NHS Lothian to Lanuch Data Safety Campaign

A data safety campaign is being launched by NHS Lothian following the reported loss of personal information about 137 patients. The aim is to reinforce the message among 28,000 employees that patient sensitive information must never be stored on unauthorised portable computing devices.

Management were alerted to the recent incident when a member of staff reported the loss of a personally owned USB memory stick which, against clear NHS Lothian rules, had been used to hold sensitive data.

A campaign is now being planned that will include:

  • roadshows round hospitals and other NHS Lothian sites
  • credit card-sized fold-out leaflets to accompany all pay slips
  • posters round NHS Lothian buildings
  • regular features in the staff newspaper
  • screen messages when staff log on to computers
  • a data amnesty.

Martin Egan, NHS director of ehealth, said:

"Data security is a very important issue and one we take very seriously.
“We take active measures to ensure that everyone is aware of our policies.
“But following the reported loss of a memory stick containing patient information we decided to launch a special campaign to drive home the message that data security is everybody’s business.
“The rules on the issue are clear and simple, but people have to follow them if we are to keep information safe.”

 
 

The amnesty would allow anyone who has inappropriately stored sensitive information to come forward and have it safely disposed of without being subject to disciplinary procedures.

At the same time the NHS Lothian IT security team is investigating extra safeguards to make it more difficult to download data to unauthorised devices.

08/07/2008