NHS trust loses 800 patients' data
An unencrypted memory stick goes missing at East Surrey Hospital as another NHS data loss hits.
East Surrey Hospital lost medical data of 800 patients in late 2010, marking another low point in the life of NHS information security.
The Surrey and Sussex Healthcare NHS Trust, which runs the hospital, admitted the data went missing on an unencrypted memory stick in September 2010, the Crawley Observer reported.
The affected patients were never informed of the data loss. Lost data included operation details, names and dates of birth.
"All staff should always use encrypted memory sticks when transferring patient data," said chief executive of the NHS trust Michael Wilson.
"It is regrettable that this didn't happen on this occasion and the member of staff has been taken through the trust's disciplinary procedures and has received further training."
The details of the loss emerged in an annual 2010/11 report, which also showed there were another nine "near misses" where data went missing but was then found.
All staff should always use encrypted memory sticks when transferring patient data.
The Information Commissioner's Office (ICO) said the loss had been reported to the watchdog in late 2010.
"After investigating the breach the ICO warned the organisation that their policy covering the storage and use of personal data must be followed by staff and the trust must make sure that their staff are aware of their policy for the storage and use of personal data and are appropriately trained on how to follow it," the ICO said.
"The trust was also warned that any repetition of such an incident may result in formal regulatory action."
This is not the first time the Surrey and Sussex Healthcare NHS Trust has been caught out, however. In 2009, it emerged the body had two unencrypted laptops stolen, whilst an employee also left a sheet containing data on 23 patients on a bus.
The NHS has been hit by a plethora of data losses over the past few years. Last month, two trusts were found to have lost a tonne of patient data.
In the case of Eastern and Coastal Kent Primary Trust, 1.6 million individuals' data went missing after a CD containing the information was sent to a landfill site inside a filing cabinet, during a move of office premises.
How to choose an AI vendor
Five key things to look for in an AI vendorDownload now
The UK 2020 Databerg report
Cloud adoption trends in the UK and recommendations for cloud migrationDownload now
2021 state of email security report: Ransomware on the rise
Securing the enterprise in the COVID worldDownload now
The impact of AWS in the UK
How AWS is powering Britain's fastest-growing companiesDownload now