BreachExchange mailing list archives
Rap over lost hospital data
From: Jon Turner <jjturner () gmail com>
Date: Thu, 30 Apr 2009 08:48:53 +0100
http://www.cambridge-news.co.uk/cn_news_home/displayarticle.asp?id=412764 ADDENBROOKE'S has been ordered to tighten security on personal data after a member of staff lost a memory stick containing the medical details of 741 patients. The hospital is one of four NHS trusts found to be in breach of the Data Protection Act in a ruling by the Information Commissioner's Office (ICO) today (Thursday, 30 April). The unencrypted memory stick containing "medical treatment details" of 741 patients was found by a car wash attendant after an Addenbrooke's member of staff "left it in an unattended vehicle", the watchdog revealed. The attendant "was able to access the contents to establish ownership". The information was downloaded without the permission of Addenbrooke's and the trust reported the loss, the ICO said. Mick Gorrill, assistant information commissioner at the ICO, warned that NHS trusts which lose personal data "risk losing the confidence of patients and their families". The incident is the third high-profile data loss incident at Addenbrooke's in recent months. In April 2008, a female member of staff lost printed information on types of medical tests to be undertaken by 1,252 patients, along with their NHS numbers, while she was travelling on public transport. In November 2008, Haverhill resident Nicola Marsh received letters containing medical records of two other patients from Addenbrooke's. The ICO has ordered Addenbrooke's to sign a formal undertaking that it will process information in line with the Data Protection Act, with immediate effect. Mr Gorrill said: "These four cases serve as a stark reminder to all NHS organisations that sensitive patient information is not always being handled with adequate security." Addenbrooke's did not state when the incident took place. A hospital spokesman said the memory stick was only viewed by the car wash attendant before being returned immediately, and "patient confidentiality was not compromised". _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) CREDANT Technologies, a leader in data security, offers advanced data encryption solutions. Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently across your enterprise to ensure regulatory compliance. http://www.credant.com/stopdataloss
Current thread:
- Rap over lost hospital data Jon Turner (Apr 30)