Skip to Navigation Skip to Content
Data Breach
  2. Healthcare Campaigns | Mediclinic Middle East UAE
    1. Mediclinic Middle East
    2. Stay Services & Hospitals
    3. Clinics & Hospitals in Dubai & Abu Dhabi - Mediclinic
    4. Health Knowledge
    5. Services and Specialities
    6. Mediclinic Health Packages
    7. Healthcare Career Opportunities
    8. About Mediclinic Middle East
    9. Quality
    10. Healthcare News & Updates - News
    11. Mediclinic Middle East - Referring Doctors
    12. Mediclinic Middle East - Careers at Mediclinic
    13. Mediclinic Middle East Special Offers
    14. Best Doctors in UAE
    15. Contact Mediclinic UAE
    16. Maternity Hospital and Baby Care
    17. Privacy Statement
    18. Terms of Use
    19. Mediclinic Emergency
    20. Health Insurance Partners
    21. What you should do in an emergency
    22. Clinical Research in The Middle East
    23. Pharmacy Home Delivery
    24. Mediclinic Kids | Paediatrics Department
    25. COVID-19 Healthcare Services
    26. Book an Appointment with Our Doctors
    27. Mediclinic Precise - Genetic Testing & Profiling
    28. Mediclinic at Home
    29. Bourn Hall Fertility Clinic in Dubai, Al Ain and Abu Dhabi
    30. Important Healthcare Updates
    31. Ayadi Home Healthcare Services Dubai | Mediclinic UAE, أيادي للرعاية الصحية المنزلية
    32. Home Care Services & Home Nursing
    33. Patient Privacy Notice
    34. EVUSHELD
    35. Experience Cutting-Edge Healthcare at Mediclinic UAE - Health Experience Hub
    36. Meidclinic's glossary
    37. Client Experience Hub
    38. Genetic Health
    39. Info
    40. Travel Clinic
    41. Travel Vaccine for your holidays
    42. Home-test
    43. About Mediclinic Woman - Women's Health
    44. About Mediclinic Woman
    45. Primary Care Services
  3. Data Privacy Awareness Campaign | Mediclinic Middle East UAE
    1. 5th Annual Research Conference | Mediclinic Middle East
    2. Data Privacy Awareness Campaign | Mediclinic Middle East UAE
    3. Step Up Health Challenge | Mediclinic Middle East
    4. IVF Treatment at Mediclinic | Bourn Hall Fertility Centre
    5. International Patient Care | World Class Healthcare at Mediclinic Middle East
    6. Comprehensive Gut Microbiome Testing | Mediclinic Middle East
  4. Data Breach (March 2025)
    1. Patient Data Protection | Mediclinic Middle East
    2. Patient Data Access Control | Mediclinic UAE
    3. Healthcare Data Privacy Roles | Mediclinic UAE
    4. Mobile Device Policy Healthcare | Mediclinic UAE
    5. Healthcare Data Security | Password Protection UAE
    6. Patient Confidentiality Guidelines | Mediclinic UAE
    7. Make data privacy a habit in your everyday working life (November 2024)
    8. Data Protection Laws – what is applicable to Mediclinic? (December 2024)
    9. International Data Protection Day (January 2025)
    10. Patient consent to collect, use and store personal data (February 2025)
    11. Data Breach (March 2025)
Data Privacy Awareness Campaign | Mediclinic Middle East UAE

Data Breach (March 2025)

We are Guardians of Patient Privacy

What to do when a data breach happens (March 2025)

In a healthcare environment like Mediclinic, the protection of personal data and sensitive health data is paramount. Like adverse events in a clinical context or security incidents in ICT, events or incidents may occur when handling personal data. Such incidents are called “data breach” or “personal data breach”. According to UAE Federal Law No. 45 of 2021 (Personal Data Protection Law) and to DOH and DHA regulations, data breach incidents need to be managed and notified to the internal Data Protection Officer.

How to identify a data breach?

A data breach (or personal data breach) is a breach of security or a non-compliance with security measures, leading to Personal Data being stolen or lost, Personal Data is corrupted or altered unlawfully or Personal Data is disclosed to or accessed by unauthorised persons.

Examples:

  • An employee accidentally sends an email containing a patient's medical report to the wrong recipient outside of Mediclinic.
  • A computer system storing patient records crashes, resulting in the loss of access to crucial patient information for several days. During this time, medical staff cannot retrieve necessary data for patient care.
  • During a data entry process, a patient’s medical record is altered by entering incorrect treatment dates or uploaded reports of another patient.

How to notify a data breach?

When a data breach occurs, it’s crucial to notify the right people immediately to ensure swift action.

  1. Inform your line or duty manager.
  2. Send an email to the Data Protection Officer (DPO) at dataprivacy@mediclinic.ae.
  3. If the breach affects any ICT system or device, reach out to the ICT Service Desk by phone or email.
  4. Report the event in the TPSC system (if applicable).

The notification to the DPO should include the following information:

  • Date and time of the incident.
  • Facility and unit where the incident took place.
  • Description of the incident.
  • Description of actions taken or planned.
  • Your contact details.
  • In case you have captured the incident in TPSC, add the TPSC case number.

What action to take if it’s urgent?

Depending on the type and severity of the incident, you may need to take immediate actions right away to protect the personal data of patients and employees, as well as safeguard yourself and the company. Consult with your line or duty manager to discuss the best course of action. Additionally, you may reach out to the Data Protection Officer or the ICT Service Desk for further guidance, especially if the breach involves technical issues or requires specialised assistance.

Additional information for line and duty managers

  • Inform the next line manager if appropriate
  • Ensure that ICT service desk is informed – do it yourself or assign somebody
  • Ensure that the DPO is informed – do it yourself or assign somebody
  • Inform other staff only as far as necessary excluding personal information i.e. patient effected
  • Take ownership of actions and communication if your team member has caused the incident.

eLearning Data breach

The company has developed an eLearning to provide guidance the employees how to deal with data breach incidents. The eLearning is available in Mediclinic’s Learning Academy.

Remember, our dedication to patient well-being extends beyond medical care; it includes safeguarding their privacy. Let us all contribute to fostering an environment where patients can trust that their information is handled with the utmost care and respect.

Thank you for your commitment to upholding the values that make Mediclinic a trusted healthcare provider.