More on KentOnline
Laptops containing confidential patient information were stolen from Maidstone Hospital.
The Maidstone and Tunbridge Wells NHS Trust has now vowed to improve security and the way patients’ details are stored after it was found to be in breach of the Data Protection Act by the Information Commissioner’s Office (ICO).
The breaches related to a theft in July this year of a laptop from the audiology department. The information on it was not encrypted and contained sensitive personal data regarding audiology test results for 33 patients, and personal details of a further unknown number of patients between 2003 and 2006.
Another three encrypted laptops were also stolen in August from Maidstone Hospital.
The trust has signed an undertaking declaring that any personal data held on a laptop computer or other removable media will be identified and encrypted within 6 months and pledged to improve security.
Mick Gorrill, assistant information commissioner, said: "It is vital that organisations handle sensitive personal data securely, especially where patients’ details are concerned.
"I am pleased that Maidstone and Tunbridge Wells NHS Trust will be taking remedial action to improve data security to ensure that it complies with the Data Protection Act."
The trust said it had written to all 33 patients whose names could be read on the unencrypted laptop and said the vast majority of its laptops were encrypted so information could not be read by anyone outside the trust.
Spokesman Darren Yates added: "We take the security of our patient information extremely seriously.
"Additional measures were introduced after the July theft, but sadly further thefts in August proved we too are just as much a target for the unwanted attention of thieves as others."