Maidstone and Tunbridge Wells NHS Trust has pledged to improve the security of patients’ personal information after the Information Commissioner’s Office (ICO) found it in breach of the Data Protection Act.
The ICO was provided with a report from the Director of ICT regarding the theft of a laptop computer from the Audiology Department. The unencrypted laptop contained sensitive personal data regarding audiology test results for 33 patients, personal data held between 2006 and 2009 and personal details relating to an unknown number of patients between 2003 and 2006. Three encrypted laptops were also stolen in August 2009 from the Trust’s Maidstone site.
The Trust has signed an Undertaking declaring that any personal data held on a laptop computer or other removable media by the data controller will be identified and encrypted within 6 months. The Trust will also improve security measures to ensure personal data is more effectively protected from theft.
Source: ICO