NHS in more data security blunders
By Tom Brewster,
Another two major NHS security snafus were revealed this week, with two trusts caught out losing a tonne of patient data.
In the case of Eastern and Coastal Kent Primary Trust, 1.6 million individuals’ data went missing, including addresses, dates of birth, NHS numbers and GP practice codes.
The information was held on a CD, which was sent to a landfill site inside a filing cabinet, during a move of office premises.
To lose 1.6 million patients’ details in such a way still strays beyond carelessness.
Attempts were made to retrieve the CD, but by that point it was too late.
The Information Commissioner’s Office (ICO) discovered the Trust’s employees involved in the move were not up to speed on data governance training.
The ICO said it had found no evidence the data had been compromised or used for malicious intent.
“While there is no evidence to suggest that any of the data was accessed, this case highlights that clear policies and procedures should be put in place to support staff when handling personal information as part of an office move. These policies should be communicated to all relevant staff,” a spokesperson said.
“We are pleased that Eastern and Coastal Primary Care Trust has now taken action to make sure that the personal information they handle is kept secure.”
ICO’s comments may not appease those shocked by the amount of data lost.
“To lose 1.6 million patients’ details in such a way still strays beyond carelessness and firmly into negligence,” said Chris McIntosh, chief executive (CO) of network security company ViaSat UK.
“Whether the CD is lost forever or ends up in the right or wrong hands may still be unknown, but the stark fact is that the personal details of over 2.5 per cent of the UK’s population have been lost and could possibly end up used for identity theft.”
Meanwhile, Royal Liverpool and Broadgreen University Hospitals NHS Trust lost data of 49 patients in two separate incidents earlier this year, it emerged yesterday.
In one case, a member of the public returned a document containing names and clinical data. Five months later a medical bag containing data of 27 patients was stolen from a member of staff’s car.
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Security Analysis & Insight
What is your password worth?
Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.
- Macs under attack?
- Intel: security inside
- Are you spending too much on IT security?
- Does the government want to snoop on your data?
- Eurocrats versus the cyber criminals
- The truth about spam
- Google and privacy: What’s the problem?
- Q&A: Symantec’s CISO on the source code hack
- RSA: Back from the breach?
Latest Security Reviews
Check Point 2210 Appliance review
Rating: 
advertisement
Most popular
- UK regulator shuts down Angry Birds scam
- Apple iPad 3 vs iPad 2 head-to-head review
- IBM bans use of Siri on iPhones
- Chromebooks: What's gone wrong?
- HP plans massive job cuts
- EMC World 2012: Tucci declares Documentum is here to stay
- Dell EqualLogic PS6100XS review
- Macs and Android under malware threat
- RIM loses its head of sales
- Local fibre broadband needs common standards
Latest News Videos in Security
IT PRO Podcast: Are UK data protection laws flawed?
PlayWe bring in two experts to talk about the problems with UK data protection law and the way it is managed.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
