Receive our weekly newsletter

First name:
Surname:
E-mail:
Features
Scotland
US/Europe/Global
Universities
Hightech
Diary
Livewire
Gaberlunzie
Friday 4th July 2008

Laptops, discs and USB sticks in stolen and lost epidemic

Memory sticks on laptop join the lost disc security wave

Hot on the heels of The Ministry of Defence publishing Sir Edmund Burton's report into the lost laptops of January 2008, containing the personal details of individuals who expressed interest in joining the Armed Forces, comes news that a senior hospital manager has been suspended after a laptop containing unencrypted personal data of more than 20,000 patients was stole from the NHS staff member's car in an Edinburgh carpark. And in Edinburgh, another furore as a USB memory stick has gone missing also with confidential NHS patient information.

Sir Edmund Burton chairman of the Information Assurance Advisory found MOD policies and procedures are generally fit for purpose and cited examples of good practice by the Department, particularly the measures introduced after the loss which were effective in preventing similar damaging losses. But he identified a number of areas where MOD needs to do better in protecting personal data.

The stolen NHS computer, which held the names, dates of birth, postcodes and medical information  of patients, was take  from the NHS staff member's car during a holiday in Edinburgh nearly two weeks ago.nAll the individuals affected by the theft have been contacted, Colchester Hospital University NHS Foundation Trust said. A spokesman for the trust, based in Essex, said that police had been notified immediately after the theft and that an internal investigation was also under way.

Leaving unprotected personal information on laptops is against NHS guidelines. A spokesman for the Department of Health is reported as saying: "This is very much not something you want to be doing, and policy to this effect was made clear to NHS bodies at the start of this year."

Edinburgh
Concerns as to how NHS is handling personal information emerged as  files relating to up to 137 Scottish patients went missing. Copies of letters and memos containing sensitive medical details of up to 137 Scottish patients were stored on a USB memory stick by a health worker in NHS Lothian, in clear breach of data protection rules, and the device has been mislaid or gone missing.

The health board has called in the police and the worker, who is going through disciplinary proceedings, could be sacked. The worker, said to be an experienced employee, alerted managers to the problem last Thursday and an investigation was launched the same day.

All the premises involved have been searched and NHS IT security experts worked throughout the weekend to identify the patients affected.Attempts have been made to contact them by telephone and letter. They have been offered face to face meetings to discuss concerns and a helpline has been set up.

The incident comes less than two weeks after a disk containing information about almost a million 999 calls to the Scottish Ambulance Service, including phone numbers and names, was lost in transit.

David McLetchie, Scottish Conservative MSP for Edinburgh Pentlands, expressed grave concerns about the NHS Lothian loss and demanded urgent action to restore public confidence in the way sensitive files are handled.

Sources: http://www.theherald.co.uk/news

About Us
Contact Us
Advertise on this Site
Legal
Designed and maintained by Beachshore Design