NHS laptop thefts highlight need for encryption

The loss of laptops containing the details of more than 30,000 NHS patients has highlighted the need for higher levels of data protection through encryption, according security consultancy NCC Group.

The loss of laptops containing the details of more than 30,000 NHS patients has highlighted the need for higher levels of data protection through encryption, according security consultancy NCC Group.

Six laptops stolen from a south London hospital contained details of about 20,000 patients. In another incident, a laptop holding 11,000 patient records was stolen from a doctor in Wolverhampton.

Department of Health regulations require confidential patient information stored on laptops to be encrypted, but the stolen laptops in both cases were protected only by passwords.

Ken Munro, director of penetration and security testing at NCC Group, said encryption was necessary because password protection was easily broken.

All patients involved were notified that the lost information included names, addresses, medical notes, dates of birth and medical histories.

In south London, the computers were stolen from a locked cabinet at St George's Hospital in Tooting, and in Wolverhampton the laptop was stolen in a burglary at a doctor's home.

Jon Crockett, chief executive, Wolverhampton City Primary Care Trust, said, "All GP practices in the city have been reminded of their responsibility for the safety and security of data held by their practices."




Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close