The Infomation Technology (Certifying Authority) Regulations, 2001
The Cyber Regulations Appellate Tribunal
Computer Misuse Newslinks

Loss of Confidential Data

More than 200 laptops, PCs and memory sticks containing
confidential data have been lost by councils and health
boards, according to the Lib Dems.

A report published by the party said entire school servers, clinical
studies and patient videos had gone missing over the past 18 months.

Lib Dem MSP Jeremy Purvis called for "urgent steps" to protect data.

The Scottish Government said it had been working to raise awareness
of good practice in data security policies

In 2007 it ordered a review of data security policies, which
recommended the government "provide more leadership and act as
the source of centralised, authoritative guidance and assistance
for Scottish public bodies".

Mr Purvis, the Lib Dem finance spokesperson, said he had written to Finance Secretary John Swinney asking him to disclose what guidance from central government was offered to councils and health boards about improving their data protection procedures.

Fifteen of Scotland's 32 councils and 11 health boards reported lost or stolen data files.

Details of pupils held by Glasgow City Council's psychological services department were lost.

NHS Greater Glasgow and Clyde reported that seven laptops, one with details of 5,800 patients, were stolen.

Aberdeenshire Council lost photos of school children contained on a computer USB memory stick.

NHS Ayrshire and Arran lost 40 clinical reports of 21 patients, and NHS Lothian said a memory stick with details of 143 patients went missing.

Mr Purvis said: "These security failures all happened after promises by the Scottish Government that data security would be improved.

"Parents, patients and the public need to be reassured that the data held by the public sector in Scotland is held to the highest possible standards.

"Our investigation shows that at present, this is clearly not the case.

"New procedures must be put in place before more vulnerable people are put at risk."

A government spokesman said that since the Scottish Government Data Handling report was published last June, it had "broadened its leadership role and acted as the source of centralised, authoritative guidance and assistance for Scottish public bodies."

"We have, for example, worked to raise awareness of good practice in data handling and information sharing through a series of seminars for organisations with responsibility for handing a variety of sensitive information," he said.


Latest News