The Herts Advertiser is reporting that although West Herts Hospitals Trust was aware that three laptops had been stolen — the first in March 2006, the second in 2007, and the third in February 2008 — it was only last month that the trust learned that they contained personally identifiable patient data. The way the story is worded, it sounds like orthotic service providers Trulife first informed them last month that identifiable information was on the laptops. Approximately 2,000 patients are affected by the stolen laptops.
Although the nature of the data — patient names and prescriptions — is not as sensitive as some other types of patient data, someone is likely to get their knuckles rapped by the ICO for this.