privacy Protection Authority is looking to raise public awareness of suspicious email messages, texts, and phone calls, and is advising individuals to avoid taking rash steps that could reveal additional sensitive information.
Click here to read the notice published by the Israeli Privacy Protection Authority regarding the data breach incident at the Mayanei Hayeshua Medical Center in Israel (in Hebrew).
Click here to read the Israeli Privacy Protection Authority’s recommendations for website users whose personal details were leaked published by The Privacy Protection Authority (in Hebrew).