IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

NHS trust loses 800 patients' data

An unencrypted memory stick goes missing at East Surrey Hospital as another NHS data loss hits.

NHS

East Surrey Hospital lost medical data of 800 patients in late 2010, marking another low point in the life of NHS information security.

The Surrey and Sussex Healthcare NHS Trust, which runs the hospital, admitted the data went missing on an unencrypted memory stick in September 2010, the Crawley Observer reported.

The affected patients were never informed of the data loss. Lost data included operation details, names and dates of birth.

"All staff should always use encrypted memory sticks when transferring patient data," said chief executive of the NHS trust Michael Wilson.

"It is regrettable that this didn't happen on this occasion and the member of staff has been taken through the trust's disciplinary procedures and has received further training."

The details of the loss emerged in an annual 2010/11 report, which also showed there were another nine "near misses" where data went missing but was then found.

All staff should always use encrypted memory sticks when transferring patient data.

The Information Commissioner's Office (ICO) said the loss had been reported to the watchdog in late 2010.

"After investigating the breach the ICO warned the organisation that their policy covering the storage and use of personal data must be followed by staff and the trust must make sure that their staff are aware of their policy for the storage and use of personal data and are appropriately trained on how to follow it," the ICO said.

"The trust was also warned that any repetition of such an incident may result in formal regulatory action."

This is not the first time the Surrey and Sussex Healthcare NHS Trust has been caught out, however. In 2009, it emerged the body had two unencrypted laptops stolen, whilst an employee also left a sheet containing data on 23 patients on a bus.

The NHS has been hit by a plethora of data losses over the past few years. Last month, two trusts were found to have lost a tonne of patient data.

In the case of Eastern and Coastal Kent Primary Trust, 1.6 million individuals' data went missing after a CD containing the information was sent to a landfill site inside a filing cabinet, during a move of office premises.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

MoJ faces £17.5m GDPR fine over subject access request backlog
data protection

MoJ faces £17.5m GDPR fine over subject access request backlog

20 Jan 2022
Cabinet Office fined £500,000 for New Year Honours data leak
data breaches

Cabinet Office fined £500,000 for New Year Honours data leak

3 Dec 2021
ICO publishes new data protection standards for the adtech industry
data protection

ICO publishes new data protection standards for the adtech industry

25 Nov 2021
Secretary of State retires NHS Digital and NHSX
public sector

Secretary of State retires NHS Digital and NHSX

23 Nov 2021

Most Popular

Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
Costa Rica declares state of emergency following Conti ransomware attack
ransomware

Costa Rica declares state of emergency following Conti ransomware attack

10 May 2022
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022