The Dudley Group of Hospitals NHS Trust will spend £135,000 on new computer security software, following the theft of a laptop containing personal information on over 5,000 outpatients.
A trust spokesperson confirmed to E-Health Insider that following a board meeting called to discuss the theft of the laptop, the trust has decided to purchase and deploy new data encryption software on all trust owned laptops, effective from this month.
The aim of the software is to “scramble information on all laptops, desktop computers, hand-held computers and memory sticks,” she added.
The laptop was stolen from the trust’s anti-coagulant clinic which deals with people suffering from blood-thinning problems on 8 January.
A database in the laptop contained information including names, addresses, birth dates and clinic details, such as appointment times, of 5,123 out-patients.
A username and password is required to operate the laptop, and the database is also protected by a separate username and password.
The trust spokesperson stressed that the information did not include medical details, but acknowledged the theft was a “serious issue”.
In a statement, the trust said: “We take precautions to try to protect all the IT equipment in our hospitals from theft, but given that this is a public building with thousands of people accessing it every day, there are inevitable practical difficulties around security.”
“Our security team work very hard to ensure the safety of our staff, patients and visitors, but it is very difficult to mitigate against all deliberate acts of theft. The police have made every effort to recover the laptop, but unfortunately have been unable to do so.”
Letters have been sent out to all patients affected, informing them of the theft and how it affects them.
IDC’s research manager for security products & services, Eric Domage, told EHI: “Continuing incidents like this clearly show that it is time for IT managers to be responsible for the data they are in charge of. Encryption should be compulsory on all computers, it is not expensive and as a bare minimum, they can use encryption embedded in Windows XP.
“Patients do not want incidents like this to happen, and after cases like HMRC, it is understandable that there are concerns. We must get serious about the importance of good quality secure data.”