Trust hunts disc holding 42,000 records

  • 27 August 2014
Trust hunts disc holding 42,000 records
Photographic example of the cartridge that has gone missing

East Midlands Ambulance Service NHS Trust has admitted to losing a disc containing the confidential information of 42,000 patients.

The data cartridge containing “just under 42,000 electronic copies of scanned handwritten patient report forms” from September 2012 to November 2012   “has gone missing” from its Beechdale divisional headquarters in Nottingham.

East Midlands’ chief executive Sue Noyes said in a statement that the trust takes its responsibility for security and confidentiality “of the information we record and store very seriously” and that the incident has been reported to the Information Commissioner and local police.

“The cartridge is small and there is a possibility that it is still on our premises; we are conducting a thorough search of the building,” said Noyes.

“We are certain the data can only be read via specific hardware which we have in our premises, and which is no longer in production i.e. it is obsolete. Therefore it is unlikely that the information stored on the missing cartridge can be viewed by anyone outside of the organisation.

 “It is extremely unfortunate that this incident has occurred, particularly as during this financial year East Midlands Ambulance Service is replacing the current computerised storage system to strengthen security arrangements.”

The Northampton Chronicle reports that the missing cartridge was lost “some time between the data being downloaded and put in the safe, which is likely to have been at the end of 2013.”

The trust has launched an investigation led by external experts to understand what has happened, how and why it happened and how to avoid it in the future.

It has already taken a “number of actions to strengthen the data retrieval process”, including reinforcing the responsibility staff have to protect patient data.

Noyes said that people who received an ambulance response during September 2012 to November 2012 and who had their details recorded in handwriting on a patient report form can contact the trust if they have any concerns.

“We have taken a proactive approach to report this because we are an open and transparent service and we know it is our duty to inform people when such an incident occurs.”

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

Advanced fined £6m over stolen patient data in 2022 cyber attack

Advanced fined £6m over stolen patient data in 2022 cyber attack

The Information Commissioner’s Office has imposed a £6.09m fine on Advanced for failing to protect personal information during a cyber attack.
ICO guidance on transparency published for health and care sector

ICO guidance on transparency published for health and care sector

New guidance has been issued by ICO over how health and care organisations should be transparent over the use of personal information.
ICO reprimands NHS Lanarkshire for sharing patient data via WhatsApp

ICO reprimands NHS Lanarkshire for sharing patient data via WhatsApp

The Information Commissioner’s Office (ICO) has issued a reprimand to NHS Lanarkshire following the use of WhatsApp by staff to share patient data.