NHS fails to secure mobile data

NHS mobile devices have inadequate data security.

Written by Lara Williams

Computing, 27 Jun 2006

The National Health System is failing to protect potentially sensitive patient information, according to research.

Almost two thirds of portable data storage devices used in the NHS use no little security.

The survey found half of those storing data on mobile devices are using their own equipment which breaches basic security practices. 

One fifth of mobile storage devices have no security and a further two fifths have only password-controlled access – which still makes them still vulnerable against hackers who can bypass a password in seconds using software available on the Internet.

Only a quarter of respondents used passwords with another form of security, including encryption, biometrics, smart card and two-factor authentication.

Two thirds of the 117 who responded to the survey were in the NHS and a quarter were suppliers to the sector.

USB memory sticks (76%) were the most popular mobile device followed by laptop/tablet PC (69%), PDA/Blackberry (51%), smartphone (9%) and mobile phone (2%).

Small devices with large data storage capacity make it very easy for a person to carry unnoticed large amounts of data such as patient records or sensitive corporate data.

The survey demonstrates a large number of people are using their own devices for carrying data such as work contacts, corporate data and even medical records. About half of the medical professionals carried patient records on a mobile device.

Martin Allen, Managing Director of Pointsec Mobile Technologies UK, the company which carried out the survey with the British Journal of Healthcare Computing & Information Management said: ‘It will only be a matter of time before these weaknesses are exploited.’

‘It is very easy to steal or pick up a mobile device and access the information for ill-purposes,’ he said. ‘Mobile devices seem to be falling through the security net and our advice is that any NHS trust or organisation downloading sensitive or patient records should automatically encrypt the information.’

What do you think? Email feedback@computing.co.uk

Further reading:

Patient record scheme delayed

Hospital trust upgrades network

Tags:

reader comments

related articles

 

HP seeks to secure the printer

Secure Print Advantage uses government-grade encryption 18 Oct 2007

New Year resolutions for security managers

Time to push security up the IT agenda 14 Jan 2008

Healthcare IT failing on security

Mobile working pushes up data loss risk 18 Apr 2008

related whitepapers

today's top stories

Communications

WiMax: Threat or opportunity?

We examine the merits of WiMax and its benefits relative to other wireless technologies in our latest video 13 Oct 2008

The Big Picture

Learning from the credit crunch to avoid a broadband crunch

While it might be the most pressing issue de jour , the financial system isn’t the only area where government needs to... 10 Oct 2008

Management

How careerism can warp IT procurement

Many working in IT put their career interests before those of their employer when weighing up purchasing options 10 Oct 2008

Software

The definitive guide to software development

Five key trends and five best practice tips to help you improve your programming capabilities 09 Oct 2008

Management

Computing podcast - IT implications of the banking crisis, and the FSA clamps down on IT security

We discuss the effect of shotgun mergers and acquisitions on financial services IT staff, and examine the industry regulator's plan to fine directors for information security breaches 09 Oct 2008

> More news

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job


IT Salary Checker

  • Are you being paid what you are worth?
Check salary here

Advertisement

White papers

Search white papers

Top categories

VPN, Extranet and Intranet Solutions

WAN/ LAN Solutions

Network Security

Interoperability-Connectivity

Grid/ Utility Computing

Latest poll

Would you apply for a job that was advertised on Facebook or a similar social networking site?

Would you apply for a job that was advertised on Facebook or a similar social networking site?

The government is using Facebook to recruit IT staff - would you apply to such an ad?

Previous poll results

> More polls

Latest audio and video articles

Remote workerVideo

WiMax: Threat or opportunity?

We examine the merits of WiMax and its benefits relative to other wireless technologies in our latest video 13 Oct 2008

programming codeVideo

The definitive guide to software development

Five key trends and five best practice tips to help you improve your programming capabilities 09 Oct 2008

> More audio and video

Latest in-depth articles

Financial Services Authority buildingAnalysis

FSA threatens executives with fines

Senior management to be held accountable for security lapses at banks 09 Oct 2008

Comment

Broadband must be a spending priority

For the economic health of the nation, the government would do better to bankroll an optical fibre rollout rather than prop up profligate banks 09 Oct 2008

> More in depth articles

Advertisement

Primary Navigation