Study finds patient data sold on eBay
By Nicole Kobie,
A hospital computer holding confidential patient data is but one worrying find in the University of Glamorgan's annual disk disposal survey.
The researchers examined 250 second-hand hard drives purchased online or at markets for the survey, which was sponsored by BT and Life Cycle Services. Some 62 per cent contained personal or corporate data, including personal financial details, maintenance information for an oil rig, and paedophile material which has since resulted in a police investigation in Wales.
Dr Iain Sutherland, the project co-ordinator for Glamorgan, said: "It is worrying that, in addition to home users, some quite high profile organisations have lost control of particularly sensitive data."
Earlier this year, IT PRO reported that less than half of UK companies take proper precautions when disposing of old computers containing sensitive data.
Jon Godfrey, managing director of Life Cycle Services, said: "Over the past three years the study has shown a slight reduction in the proportion of drives containing data. But this is not the true picture. We must consider the increase both in the size of the drives and the massive increase in their use. The volume of data being leaked has increased massively."
Dudley Group of Hospitals NHS Trust was told by the researchers that a computer hard drive previously owned by the trust containing private medical information had been up for sale on the online auction site.
In a statement, the trust said it had hired Siemens Medical Solutions to handle their IT disposal - who in turned subcontracted to Computer Disposals. All hard drives were supposed to be subjected to government standards for data wiping, which includes being written over three times.
"Unfortunately an investigation into how this particular hard drive has been openly purchased has not been able to identify the route at this stage, and the trust is continuing with its efforts to identify the source including the possibility of theft," Paul Farenden, the trust's chief executive said in a statement.
The university has securely wiped the computer. The trust and Siemens Medical have developed a set of recommendations to prevent data being left on disposed drives, and have changed the contract to include the use of a degausser to wipe hard drives using electromagnetic frequencies.
The survey was carried out alongside researchers from Edith Cowan University in Australia and Longwood University in the US.
advertisement
Latest Internet Features
Q&A: Motorola's enterprise VP John Coon
Acquisitions, restructuring and more mobility innovations feature in the future for Motorola.
- IT around the world: Russia
- Q&A: Orange's devices chief Francois Mahieu
- Q&A: Plusnet's Neil Armstrong
- Chinese web control an Olympic challenge for tech firms
- Hitting a home run with IM
- Q&A: Mozilla's Tristan Nitot
- Where will IT be in 2015?
- Keynote's Umang Gupta on the health of the Net
- Q&A: Tom Ilube, head of Garlik
Latest Internet Reviews
EXCLUSIVE - Astaro Web Gateway AWG3000
Rating: 
advertisement
Latest News Videos in Internet
Video: Q&A with Easynet Connect's Chris Stening
PlayIT PRO spoke to Chris Stening, managing director of Easynet’s SME division, about whether ISPs are giving businesses the service they deserve.
White papers
Want more background on today's hottest IT trends?
Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?