BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Rap over lost hospital data

From: Jon Turner <jjturner () gmail com>
Date: Thu, 30 Apr 2009 08:48:53 +0100
http://www.cambridge-news.co.uk/cn_news_home/displayarticle.asp?id=412764

ADDENBROOKE'S has been ordered to tighten security on personal data
after a member of staff lost a memory stick containing the medical
details of 741 patients.

The hospital is one of four NHS trusts found to be in breach of the
Data Protection Act in a ruling by the Information Commissioner's
Office (ICO) today (Thursday, 30 April).

The unencrypted memory stick containing "medical treatment details" of
741 patients was found by a car wash attendant after an Addenbrooke's
member of staff "left it in an unattended vehicle", the watchdog
revealed.

The attendant "was able to access the contents to establish
ownership". The information was downloaded without the permission of
Addenbrooke's and the trust reported the loss, the ICO said.

Mick Gorrill, assistant information commissioner at the ICO, warned
that NHS trusts which lose personal data "risk losing the confidence
of patients and their families".

The incident is the third high-profile data loss incident at
Addenbrooke's in recent months.

In April 2008, a female member of staff lost printed information on
types of medical tests to be undertaken by 1,252 patients, along with
their NHS numbers, while she was travelling on public transport.

In November 2008, Haverhill resident Nicola Marsh received letters
containing medical records of two other patients from Addenbrooke's.

The ICO has ordered Addenbrooke's to sign a formal undertaking that it
will process information in line with the Data Protection Act, with
immediate effect.

Mr Gorrill said: "These four cases serve as a stark reminder to all
NHS organisations that sensitive patient information is not always
being handled with adequate security."

Addenbrooke's did not state when the incident took place. A hospital
spokesman said the memory stick was only viewed by the car wash
attendant before being returned immediately, and "patient
confidentiality was not compromised".
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)

CREDANT Technologies, a leader in data security, offers advanced data encryption solutions.
Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently 
across your enterprise to ensure regulatory compliance.
http://www.credant.com/stopdataloss
Previous By Date Next
Previous By Thread Next

Current thread: