Safe in their hands

This doesn’t really need any comment:

Health bosses in Nottinghamshire have issued a warning after a laptop containing information on about 11,000 young children was stolen. The laptop was one of three taken from an office at King’s Mill Hospital in Sutton-in-Ashfield on 21 March.

It contained the names, addresses and dates of birth of children from the Newark, Mansfield and Ashfield areas.

Nottinghamshire Primary Care Trust (PCT) said the matter was being taken “extremely seriously”.

The information on the computer concerned children aged eight months to eight-years-old.

Apparently “the information on the device is protected by a password.”

Wow.

Advertisements

6 Responses to Safe in their hands

  1. rainmanlite says:

    I think you’re being a little unfair here. The article isn’t clear, but this doesn’t sound like the result of carelessness on the part of a council employee; the blame is likely to lie primarily with the individual(s) who forced the lock on the office door and ransacked the place.
    Nevertheless, this sort of data would be better kept on a secure server and accessed via the Internet, with the transmission protected by high-quality firewall software. If banks and large businesses feel able to do this in safety, I see no reason why the NHS could not take the same measures.

  2. archrights says:

    Rainmanlite, I’ve said before that if you’re run over by a JCB, it doesn’t really matter what the cause was! The fact is that this was a serious security breach, however it happened, and protecting sensitive data from being stolen in any way whatsoever is the responsibility of the org holding the data. As this example graphically demonstrates, leaving a laptop in a locked office isn’t adequate security (Nationwide BS has just been fined almost £1m by the financial services authority because of theft of a laptop containing customer names and account numbers).

    A few weeks ago we mentioned the ‘eCAF’ pilots that are going on, and that the instructions to employees are mainly concerned with instruction about how to upload eCAFs from a laptop to the office via the internet. These eCAF forms collect the most sensitive personal data imaginable from children and parents – a gift to blackmailers, paedophiles or identity fraudsters. We can’t simply say “bad luck” to the case worker who is mugged or burgled. The possibility of straight, low-tech theft ought to preclude the holding of sensitive data on laptops altogether.

  3. Yes, I don’t think the item is unfair Rainmanlite, it highlights the risk that having such info on an easy to carry (away) device is going to become commonplace if the overall security of the operation isn’t stepped up.
    And with the implicit value of that data, laptops will be a target…a financial body gets fined heavily for having lost financial details, what price childrens personal data?

  4. Carlotta says:

    I would never give consent to holding this type of information about my family on any sort of laptop. Doesn’t look as if consent is the issue here though. How dare they play fast and loose with information that should rightly be for a family to share or not to share as they see fit.

  5. […] We’d just been having a discussion in the comments section of this, when I noticed this: Children’s social workers will receive a £13 million boost to help pay […]

  6. rainmanlite says:

    I’m not saying you’re wrong, merely that I don’t believe any blame should be attached to the individual to whom the laptop was issued.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: