Hospital trusts are once again being warned about the importance of data security after the Information Commissioner’s Office (ICO) found five more organisations in breach of the Data Protection Act.
It emerged that the Royal Free Hampstead NHS Trust had lost an unencrypted compact disk containing the 20,000 cardiology patients’ details.
An unencrypted memory stick was stolen from the Chelsea and Westminster Hospital Foundation trust, taking with it sensitive medical information of 143 patients.
The ICO also found that Epsom and St Helier University Hospital NHS Foundation trust had been storing hospital records insecurely for two years, and a ward handover sheet, containing information relating to 23 patients in the care of Surrey and Sussex NHS trust, was found on a bus.
Two laptop computers were also reported as stolen by the trust.
A further laptop, which was unencrypted, holding the personal data of 349 patients and 258 staff was also stolen from the Hampshire Partnership NHS trust.
Sally-Anne Poole, head of Enforcement and Investigations at the ICO, said: ‘Data protection must be a matter of good corporate governance and executive teams must ensure they have the right procedures in place to properly protect the personal information entrusted to them.’