St Albans patients' data was on stolen laptops

[Jon Turner <jjturner () gmail com>]

http://www.hertsad.co.uk/content/herts/news/story.aspx?brand=HADOnline&category=News&tBrand=HertsCambsOnline&tCategory=newslatestHAD&itemid=WEED06%20May%202009%2013%3A46%3A37%3A837

PERSONAL details of around 2,000 patients are in the hands of thieves
after three laptops containing confidential information were stolen in
separate incidents.

West Herts Hospitals Trust (WHHT) chief executive, Jan Filochowski,
has explained the situation and apologised to all patients of the
orthotic service whose names were contained on the stolen laptops.

He admitted although the first laptop was stolen in March 2006, the
second a year later and the most recent in February 2008, WHHT only
learned they contained patient identifiable data from orthotic service
providers Trulife last month.

Among the details contained on the computers were patients' hospital
reference numbers and details of their prescriptions.

One of those who received a letter was Pauline Day, of High Oaks, St
Albans, whose 13-year-old son had been a patient at the orthotic
clinic at City Hospital.

She said she had no idea that personal details had been stolen and
although they referred to patients of a foot clinic, she found it
rather disconcerting.

St Albans prospective parliamentary candidate, Sandy Walkington, said
it was just the latest example of public bodies losing potentially
sensitive personal data.

"It is particularly worrying after all the previous alarms that it
should have taken more than three years for the trust's service
provider to come clean on the loss of the first laptop and then reveal
two more had also been stolen.

"There is something deeply amiss with their reporting systems and
processes and we need reassurance that all the lessons have been
learned."

A WHHT spokesperson said they regarded it as a serious breach of
information security and had written to explain the situation to all
the families concerned and to apologise. They had also been given
contact numbers to call if they had concerns.

She added that they had reviewed their processes for telephone
contacts to ensure the data could not be used alone to retrieve
information about patients by phone.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)

CREDANT Technologies, a leader in data security, offers advanced data encryption solutions.
Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently 
across your enterprise to ensure regulatory compliance.
http://www.credant.com/stopdataloss