Health board lost patients' data

The information was contained on two memory sticks

A health board has tightened its security measures after the loss of two memory sticks containing patient data.

They were reported lost or stolen from NHS Dumfries and Galloway premises earlier this year.

New controls on USB storage devices have now been introduced and steps taken to ensure all data is encrypted.

NHS spokesman John Glover said the information could not be used to identify patients but the incident had prompted new security measures.

He stressed that there was no way to link the data to individuals.

"The important thing to recognise is that this was non-identifiable data that was contained on these USB memory sticks," he said.

"The board, however, has recognised that there needs to be some controls put in place so we have introduced a rigorous programme of controls for computer memory sticks."

No access

All memory sticks used for patient or confidential data will now have to be password-protected and encrypted.

It is hoped the process will be completed by the end of this month.

Mr Glover said: "That means no unauthorised person will have any access to such information.

"If by any chance they fell into the wrong hands they wouldn't be able to access the information and it would be completely useless to them."

The same encryption process is to be extended to laptops and office PCs judged to be in "vulnerable" areas.

"We believe this is a very strong and robust process to protect patients' interests at every level," said Mr Glover.