It was the region itself that made the discovery that patients’ social security numbers could be seen when certificates were sent by physical mail. Behind it all is a record system with incorrect templates that have caused the social security numbers to be placed in the wrong place.
In the notification to the Swedish Privacy Agency, it is stated that the incident may lead to patients suffering from identity theft and fraud.
According to the region, the patients’ social security numbers should only have been visible to staff at the post office who handled the mailings.
The region does not currently know how long the fault has been going on or how many people have been affected. They are now working to investigate and remedy the underlying cause of the error, and have also introduced new routines.