Page last updated at 17:24 GMT, Saturday, 24 January 2009

Patient records on stolen laptop

The computer was taken from an unlocked office at a Swansea hospital

An NHS trust serving people across south Wales has been criticised after a laptop with details of about 5,000 patients were stolen.

Abertawe Bro Morgannwg University NHS Trust was found to have breached data protection laws.

The computer, which had patient medical records on it which were not encrypted, was stolen from an unlocked office.

The trust has now signed an agreement to encrypt all data in future and improve security.

The health trust serves patients in Swansea, Neath Port Talbot and Bridgend.

The laptop was stolen by an "opportunistic thief" from an unlocked management office at Singleton Hospital in Swansea last April.

Appropriate safeguards

It is understood the computer was taken outside normal working hours.

In a separate case, a trust in the north of England, Tees, Esk and Wear Valleys NHS Foundation Trust was also criticised by the Information Commissioner's Office (ICO) for losing a data stick containing patient information.

Mick Gorrill, Assistant Information Commissioner at the ICO, said: "Both these cases highlight the importance of implementing the appropriate safeguards to ensure sensitive personal details about patients are processed securely.

"Even though one case involved the theft of a laptop, the data controller (Abertawe Bro Morgannwg University NHS Trust) is responsible for ensuring any personal data is adequately protected.

"The Data Protection Act clearly states that organisations must take appropriate measures to ensure that personal information is kept secure.

Password protected

"Abertawe Bro Morgannwg University NHS Trust and Tees, Esk and Wear Valleys NHS Foundation Trust recognise the seriousness of these data losses and have agreed to take immediate remedial action," Mr Gorrill added.

Abertawe Bro Morgannwg NHS Trust issued a statement saying: "The theft took place outside of normal office hours, at a time when the offices would normally be unoccupied and the rooms locked.

"The laptop contained patient identifiable information, but this information was password protected. In addition, documents stored on the hard drive were also password protected."

The trust said it had taken a number of measures to improve security and encryption.

Print Sponsor

Home Office guilty of data breach
22 Jan 09 |  UK Politics
Probe after children's data lost
08 Dec 08 |  England
Data loss firm contract axed
10 Sep 08 |  UK Politics

The BBC is not responsible for the content of external internet sites

Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit


Sign in

BBC navigation

Copyright © 2019 BBC. The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.

Americas Africa Europe Middle East South Asia Asia Pacific