Home : Security : News

NHS responsible for third of data breaches

A senior member at the ICO has claimed the NHS is the worst data breach culprit in the UK.

By Jennifer Scott, 27 Apr 2010 at 11:15

The deputy commissioner of the Information Commissioner's Office (ICO) has named and shamed the NHS as the worst offender when it comes to data breaches.

During the opening keynote at InfoSecurity Europe 2010, David Smith highlighted the health service's blunders over the past two years where it accounted for almost a third of all reported data breaches in UK organisations.

“In just over two years, there have 960 data breaches which works out round about 30 a month,” said Smith. “The numbers coming in have gone down slightly, but only slightly. They have been pretty consistent for many years which suggests there is still problems.”

"The NHS comes out as the biggest single group with 287 meaning around about a third of total data breaches come from the NHS.”

Although he admitted the scheme to report data breaches is still voluntary at present and may not give the full picture, he had concerns about problems faced by the NHS.

“[Many] would say 'this is confidential health information, surely they should be better than this?' but this is the largest employer outside of the red army and this is hardly a command and conquer structure,” he said.

“There is a real, real, real challenge there but it is worrying that still we see these losses.”

Smith admitted there were plans to force an audit on the NHS to get the real picture on both the number of data losses and where they are going wrong, but he felt all organisations needed to buck up when it came to training and awareness around data protection issues.

“Lack of communication and training is still a frequent factor,” he added. “Organisations have... ticked the box that everyone has gone through the training once but there are no measures in place to keep up awareness.”

Read on for more news from InfoSec 2010.

Email to a friend

Print this page

< Previous Security : News Next >

1 comments

You need to Login or Register to comment.

Most Orgs & Individuals Enjoy Security as a Matter of Luck

In David Scott’s words, everyone needs to be a mini-Security Officer in the modern organization today. I think Mr. Scott is right: Most individuals and organizations enjoy Security largely as a matter of luck. Check out a wealth of free info at his blog – just Google “The Business-Technology Weave.” Anyone else here reading I.T. WARS? I had to read parts of this book as part of my employee orientation at a new job. The book talks about a whole new culture as being necessary – an eCulture – for a true understanding of security, being that most identity/data breaches are due to simple human errors. It has great chapters on security, as well as risk, content management, project management, acceptable use, various plans and policies, and so on. Just Google IT WARS – check out a couple links down and read the interview with the author David Scott at Boston’s Business Forum. (Full title is I.T. WARS: Managing the Business-Technology Weave in the New Millennium).

By janice33rpm on Tuesday Apr 27

Latest Security Analysis & Insight

Striving to solve the security skills crisis

The Cyber Security Challenge is doing a fine job, but flat registration growth and weak Government funding are cause for concern, Tom Brewster discovers.

More Security Analysis & Insight

Latest Security Reviews

Check Point 2210 Appliance review

Rating:

Check Point's new 2200 Appliances combined enterprise level network security with an SMB price tag. Its software blades provide a wealth of features, but do they complicate deployment? Read this exclusive review to find out.