In recent years, there have indeed been incidents of leakage of patient privacy information in some hospitals. These incidents have not only caused distress to patients, but also caused widespread social concern about the security of medical information. The following are some typical cases and their related responsible persons： ### 1. **2015 UCLA Health data breach incident in the United States** -**Incident Overview**: In 2015, the University of California, Los Angeles Medical system (UCLA Health) suffered a large-scale cyberattack, resulting in the disclosure of personal information of about 4.5 million patients. The leaked information includes the patient's name, address, birthday, social security number, and medical insurance information. -**Responsible person**: Although UCLA Health is not directly responsible, the investigation found that the organization's network security measures are flawed and it has failed to effectively prevent cyber attacks. In the end, UCLA Health was required to strengthen network security measures and provide credit monitoring services to affected patients. ### 2. **2017 UK NHS WannaCry ransom attack** -**Incident overview**: In 2017, the British National Medical Service (NHS) was attacked by the WannaCry ransom software, which paralyzed the systems of a number of hospitals and made it impossible to access the medical records of some patients. Although there is no direct evidence that patient data was compromised, this incident exposed the vulnerability of the NHS in terms of network security. -**Responsible person**: The NHS has been criticized for failing to update the system and patch known security vulnerabilities in a timely manner. The British government subsequently conducted a comprehensive review of the NHS's cyber security measures and strengthened relevant investments. ### 3. **In 2018, an internal employee of a Chinese hospital leaked patient information** -**Incident overview**: In 2018, an employee of a Chinese hospital illegally obtained and disclosed a large number of patients' personal information, including names, ID numbers, telephone numbers, etc. This information is used for illegal marketing activities and even sold to third parties. -**Responsible person**: The employee involved was arrested by the police and investigated for criminal responsibility in accordance with the law. Hospitals are also required to strengthen internal management to ensure the security of patient information. ### 4. **2020 Australian Medibank data breach incident** -**Incident overview**: In 2020, Medibank, Australia's largest private health insurance company, suffered a data breach, resulting in the disclosure of personal information of millions of customers. The leaked information includes the customer's name, address, date of birth, medical insurance number, etc. -**Responsible person**: Medibank was criticized for failing to effectively protect customer data, and then the company was required to strengthen data security measures and provide support to affected customers. ### 5. **A database of a hospital in India leaked in 2021** -**Incident overview**: In 2021, the database of a hospital in India was hacked, resulting in the disclosure of personal information of more than 1 million patients. The leaked information includes the patient's name, telephone number, medical records, etc. -**Responsible person**: The hospital was criticized for failing to take adequate network security measures and was eventually required to strengthen data protection measures and provide support to affected patients. ### Summary These incidents show that the protection of patient privacy information requires not only hospitals and medical institutions to strengthen internal management and technical protection, but also the improvement and implementation of relevant laws and regulations. Those responsible for these incidents usually include hospital management, IT departments, and employees directly involved. Governments and regulatory agencies are also constantly strengthening supervision and penalties for such incidents to ensure the security of patients' private information. If you or someone around you encounter a similar situation, it is recommended to report to the relevant departments in time and seek legal help to protect your legitimate rights and interests.