In yet another incident of serious breach of data security, a NHS laptop apparently containing detail records of eight million patients was lost three weeks back.
The laptop belonged to a subsidiary of NHS North Central London health authority and the patient data reportedly contained in it was un-encrypted which heightens the security risk associated with loss.
The Information Commissioners Office has taken a serious note of the issue and in a statement mentioned “Any allegation that sensitive personal information has been compromised is concerning, and we will now make inquiries to establish the full facts of this alleged data breach”.
While the lost laptop did not contain the name of patients, it did include several details like pin codes, age, gender etc which can used to identify individuals and in the hands of a criminal can become a potent blackmail tool.
Incidents of leak and theft of customer records have become increasingly common in UK and the ICO has attempted to enforce strict penalties to avoid such incidences. However even with rules that allow the ICO to impose fines of up to £500,000 for serious cases, many organisations are yet to put in stringent operating procedures for securing customer data.