The government has come under strong criticism after nine English NHS trusts admitted losing patient records in the latest public sector data lapse.
Computer discs containing patient details have gone missing.
Hundreds of thousands of adults and children are thought to be affected.
Shadow Health Secretary Andrew Lansley condemned the government for its "failure to protect the personal information which we provide".
The Department of Health says patients have been told and there is no evidence data has fallen into the wrong hands.
It follows losses of millions of child benefit claimant and driver details.
The Sunday Mirror reports that one of the breaches was thought to involve the loss of names and addresses of 160,000 children by City and Hackney Primary Care Trust, after a disc failed to arrive at an east London hospital.
Mr Lansley added: "You have to wonder why on earth it took the Revenue and Customs to lose their discs and for government to institute an inquiry across government for these losses of data to come to light.
"It does feel like there's a sense in government, all parts of government, that we're required to provide data and we are constantly told that it will be protected, but in reality that level of protection simply isn't there."
Joyce Robins, from the patient support group Patient Care, said ministers could not gloss over yet another "scandal".
She said: "Every week we hear of a new one. Health records can have anything from your ex-directory phone number to your HIV status.
"I think it's the tip of the iceberg, actually, because there's such carelessness within the NHS and it's always impossible to hold anyone to account and find out who's actually done anything."
Liberal Democrat health spokesman Norman Lamb said: "The whole culture of data management in the public sector has to change."
A further disc, lost by Gloucester Partnership Foundation Trust, consisted of archive records relating to patients treated 40 years ago - none of whom is still alive.
The details of what data has been lost by the other trusts have not been disclosed.
The other trusts involved are Bolton Royal Hospital, Sutton and Merton PCT, Sefton Merseyside PCT, Mid-Essex Care Trust, and Norfolk and Norwich.
The East and North Hertfordshire Trust reported a loss but has since found its missing data.
Maidstone and Tunbridge Wells NHS Trust has reported two breaches - meaning that 10 cases have occurred in total.
The Department of Health said the security breaches were being dealt with locally, and it did not have details of how many patients were affected.
It said investigations were under way, and action would be taken against anyone who had failed to fulfil their responsibilities under data protection laws.
NINE TRUSTS INVOLVED
City and Hackney
Bolton Royal Hospital
Sutton and Merton
Mid-Essex Care Trust
Norfolk and Norwich
Gloucester Partnership Foundation Trust
Maidstone and Tunbridge Wells
East and North Hertfordshire
Health Minister Dawn Primarolo told BBC News 24 that the government took the protection of data very seriously.
She added: "Obviously in the NHS you have got patients moving around and their information needs to move with them.
"We have the highest possible levels of security and confidentiality and we need very rapidly to find out exactly what has happened in these trusts and only the trusts can tell us."
Dr Richard Vautrey, of the British Medical Association, told BBC News 24 there was a strong case for patients having their information available when they see doctors in different medical situations.
But he said: "It's vitally important that any development of centralised systems is done in a careful and measured way."
Dr Vautrey said he did not think the treatment of patients whose data had been lost would be affected, but it would be damaging if patients became reluctant to be fully open with their doctors.
"Government does need to prove that we can trust it in the way that it holds information."
NHS chief executive David Nicholson recently wrote to NHS managers reminding them of their responsibilities with regard to data handling.
A DoH spokesperson said: "Since the recent heightened concern about data protection a small number of trusts (nine) have reported breaches of their own security rules.
"There are strict guidelines and procedures for dealing with such breaches."
Police are still searching for two computer discs containing the names, addresses, dates of birth and bank account details of every child benefit claimant after it emerged they had been lost in the post by HM Revenue and Customs in November.
Then on Monday it was revealed the details of three million learner drivers had also been lost after being sent to Iowa in America's mid-west.