Calls for government agency review of data security after GP Data loss

Security firm Cyber-Ark has called for an urgent review of data security arrangements at all levels of UK government, following the latest data loss, this time from a laptop used by a Welsh GP's surgery.

"This latest government agency fiasco centres on the theft of a laptop from a Newport GP's surgery in early November. Here we are, approaching six weeks after the event, and only now do we learn that the names, addresses, dates of birth and phone numbers of as many as 3,000 patients, many of whom are in poor health, have been lost," said Calum Macleod, Cyber-Ark's European director.

"This is latest in a rash of data loss incidents spanning a variety of government departments, ranging from HMRC in the North-East to the DVLA in Northern Ireland," he added.

According to Macleod, there now needs to be a roots, tree and branch review of government and government agency security arrangements, with the possible formation of a public sector version of the Information Commissioners' Office, creating agency policy and offering guidance.

"The Citizen's Charter of 1991 gives people the right to demand certain levels of service from the government and its agencies, but the problem with all these data losses is that people only get to know about the problem generally and after the event," Macleod said.

"Those people affected by the recent spate of data losses, including the seven million parents of children whose data was lost by the HMRC's incompetence, could sue the government, citing the fact that the Citizen's Charter has been broken," he added.

Macleod noted that legal action may be the only way to force the government to undertake a review of its data security arrangements and foster a more sensible approach to the issue.