Welcome Guest | Login | Register | Why Register? |
Newsletter RSS Twitter
17 March 2010 | 05:18 GMT

E-Health-Insider E-Health Europe E-Health Jobs (UK only) E-Health Insider Events
HOME | CONTACT | NEWS | DOCUMENT LIBRARY | FEATURES | OPINION & ANALYSIS | EVENTS | RESEARCH REPORTS | CASE STUDIES

Prison health records on lost memory stick

Tags: Data breaches   Information Commissioner   Mental Health   PCT  

12 Jan 2009

An NHS worker lost a memory stick with the password attached containing patient information on over 6,000 prisoners.

Central Lancashire Primary Care Trust said personal details of more than 6,000 prisoners were carried on the USB memory stick, lost on 30 December.

The stick was being used to back up clinical databases at Her Majesty's Prison Preston. The stick carried data relating to 6,360 prisoners who have been treated by local health workers since 2000.

Although the patient data held on the stick was encrypted but the password had been written on a note, stuck to the stick when it was misplaced.

A spokesman for the PCT apologized for the data loss: "We are taking this very seriously, and we would like to apologise unreservedly for any concern this incident has caused. It should never have happened".

The PCT has suspended the member of staff who lost the stick with the attached password while the investigation is carried out.

The spokesperson added: “A thorough investigation is already underway, and urgent action has been taken to prevent it happening again.” All memory sticks being used by health staff in the area have been withdrawn and a review of data protection practices has begun.

Data held on the memory stick included data on the prisoners' ailments, such as diabetes, asthma, mental health and sexual health, but not full medical history.

In addition, the memory stick held saved documents, which include details such as prisoner surnames, their age range, cell location, prison number and clinic appointment times.

The case is the latest in a long line of data breaches by the NHS over the past year, despite the issuing of clear national guidelines on data governance use of mobile mass data storage devices, such as USB memory sticks.

In November the Information Commissioner reported that there had so far been 75 data breaches relating to the NHS and other health bodies, reported during the course of 2008.

 

© 2008 E-HEALTH-MEDIA LTD. ALL RIGHTS RESERVED.

Reader's Comments
Add a comment
Reader's Comments

1

Only one responsible is possible

14 Jan 09 09:01

Duh!

2

Shock - Horror - A mem stick went awol

14 Jan 09 13:01

It has to be said, it was just an accident waiting to happen.

Someone has a great idea to use mem sticks, cost effective, nice and small to carry around so management implement it.

Now this poor member of staff is suspended, but what about the managment that forced them to use a system that is inherintly flawed.

Staff may have a duty of care when this type of item is in their care, but managment must bear some of that responsibility. I smell a scape goat

3

Losing the stick isn't the issue

14 Jan 09 15:01

Writing the password down & sticking it on the stick itself is. Its negligent.

The system may need some improvement, but the lack of common sense is breathtaking.

Wonder if this member of staff writes the PIN number on their credit card?

Search
News Features Jobs Newsletters

Past: 24 hrs|7 days|Month

Featured_recruiters
Featured_recruiters
About Us | Advertise | Privacy Policy | Terms & Conditions | RSS Feed
E-Health Insider Primary Care is managed and maintained by E-Health-Media.com ©2010 E-Health-Media Limited.