Thousands affected by Welsh medical data loss blunder

News of another significant data loss has emerged from sources at the Information Commissioner’s Office (ICO), with over 8000 people believed to have been affected after an incident at a medical practice in Wales.

An entire database detailing the 8000 residents covered by the Lampeter Medical Practice was transferred from central systems over to a USB drive by an employee. The drive was then put in the post for transport without any kind of encryption in place to ensure the protection of the data that it contained.

The intended recipient at the Heal Board’s Business Service Centre never received the USB drive and the ICO was informed that the drive was now considered lost. This despite the fact that the sender had paid for recorded delivery, which most would assume to be the best guarantee of getting a package from one place to the other without interference.

The ICO criticised the medical practice because of the fundamentally insecure method of posting sensitive data in order to transfer it from one place to another.

The ICO’s Sally-Anne Poole said that the organisations involved need to do more to raise awareness as to the dangers facing them in relation to data security, with the prevention of loss and embarrassment only possible if regulations were followed and portable storage devices properly encrypted.

In accordance with ICO policy, Dr Rowena Mathew, manager of the practice, has signed an undertaking which requires her to set out mandatory plans to roll out encryption across any other portable storage devices that the practice owns and uses. Staff are also to receive additional training in order to ensure that they understand the ways in which portable storage can be used responsibly and safely, and indeed the ways in which it can be a major weakness.

This data loss is the latest in a long line of incidents which some think prove that the NHS is still not facing up to the potential risks. The ICO’s statistics show that various branches of the organisation have been responsible for more data loss scandals than any other sector or group of businesses, with many calling for significant, grass roots changes including online data storage and handling.

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal