OnePlus 5 review
than we might have thought.....
Six laptops containing information about 20,000 patients have been stolen from a south London hospital.
The hospital accepts the data should not have been stored on portable computers and has written to every patient to apologise. The thing is, having accepted that the data shouldn't even have been on these machines, David Astley,the hospital's chief executive proceeds to try to wriggle his way out of it by saying:
"We offer all our patients our sincere apologies for putting their confidential information at risk, although we could not anticipate a determined thief who was prepared to force open a filing cabinet and locked drawers to get to the laptops."
What a silly thing to say, David. If the data hadn't been on the machines in the first place you wouldn't now have to be offering your patients your sincere apologies. This is yet another example of the lazy, couldn't care less attitude of many of those who are responsible for safeguarding our personal data - they think they know best, and have a blithe disregard for even the most basic of data-protection safeguards. Whoever was personally responsible for allowing patients' data to be stored on these machines should be sacked without any further ado.
To claim that "...we could not anticipate a determined thief who was prepared to force open a filing cabinet and locked drawers" is quite pathetic; what kind of a thief could they have anticpated - one that wasn't in any way determined?
It is not looking terribly good for the introduction of ID cards then.
I suppose he could be thinking that if the thief were to break into cabinets for the laptops, then they could also have broken into filing cabinets too and stolen papers.
Of course if he were thinking that, he would be proving how out of touch he is with modern technology and processes, and the scale of data that can be held on modern laptops and even pen drives etc. But of course non of our public servants could be that naive, could they?
The likelihood is that no harm will come of this, the laptops will be probably wiped before or after being sold to some urchin somewhere to do their homework on (yeah, right) or something anyway. Just another lapse in data security, which seems endemic at the moment.
Im just waiting for the story about some enterprising tealeaf ram raiding a server room and driving off with a few IBM's in tow... followed by the cry "lessons will be learnt" and a policy requiring all data to be deleted on a daily basis and a sub contract to china to re-enter it each day, once they have recieved copies of it through the post.
"The likelihood is that no harm will come of this, the laptops will be probably wiped before or after being sold to some urchin somewhere to do their homework on (yeah, right) or something anyway. Just another lapse in data security, which seems endemic at the moment".
So very very true and the best posting so far on this now very tiring subject.
Whether these machines will be wiped or not isn't the point - personal details about patients should not have been on them in the first place. You may well find the subject tiring, but I wonder how you might feel if you had to contemplate the fact that 'some urchin' was wandering around with details of your medical history, and possibly enough information to steal your identity.
There are servers in Europe and South america that are stuffed with the stolen personal details of many thousands of people from all over the world. The information is for sale to the highest bidder, and take it from me there are plenty of bidders.
I just don`t get paranoid about such things.
The theft of laptops has been going on for ages but now all of a sudden because the BBC have a slow news day or some Fleet Street rag wants a excuse to slag off the government we hear more about it.
Give the matter some time and the story will fade and we will have moved on to something else. It just happens to be the story of the moment, the latest thing for us to worry about. Well I ain't worrying about it.
This has a familiar feel of managers not understanding ICT and ICT bods not understanding the management implications of data handling.
Putting it more bluntly there is a management "rubbish" gap where the implications of ill informed decisions are making a nonsense of available technology.
GANDALF <|:-)> has summarised it perfectly.
Is going to be always vulnerable- simply because the devices alone are a desirable commodity to the thieving fraternity.
This should by now have got some IT manufacturer going in making devices for exclusive government use that cannot be used outside that environment.
It would have to be more then simply encryption of the data but something else to make the item useless off site. The is I imagine a big enough market from Government installations to make it commercial if the price is right.
Or Simply Ban Portable computers.
There is no real need for them is there - The Workers do their work at work.
I do not recall in my working days seeing bowler hatted types on the train with an Underwood/Royal or Imperial tripewriter in the luggage rack
Perhaps the Hospital should ask an IT. consultant to look into the best way to store information offline and then this will not happen again. Do we know who decided to use laptops as backup devices in the first place.
It is looking more necessary to make an example of someone under the Data Protection legislation. Perhaps if someone (preferably high profile) who authorised or downloaded such data onto a laptop/PC that was lost/stolen were put in front of a court with the risk of a prison sentence (I suggest Hazel Blears) it may well concentrate the minds of others to take more care of the information entrusted to them.
This thread is now locked and can not be replied to.