Scottish ministers told to “get a grip” on data security
Ben Borland of the Express reports on previously undisclosed breaches involving PII and/or PHI, but I note that BBC provides slightly different coverage. I’ve indicated the BBC’s statements in italics, below.
More than 200 electronic items were stolen or lost in the first six months of the year, including PCs, laptops, phones and Blackberries. The haul is likely to have cost the taxpayer anything up to £100,000.
In the health care sector:
- Greater Glasgow and Clyde NHS Board reported stolen 20 computers taken from Yorkhill children’s hospital that may have contained patient records. Greater Glasgow and Clyde NHS board reported the theft of eight laptops, six hard drives and three PCs. This included two laptops stolen from the paediatrics department at Yorkhill Hospital in March of this year and a PC stolen from the X-ray viewing room at the Western Infirmary in April.
- NHS Forth Valley lost files on 56 patients and 107 staff, while NHS Ayrshire and Arran had five laptops stolen, one containing the names, date of births and postcodes of more than 100 drug addicts using a needle exchange programme.
- West Dumbartonshire Council had 60 computers worth £30,000 stolen from its schools, while City of Edinburgh Council admitted that five laptops containing the “personal data” of 10 people were stolen from a children and families centre.
- In addition, Lothian and Borders Police has had 10 palmtop computers stolen since 2007, while Strathclyde Police has lost a magnetic tape containing staff records and a USB memory stick containing investigation files. Meanwhile, Strathclyde Police reported an unencrypted USB stick containing investigation files as missing.
Most equipment missing from councils was either encrypted or contained no personal details.