With high profile stories of damaging data leakages from public sector organisations seemingly occurring every week for the past year or so, the news that the Information Commissioner has complained to the Department of Health over 140 such breaches in the past four months alone, comes as no great surprise, a data security firm claims.
Commissioner Richard Thomas has written to the permanent secretary, Hugh Taylor, to highlight the data control problems at 14 NHS trusts and other health organisations.
Don Smith, technical director at dns, a consultancy specialising in information security services said. “The NHS holds large amounts of sensitive patient data and so to have over 140 breaches in four months is unacceptable. Patients should be angry about these incidents as it appears the high profile and costly breaches that have appeared in the press over the past year have had no effect on some organisations’ IT security strategy.”
The DoH and NHS have security policies in place that are designed to stop such leakages, however, Smith believes the problem lies in the fact that they are not implementing them successfully throughout the organisation. “Implementing security policies is all very well, but unless organisations have buy-in from staff there is always a risk that there will be unintentional breaches alongside malicious activity. A proper introduction to the policies and technology can maintain confidentiality and save time, money and reputation at a later stage.”
The news does not get much better for the DoH with the ICO set to release more details of the data breaches over the coming days. “It is now time that both public and private sector organisations look not only at the policies they have in place, but how they are implemented at grass-root level. We have seen increasing numbers of companies approaching security experts who can help manage data and threats on a 24/7 basis. By enforcing security in this way organisations can avoid such critical breaches, and go some way to regain the public trust that has undoubtedly been lost.”
