The Telegraph reports that Central Lancashire Primary Care Trust has lost a data stick containing sensitive personal information about 6,360 prisoners. In what seems like a prime candidate for prosecution when new laws about reckless data loss arrive, a staff member placed health information about HMP Preston inmates on a USB stick, encrypted it and then attached the password to the device before losing it.
This sort of behaviour is completely inexcusable, particularly since it was a healthcare worker who lost the data - someone who absolutely should know better. The PCT is conducting an investigation, and I trust that they will publish the results - and details of disciplinary action that must be seen to follow.
