Eight million health records lost on NHS laptop

A laptop owned by the UK's National Health Service containing the records of more than eight million people has been reported as missing.

Sean Michael Ragan, CC2.0

According to a report in The Sun, the laptop was lost three weeks ago but police were only informed this week.

It is one of 20 that went missing from a NHS North Central London storeroom. Eight have been recovered.

The laptop was unencrypted and contained sensitive details relating to 8.63 million people, plus records of 18 million hospital visits, operations and procedures.

The data does not include names, but patients could be identified from postcodes and details such as gender, age and ethnic origin.

An ICO spokesperson said: “Any allegation that sensitive personal information has been compromised is concerning and we will now make enquiries to establish the full facts of this alleged data breach.”

But Chris McIntosh, CEO of ViaSat UK said the London Health Programmes cannot claim ignorance to the dangers of unencrypted machines and the risks of a loss.

“Regardless of whether this laptop has been stolen, lost, dumped or is simply sitting in a cupboard somewhere, the key point is that the data on it wasn't encrypted," he said.

"When a machine contains highly sensitive information on literally millions of patients, not securing the data on it by any means possible isn't just careless: it is sheer negligence.

“Meanwhile, the Information Commissioner's Office has proven several times that it is willing to impose civil penalties on public sector organisations. It is to be hoped that the ICO acts swiftly and decisively to pass a strong message in this case."

It follows a breach earlier this year in which the NHS Liverpool Community Health lost medical histories of 31 children and their mothers during a premises move.

This article originally appeared at scmagazineuk.com