NHS loses CD of 1.6 MILLION patients' records
'We reassure you it was old data'. Sure, my DOB's changed
What you need to know about cloud backup
An NHS trust has told patients that it is acting to improve its data handling practices after a rebuke from the Information Commissioner's Office (ICO) for losing a CD containing details on 1.6 million people.
Chief executive of NHS Kent and Medway Ann Sutton said that information is now more secure following the implementation of encryption systems to replace the use of floppy discs and CDs.
Last week the trust was handed an undertaking by the information watchdog after sending the personal information to a landfill during an office move in March. The ICO said the data contained the names, addresses, dates of birth, NHS numbers and GP details of those affected.
In a statement on the trust's website, Sutton said that the data had not been recovered and that the trust had accepted the ICO's report on the incident.
She said: "While the breach was unfortunate, I would like to reassure patients that the data stored in the filing cabinet was not current - the most recent information was from 2002.
Sutton added: "We have already strengthened our information governance policies, procedures and training on the basis of our internal investigation of the incident. The information commissioner's recommendations to improve them further will be implemented fully." ®
This article was originally published at Guardian Professional. Join the Guardian Healthcare Network to receive regular emails on NHS innovation.
COMMENTS
Oh so it's _old_ data? That's fine, I don't mind people knowing that I used to be a borderline psychopath on eight different drugs (plus the two for my STDs)
[Anonymous cos actually I do mind really...]
The only lessons learnt ...
... are that if you do something wrong, nothing happens in the uncivil service.
Unless the "lessons learnt" are: "You make a serious mistake with people's personal information = you get fired" then there will be no reason for these complete incompetent fuckwits to change their behaviour.
"Sutton added: We have already strengthened our information governance policies, procedures and training on the basis of our internal investigation of the incident. The information commissioner's recommendations to improve them further will be implemented fully."
How many more times are we going to hear this meaningless rubbish about "learning lessons"?
Yet again the NHS has repeatedly demonstrated that it is incapable of handling sensitive data.
(AC 'cause I work for the NHS)

IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Steps to Take Before Choosing a Business Continuity Partner
Enabling efficient data center monitoring
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider