Data loss NHS trust boosts security

An NHS trust has changed its data protection procedures after a junior doctor lost a memory stick on a train.

The East and North Hertfordshire NHS Trust doctor had recorded details of patients' conditions and medication.

He was meant to hand the memory stick to the next doctor on shift but forgot and lost the unencrypted device on the way home.

Peter Gibson from the trust said its computers would now only recognise its own encrypted memory sticks.

The Information Commissioner's Office (ICO) said earlier that NHS trusts should not risk data breaches.

An ICO statement said the trust's policies on the use of personal USB sticks were not clear and no technical measures were in place to prevent misuse of portable devices.

Mick Gorrill, head of enforcement at the ICO, said: "Storing sensitive personal data on unencrypted data sticks is a risk trusts should not be willing to take.

"If it is vital to store information for handover, this must be done with the highest security measures in place."

Mr Gibson said trust computers will now only recognise its own encrypted USB sticks: "If you try and put a memory stick into a computer now it will reject it and so you can't use it.

"The encrypted sticks are the only ones on which information can be put, whatever that information is, and that makes them completely safe in terms of if they are ever lost no-one can ever access the information."