23 May 2012 01:15
Home right arrow News right arrow EHI right arrow NHS London orders data transfer review


News
BT  | Data  | E-Health Insider  | Information  | London  | N3
Twitter RSS Newsletter Send to a friend
6

NHS London orders data transfer review

17 December 2007  

All deliveries of patient information in London have been halted, and the chief executive of NHS London has begun a review of data transfer arrangements after a CD containing details of 160,000 children was lost.

The encrypted CD containing names addresses and dates of birth was lost in transit from BT to St Leonard’s Hospital, Hackney in an incident that occurred on 14 November.

However, fears the CD could contain enough information to enable ID theft, or place children at risk, have been allayed thanks to BT and the NHS trust concerned – City and Hackney PCT - following NHS data protection procedures.

In line with Connecting for Health rules, the disk was protected using 256k encryption and sent by secure courier by BT to St Leonard’s Hospital IT dept. It was signed for by hospital staff but never reached the person in the IT department it was destined for.

BT, the local service provider for NHS IT in London, told E-Health Insider that because the disk failed to reach its destination, the pass phrase key needed to de-crypt the disk was not issued.

A BT spokesperson said that the disk had not been located. “In this instance the encryption pass phrase would only have been released after one of two named individuals confirmed receipt. This was not confirmed so the encryption pass phrase has not been issued.”

The spokesperson said that BT has “cleansed the data” and was returning it to the PCT.

Asked why the data was sent on disk, rather than the secure NHS N3 data network provided by BT, the spokesperson said the trust had requested it be sent by disk. “The transport mechanism depends on what is the most convenient for the trust.”

Speaking to the Evening Standard Ruth Carnall, chief executive of NHS London, said: "We take any breach of security very seriously”.

She said that with the strong encryption and password protection the risk of unauthorised persons viewing the data “is negligible”.

Carnall added: “I have asked for an independent review of all NHS data transfer in London and procedures are in place to stop this from happening again."


Last updated: 18 December 2007 09:35

© 2007 E-HEALTH-MEDIA LTD. ALL RIGHTS RESERVED.

back to news

Please wait... loading

 
Add a comment

Register: To add a comment you must be registered.

Register

 

Login:

Email address:


Forgot your email address?contact


 
Password:


Forgot your password?prompt

 

Remember me

Login



News
EHI
Acute
Primary Care
Industry
Mobile
Newsletters
Contact
Insight
EHI TV
Analysis
Video diaries
Insider view
Reboot
Contact
Features
Special reports
Sponsored features
Bespoke Events
EHI Award winners
Contact
Intelligence
EHI Intelligence
EHI Consulting
Research reports
Contact
Jobs
Latest jobs
Advertise a job
Recruiter login
Contact
Groups
‘Power to patients’ – NHS information Strategy
EHI Live 2012
UKCHIP
Patient access to records
Up in the Cloud
Benefits and business cases
Awards
EHI Live
About
Exhibitors
Visitors
Programme
Venue
Press
Contact
CCIO
Leaders Network
Campaign
CCIO Group
EHealth Media Limited
EHealth Insider is managed and maintained by EHealth Media © 2012
Registered Office: 11 Campana Road, London SW6 4AS
Registered No. 4214439 | Vat No. 774 4008 29
About us | Advertise | Terms and conditions | Privacy policy | Contact us