Receive our weekly newsletter

First name:
Surname:
E-mail:
Features
Scotland
US/Europe/Global
Universities
Hightech
Diary
Livewire
Gaberlunzie
Custom Search

Who carries the can?

Thursday 14th August 2008
Acharacle where computer was misdelivered. Courtesy: www.shielfestival.freeuk.com/

A misdelivered computer to Acharacle, able to access patients records is misdirected by the NHS and draws an apology. A computer with unencrypted information is stolen from a Colchester University Hospital manager's car warents his dismissal. Lost Home Office data in transit to UK Borders authority is lost in March but that matter also dismissed as being before government introduced encryption for posted data.

A new hi-tech computer which  enables dentists to bring up patients’ records at the touch of a button was misdirected by the NHS department to Ken Gill, who retired a year ago after 36 years’ NHS service, eight of them spent at Acharacle, caring for the teeth of 1,200 patients on the Ardnamurchan peninsula. He was astounded when the £1,000-plus IT package bearing his name arrived at the village surgery.

“It makes one wonder just how many other retired dentists have received the same, " he said adding that if the computer fell into the wrong hands, it could have given access to patient’s confidential records. He added: “The whole package, including having someone set it up and inspect it, must have been over £1,000.”

The N3 Connections computer and printer was delivered to the village dental surgery, which was taken over last year. Principals from a Lancashire chain of surgeries bought the Top Shop Surgery after Mr Gill stepped into retirement and reopened last October 23 with a German dentist at the helm.

Mr Gill said similar equipment had been delivered to the surgery’s new owners a couple of months ago. The system enables health professionals to access patients’ details across Scotland.“I would have expected everyone to be well aware of my retirement in light of the many run-ins I have had with the NHS,” he said.

The equipment delivered will now be re-collected by NHS National Services, Scotland, a support and procurement organisation. A spokeswoman for NHS National Services said: “We have rolled out 800 computers and this was a simple administrative error for which we can only apologise.”

But Colchester metes out dismissal
Colchester University Hospital has sacked one of its managers following the theft of his work laptop – containing the unencrypted names, postcodes and treatment plans of several thousand patients – from a car in June. “Following a disciplinary hearing held after a detailed investigation, the senior manager whose hospital laptop computer was stolen has been dismissed from the Trust with immediate effect," said Peter Murphy, CEO of Colchester Hospital University NHS Foundation Trust.
 
“The unanimous decision of the disciplinary panel sends out a clear statement about how seriously the Trust takes security and patient confidentiality,” Murphy said adding that the Trust would follow the recommendations from the report and an external consultancy would carry out an independent assessment of its procedures and protocols on data security.

Jamie Cowper, director of marketing for EMEA at PGP Corporation, said this latest incident again demonstrates the serious problems with security that exist within the public sector. "However, it also shows that disciplinary bodies are getting increasingly tough with those people that contravene data protection policies," Cowper added. "Clearly, the public sector wants to be seen to be addressing this problem."

Cowper said the weakest link in data protection is more often than not the end user, but the real lesson to be learnt was that technologies such as encryption should be implemented and managed on an enterprise-wide basis, not left up to the individual.

"Unless there is evidence of grievous misconduct, the responsibility for data security should lie with the organisation as a whole – and that means that in cases such as this, punishment should be top down rather than bottom up,” he said.

Home Office also guilty of data loss
The Home Office lost the personal data, including names, nationalities, passport numbers and dates of birth, of 3,000 seasonal agricultural workers in March, it has been revealed. The data was sent on two unencrypted CDs and lost in transit to the UK Borders Authority in March 2008.

The incident was reported to the Information Commissioner's Office but only now been made public in the Home Office's 2007-08 resource accounts. The data was lost before the government introduced an encryption service, which must be used for all data sent by post.

The Home Office has also revealed the progress of its modernisation programme, started in February 2001 with contractor Sirius, a specially consortium of Fujitsu, PWC (who have now left the contract) and Global Crossing. Under the 10 year life span of the programme, Sirius will develop the Home Office e-mail, Intranet, Extranet and telephone voice services, supporting an estimated 19,000 desktops.

"The contract is treated as off balance sheet with the separation of payment streams to the contractor for IT and telephony charged to the operating cost," read the document. Potential costs incurred if the Sirius IT contract was terminated is £12m, notes Home Office document

Sources: http://www.pressandjournal.co.uk
http://news.zdnet.co.uk

Website : beachshore