More patient data lost
The Manchester Evening News is reporting that yet more NHS data has been lost, following on from last week's revelations of a lost NHS USB data stick.
After media reports of the lost Stockton data stick, a student in Greater Manchester realised that she had picked up a USB drive last August that could have relevant data on it. Lo and behold, when she accessed the data, it turned out that over 340 patients' details were accessible and unencrypted.
From the article:
"A computer memory stick holding confidential medical information and personal details of hundreds of people was found in a car park.
The names, addresses, dates of birth, home and mobile phone numbers and conditions of more than 340 patients were on the device - but no one had noticed it was missing even though it had been lost for several months.
Health bosses have launched an investigation after it was passed to the [Manchester Evening News].
Most of the patients listed have diabetes and were part of a trial in preparation for a scheme providing eye tests for more than 10,000 people across Greater Manchester. The data stick contains encryption software but this had not been activated, meaning anyone could access the information.
It is understood that the information on the memory stick relates to patients of Specsavers at 17 The Birtles in Wythenshawe, although they came from areas including Salford, Marple, Stretford, Northenden, Stockport, Timperley and Sale.
Health bosses will urgently write to all the patients involved to apologise and arrange to address any concerns."
The news broke on the same day that the Ministry of Justice revealed it had lost four discs containing data, in the post, while news broke over the weekend that the Ministry of Defence lost details on upwards of 600,000 potential or actual recruits this month.
IT consultants criticised events leading to the slew of data loss incidents that have recently come to light.
Paul Vlissidis, technical director of NCC Group’s ethical security testing division, said:
“Organisations need to wake up to the fact that their data is precious and enforce its protection properly. This means no more storing hundreds of thousands of sensitive records on unencrypted hard discs, [and] bans on taking information off-site. I doubt Fort Knox would let staff take gold home with them for the weekend."