Many private clinics, for example, do not monitor how patient information could potentially be misused. Survey respondents often cited a lack of time and resources. Furthermore, patients are often not informed of their rights concerning their own information.
Pharmacies were also found to be frequently negligent, however, they scored better than private clinics.
Nearly 90 percent of public clinics and pharmacies have appointed an information security contact person in compliance with the law. One third of clinics in the private sector lacked such a person.
Just 10 percent of pharmacies, 15 percent of private clinics and 30 percent of public clinics informed patients when their information was misused.
The Office of the Data Protection Ombudsman carried out the survey in June.