Patient records are being better protected thanks to the use of new encrypted USB sticks at the Royal Marsden hospital.
In the mid 19th century the Royal Marsden was one of the first establishments to pioneer a set of cancer treatments and it is leading the way once more with its new campaign to improve data protection, taking seriously the threats of data loss and theft that befall many hundreds of public and private organisations each year.
The staff of the Royal Marsden Hospital have been given training on the safe use of portable USB storage and are generally advised to avoid transporting data on such devices unless there is no alternative option available.
According to a spokesperson for USB security expert IronKey, the staff at the hospital are now in the habit of only using a secure USB stick if they absolutely have to transport personal data.
The benefits of using secured USB sticks were obvious to the management of the Royal Marsden hospital, according to IronKey. They comply with the Federal Information Processing Standards with Level 3 certification, which allows for the devices to be remotely disabled.
If several login attempts are made unsuccessfully the devices will automatically destroy all of the data they contain irrecoverably, ensuring that only those with a legitimate need to access the data will be able to use it.
The USB sticks are also subject to a decryption process that must be performed by software before the data is usable. However, this can be remotely accessed, which has allowed the hospital management to extend the availability of data to off-site premises operated by the Royal Marsden but not directly connected to its internal network.
Director of IT at the Royal Marsden hospital, John Reed, said that he and his colleagues did not want to suffer the damaging consequences of data theft.
Mr Reed said that maintaining the trust of the individual patient was essential to the continued success of the hospital and asserted that doing the bare minimum to comply with government standards for data security was often not good enough. He believes that the Marsden is proactive in the fight against data loss and that preventing it would require significant investment.
