Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

The ICO Steps In On Healthcare Data Loss Incident

CyberArk Software : 18 October, 2010  (Technical Article)
Healthcare recruitment company falls foul of the Data Protection Act after losing doctor's personal data
The Information Commissioner's Office (ICO) has found Healthcare Locums Plc (HCL), a specialist healthcare recruitment agency, in breach of the Data Protection Act (DPA) after it lost personal data relating to doctors employed by the organisation.

The breach was uncovered only when the hard drive containing doctors' security clearance and visa information was sold on an auction website before being returned.

Mark Fullbrook, director UK and Ireland at Privileged Identity Management (PIM) and information security expert, Cyber-Ark has made the following comments:

"It's difficult to know where to start with this one - the fact that the information wasn't encrypted, the fact that its transfer wasn't logged or the insecure method of transit used.

"Companies of all sizes regularly store and transfer highly sensitive information regarding their employees, but what matters most are the measures taken to protect the integrity of that data every step of the way. With that in mind, aside from a blatant disregard for the terms within the Data Protection Act, HCL's biggest failure is toward those employees that entrusted personal information to the organisation.

"What HCL needs - like many other companies do - is a secure, reliable and auditable system for moving data from one location to another. Something like Governed File Transfer would be ideal, not only mitigating the risk of losing the data on the road, but also allowing firms to log all of the access to, and movement of, the information."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo