Monday, May 25, 2009

UK Govt Health Service lost patient data 140 times

So far this year.


The personal medical records of tens of thousands of people have been lost by the NHS, the Department of Health has confirmed.

A total of 140 security breaches were reported within the NHS between January and April this year.

These included computers containing medical records stolen and left by skips and stolen and passwords taped on encrypted discs with sensitive information, The Independent newspaper said.

Over the last six months, the Information Commissioner has been forced to take action against 14 NHS bodies for breaching data regulations.

In an interview with the newspaper, Commissioner Richard Thomas, said the watchdog had ordered an urgent review of data security in the health service.

Mr Thomas has written to the Department of Health calling for immediate improvements to the lax treatment of personal data within the NHS.

The Independent reported that Mr Thomas plans to send in a "crack team" of inspectors to examine how data is protected by hospitals and medical workers across Britain.

One GP downloaded a complete patient database, including the medical histories of 10,000 people, on to an unsecured laptop, the newspaper reported. The laptop was then said to have been stolen from his home and never retrieved. In another alleged breach, a memory stick containing the medical histories of 6,360 prison patients and ex-inmates of Preston prison was lost. Though the data was encrypted, the password was written on a note that was attached to the device.