Health chiefs 'sorry' over personal data breach
Dan GrimmerHealth bosses in Norfolk said they were reviewing security procedures after personal information of more than 1,000 patients and staff was leaked following the theft of two computers.Dan Grimmer
Health bosses in Norfolk are reviewing security procedures after personal information of more than 1,000 patients and staff was leaked following the theft of two computers.
Yarmouth and Waveney Primary Care Trust (PCT) has been found in breach of the data protection act as 'sensitive' information relating to people's physical and mental health was stored on the stolen computers, as well as some details about trade union membership.
The data was held on the computers rather than on a network server and was not password protected. The premises did not have an intruder alarm system, the internal office doors did not have security locks and the computers were not protected by special software.
The burglary, in August this year at the Ferryside occupational therapy building in Gorleston, involved two desktop PCs which held information mainly about occupational therapy patients and also some personal details on staff.
You may also want to watch:
The data breach was discovered by the Information Commissioner's Office (ICO), which has advised the trust to take remedial action and ensure adequate security measures are in place to prevent unauthorised access to personal data.
Also health bosses were told that personal data should be held on a portable device and be suitably encrypted and to ensure that staff were aware of the policies for the storage and use of personal data.
- 1 Classic VW camper van gutted by fire on A47
- 2 Lowestoft woman accused of setting her own flat on fire
- 3 ‘Great opportunity’: Flats in coastal town set for auction
- 4 Fire fighters battle woodland blaze near Lowestoft
- 5 Filthy houses sought to feature in Channel 5 show
- 6 Thief smashed window to steal money box from car
- 7 Development of iconic Gull Wing bridge to be documented by local company
- 8 Girl's horse riding dreams shattered after vandals target equipment
- 9 New policy unveiled for commemorative benches across district
- 10 Visually impaired woman urges people with diabetes to get retinal screenings
Mick Gorrill, assistant information commissioner at the ICO, said: 'This case has put thousands of patients' sensitive personal information at risk. Personal information is valuable and keeping it safe and secure should be at the heart of good corporate governance.
'I am pleased the primary care trust has taken steps to ensure patient data does not fall into the wrong hands.'
Rebecca Driver, associate director for communications and engagement for NHS Yarmouth and Waveney, said the trust was 'extremely sorry' for what happened and letters were sent at the time to the patients who were receiving care.
She said: 'The matter was reported to the police and we continue to work in partnership with them to find out who is responsible for the theft and whether the equipment and information can be retrieved.
'As a result of this incident NHS Yarmouth and Waveney Community Services immediately reviewed the processes and systems in place with a view to ensuring increased security of all personal information so this never happens again. All staff, equipment and records have been moved out of the building.'