A hospital trust in Salford has been the latest to be told off be the Information Commissioner's Office (ICO) over a data breach.
Salford Royal NHS Foundation Trust was found to have breached the Data Protection Act after a laptop with medical data about 3,500 patients was stolen from an office.
While the laptop did have a basic Windows password in place, the data was unencrypted and the hospital failed to make the breach public.
"Initially, the incident was treated only as a theft of equipment, resulting in a delay of over one month in reporting and investigating the loss of personal data," the ICO noted in its enforcement notice.
The ICO has made the trust sign a "formal undertaking," which requires it to encrypt personal data and take better care protecting access to such equipment.
"The Salford Royal NHS Foundation Trust recognises the seriousness of this data loss and has agreed to take immediate remedial action," Mick Gorrill, assistant Information Commissioner, said in a statement. "It has also agreed to conduct future audits to ensure compliance with the Act."
Gorrill added that he was worried about data care across the NHS - a concern the ICO has recently complained to the Department of Health about. "I am increasingly concerned about the way some NHS organisations are failing to securely hold people's health and personal information. Organisations must implement appropriate safeguards to ensure personal details about patients do not fall into the wrong hands.
The trust had not responded to our request for comment at the time of publication.
Click here to read the top 10 lessons organisations should learn about data breaches.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
NHS leaders are keen to adopt new digital tools, but IT can't solve problems on its ownA survey of healthcare decision-makers finds they believe IoT devices and electronic health recording could help them reach more patients quicker
-
Will the NHS Federated Data Platform transform UK healthcare?In-depth Plans to create a data platform in partnership with the private sector could revolutionize NHS treatment, but concerns over data privacy and security are festering
-
Panel Profile: MKUH NHS Foundation Trust CTO Craig YorkIT Pro Panel We get face-to-face with one of the IT Pro Panellists
-
Health Secretary bans pagers from NHS hospitalsNews Decades-old comms tech is destined for the scrapheap by 2021
-
The NHS still owns - and uses - almost 9,000 fax machinesNews A poll by the Royal College of Surgeons revealed NHS trusts are hanging onto outdated technology
-
Jeremy Hunt calls for NHS to go digitalNews Patients should be able to access their medical records via an app, health secretary says
-
NHS Trusts spend £150,000 per day on new PCsNews FoI: NHS trusts have dumped 240,000 devices since 2013
-
Blind NHS patients to get bionic eyesNews Second Sight's Argus II tested by the NHS to give blind patients limited vision
