NHS trust loses 800 patients' data
By Tom Brewster,
East Surrey Hospital lost medical data of 800 patients in late 2010, marking another low point in the life of NHS information security.
The Surrey and Sussex Healthcare NHS Trust, which runs the hospital, admitted the data went missing on an unencrypted memory stick in September 2010, the Crawley Observer reported.
The affected patients were never informed of the data loss. Lost data included operation details, names and dates of birth.
“All staff should always use encrypted memory sticks when transferring patient data,” said chief executive of the NHS trust Michael Wilson.
“It is regrettable that this didn’t happen on this occasion and the member of staff has been taken through the trust’s disciplinary procedures and has received further training.”
The details of the loss emerged in an annual 2010/11 report, which also showed there were another nine “near misses” where data went missing but was then found.
All staff should always use encrypted memory sticks when transferring patient data.
The Information Commissioner’s Office (ICO) said the loss had been reported to the watchdog in late 2010.
“After investigating the breach the ICO warned the organisation that their policy covering the storage and use of personal data must be followed by staff and the trust must make sure that their staff are aware of their policy for the storage and use of personal data and are appropriately trained on how to follow it,” the ICO said.
“The trust was also warned that any repetition of such an incident may result in formal regulatory action.”
This is not the first time the Surrey and Sussex Healthcare NHS Trust has been caught out, however. In 2009, it emerged the body had two unencrypted laptops stolen, whilst an employee also left a sheet containing data on 23 patients on a bus.
The NHS has been hit by a plethora of data losses over the past few years. Last month, two trusts were found to have lost a tonne of patient data.
In the case of Eastern and Coastal Kent Primary Trust, 1.6 million individuals’ data went missing after a CD containing the information was sent to a landfill site inside a filing cabinet, during a move of office premises.
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Security Analysis & Insight
What is your password worth?
Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.
- Macs under attack?
- Intel: security inside
- Are you spending too much on IT security?
- Does the government want to snoop on your data?
- Eurocrats versus the cyber criminals
- The truth about spam
- Google and privacy: What’s the problem?
- Q&A: Symantec’s CISO on the source code hack
- RSA: Back from the breach?
Latest Security Reviews
Check Point 2210 Appliance review
Rating: 
advertisement
Most popular
- UK regulator shuts down Angry Birds scam
- Apple iPad 3 vs iPad 2 head-to-head review
- IBM bans use of Siri on iPhones
- Chromebooks: What's gone wrong?
- HP plans massive job cuts
- EMC World 2012: Tucci declares Documentum is here to stay
- Dell EqualLogic PS6100XS review
- Macs and Android under malware threat
- RIM loses its head of sales
- Local fibre broadband needs common standards
Latest News Videos in Security
IT PRO Podcast: Are UK data protection laws flawed?
PlayWe bring in two experts to talk about the problems with UK data protection law and the way it is managed.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
