Hospital USB stick found in car park
By Jennifer Scott,
An unencrypted USB stick containing medical records from a secure hospital in Scotland has been found in a supermarket car park.
The records came from the Tryst Park unit at Bellsdyke Hospital, near Falkirk, which treats people over 18 who have severe and enduring mental health problems.
It was found by a 12-year-old boy outside an Asda store in Stenhousemuir and is now back in the hands of the hospital, however a member of staff has been suspended in relation to the incident.
It is not clear what data was held on the USB stick but reports suggest it contained the criminal pasts of some of the more violent patients as well as details on staff at the unit.
Dr Iain Wallace, medical director of NHS Forth Valley, said in a statement: “We have clear policies in place on the safe use of portable data devices.”
“We are currently assessing the data on the memory stick which has been returned to us, and are in the process of contacting patients and their relatives to offer reassurance and to let them know we are doing everything possible to discover how this incident has occurred.”
This latest NHS data breach comes just a week after the deputy commissioner at the Information Commissioner’s Office (ICO) claimed the NHS was the worst offender when it came to data security.
David Smith claimed the organisation was responsible for a third of all data breaches in the UK – almost 300 recorded over two years – and that it could come under the spotlight from the ICO in the future.
You may also like...
![My email address is [CENSORED]](http://cdn.itpro.co.uk/images/front_picture_library_IT_Pro/dir_227/it_photo_113980_36.jpg)
Sponsored Links
advertisement
You may also like...
Latest Security Analysis & Insight
Striving to solve the security skills crisis
The Cyber Security Challenge is doing a fine job, but flat registration growth and weak Government funding are cause for concern, Tom Brewster discovers.
- Would you employ a hacker or malware writer?
- Q&A: Raj Samani, CTO McAfee
- Erase and rewind: the EU and privacy
- My email address is [CENSORED]
- Is there such a thing as a secure tablet?
- 2011: The year in news
- BYOD: Old or new, good or bad?
- Are the cookie laws crumbling already?
- Sticking security where the sun don't shine
Latest Security Reviews
Check Point 2210 Appliance review
Rating: 
advertisement
Most popular
- Virgin remains on top in broadband speed race
- Will someone rid me of these troublesome Macs?
- MPs call for infection detection database
- A data shock warning for Orange customers
- What can Intel bring to the smartphone market?
- T-Mobile announces 'UK's first' fully unlimited deals
- Nokia Lumia 710 review
- Cisco launches turbo-powered wireless access point
- Facebook unveils $10bn IPO plans
- Head to Head: Mac OS X 10.7 Lion vs Windows 7
Latest News Videos in Security
IT PRO Podcast: Are UK data protection laws flawed?
PlayWe bring in two experts to talk about the problems with UK data protection law and the way it is managed.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
jackypond
This one is not good sign fro medical security such usb find in car park it is really good one for us.
By jackwarnel on Friday May 7
clear policies. Again.
It more than a little worrying to find that Dr Wallace thinks that the statement “We have clear policies in place on the safe use of portable data devices.” would somehow indicate that the hospital is doing enough. This sounds like an organisation that is more concerned about its ability to avoid blame, than to actually stop leaks. Now if he'd been able to say something like "All of the patient data on our network is kept encrypted and users can only decrypt it as part of the process of viewing the data using software that will only run on our network. This data must have been copied off the screens by hand" then I might have considered him a professional in an unfortunate position. The UK government seem to have a near infinite ability to waste money on dysfunctional computer systems and almost no ability whatsoever to comprehend what is actually required.
By Henry3Dogg on Friday May 7
Human error...
Every time I hear a story like this, I find myself thinking "and they assure us that nuclear power is 100% safe." However idiot-proof you make things, there will always be a bigger idiot to find a hole in your systems.
By Ip5_df4779ec5dd on Friday May 7