An ITV news investigation has exposed the risk of offshoring data abroad and putting personal information into the hands of unsecured third parties.
Last night's Tonight programme investigated the sale of British medical records held offshore, in this case in India. ITV reporter Chris Rogers was able to find criminals who were prepared to sell supposedly confidential and private medical and financial records.
According to one insider, name and address data could be bought for as little as 50p, while credit card information is "five bucks" and credit history is "20 bucks".
Once the data is gathered, often just from call centre workers, it is sold to companies and individuals looking to use it for direct marketing and cross selling. The programme described the scale of the problem as alarming.
The thousands of files bought by Rogers included up-to-date and accurate medical information. One victim said that he was "angry" about the disclosure, adding that the information was "very, very private".
The information related to private medical patients and came from one facility, the London Medical Clinic, which had outsourced its data scanning. The firm it chose then outsourced the data again to India, and it is here that the leak is said to have occurred.
"It is useful for programmes like Tonight to be exposing these crimes, but not to disparage a largely trusted and successful outsourcing and offshoring industry. It's important that this is understood to be a data crime, not an offshoring crime," said Mark Kobayashi Hillary, director of the National Outsourcing Association.
Andy Jones, European director and general manager of Xerox Global Services, urged firms to consider a number of things before signing up with a third-party outsourcing provider.
He said that in order to avoid similar problems firms should, understand their contracts.
"What are the terms of the contract and what has the outsourcing company committed to? Will they be using third parties? If so who - and will your documents and data be protected? What access rights will they have? What document standards do they adhere to?," he added.
"These are all questions that need to be asked at the outset."
The Tonight episode can be seen here.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago