Hospital USB stick found in car park
By Jennifer Scott,
An unencrypted USB stick containing medical records from a secure hospital in Scotland has been found in a supermarket car park.
The records came from the Tryst Park unit at Bellsdyke Hospital, near Falkirk, which treats people over 18 who have severe and enduring mental health problems.
It was found by a 12-year-old boy outside an Asda store in Stenhousemuir and is now back in the hands of the hospital, however a member of staff has been suspended in relation to the incident.
It is not clear what data was held on the USB stick but reports suggest it contained the criminal pasts of some of the more violent patients as well as details on staff at the unit.
Dr Iain Wallace, medical director of NHS Forth Valley, said in a statement: “We have clear policies in place on the safe use of portable data devices.”
“We are currently assessing the data on the memory stick which has been returned to us, and are in the process of contacting patients and their relatives to offer reassurance and to let them know we are doing everything possible to discover how this incident has occurred.”
This latest NHS data breach comes just a week after the deputy commissioner at the Information Commissioner’s Office (ICO) claimed the NHS was the worst offender when it came to data security.
David Smith claimed the organisation was responsible for a third of all data breaches in the UK – almost 300 recorded over two years – and that it could come under the spotlight from the ICO in the future.
You may also like...
You may also like...
advertisement
Latest Security Features
Are you ready for PCI compliance?
Davey Winder takes a closer look at the financial transaction security standard and what you need to do to get certified.
- Why has Intel bought McAfee?
- The Pirate Bay: the state of play
- The Orwellian Nightmare: Version 2.0
- Inside the mind of a social engineer
- The trials and tribulations of social networking
- NO2ID on fighting the database state
- Building a better password
- Q&A: George Kurtz, CTO, McAfee
- Is mobile malware really a risk?
Latest Security Reviews
Kaspersky Internet Security 2011 review
Rating: 
- G Data Software EndpointProtection Business review
- eSoft InstaGate 806 review
- M86 Security Secure Web Gateway 5000 review
- Google Maps Navigation review
- Netgear ProSecure UTM10 review
- ZoneAlarm DataLock review
- SmoothWall Guardian SWG-1208 review
- Symantec Backup Exec 2010 review
- WatchGuard XCS-770 review
advertisement
Most popular
- Nokia N8 review: First look
- Sony Ericsson Xperia X10 Mini Pro review
- Head to Head: Office 2010 vs Open Office 3.1
- iOS update coming next week
- Global broadband cost disparity must be addressed
- Are you ready for PCI compliance?
- Cost and time threatens Windows 7 upgrade
- Samsung Galaxy S review
- Sony Ericsson X10 Mini Pro review: First look
- IBM to ship world?s fastest chip
Latest News Videos in Security
Video: Why security is everybody's responsibility
PlayRik Ferguson, senior security advisor at Trend Micro says it's up to all of us to make security work.
Whitepapers
Want more background on today's hottest IT trends?
Visit IT PRO's whitepaper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
jackypond
This one is not good sign fro medical security such usb find in car park it is really good one for us.
By jackwarnel on Friday May 7
clear policies. Again.
It more than a little worrying to find that Dr Wallace thinks that the statement “We have clear policies in place on the safe use of portable data devices.” would somehow indicate that the hospital is doing enough. This sounds like an organisation that is more concerned about its ability to avoid blame, than to actually stop leaks. Now if he'd been able to say something like "All of the patient data on our network is kept encrypted and users can only decrypt it as part of the process of viewing the data using software that will only run on our network. This data must have been copied off the screens by hand" then I might have considered him a professional in an unfortunate position. The UK government seem to have a near infinite ability to waste money on dysfunctional computer systems and almost no ability whatsoever to comprehend what is actually required.
By Henry3Dogg on Friday May 7
Human error...
Every time I hear a story like this, I find myself thinking "and they assure us that nuclear power is 100% safe." However idiot-proof you make things, there will always be a bigger idiot to find a hole in your systems.
By Ip5_df4779ec5dd on Friday May 7