A follow-up from Scotsman.com on a breach at the Edinburgh Royal Infirmary mentioned previously on this blog:
… NHS Lothian last night said that the cleaner had not breached the hospital’s computer systems and said instead that her name was on a computerised floor plan in the A&E ward.
Jackie Sansbury, chief operating officer at NHS Lothian, insisted the cleaner had no access to private medical records.
She said: “A full review of our confidential patient record and monitoring system has been carried out and shows our systems were not breached.
“This in no way excuses behaviour of this kind and security messages have been reinforced to our staff and sub-contracted employees that they comply with data security guidelines.
So wait… does that mean that they will no longer leave computerized screens showing patient names on and unattended? Or does it mean that they’ll continue to do that and just hope that subcontracted employees won’t look at it or misuse what they see?