There are two stories that hit the headlines today which highlight the importance of data security in the NHS. In particular, the stories emphasise the importance of the geographical location of data and what tools and services are being used to transport and store data.

According to a report on The Sun’s website, GE Healthcare, a technology provider responsible for supplying the NHS with imaging, diagnostic and patient monitoring tools, collected data from 600,000 NHS patients and stored it on servers in the US.

With the data being transferred and stored outside of the European Economic Area, concerns have been raised about the vulnerability of the data and its exposure to corruption one outside the security of EU legislation.

GE Healthcare insists that once the leak had been flagged it “immediately undertook an extensive analysis using outside experts, and we are confident that this data was not lost, hacked, misused or stolen.” However, the files should not have left the confines of the European Economic Area and the leak once again raises the issue of the location of servers and the importance of knowing exactly where data is being stored. The Data Protection Act states that details cannot be sent outside the European Union without the correct safeguards put in place.

As a provider of cloud collaboration and content management services to 75 per cent of central UK government departments and numerous NHS organisations, Huddle understands the importance of ensuring that data is stored in the European Union and the security measures that need to be met.

The second story of the day is one that is becoming all too familiar with public sector data. Whether its laptops left on trains, discs lost in the post or USB data stick being misplaced, public sector data has had more than its fair share of embarrassing losses due to human error over the years. The latest is the loss of two unencrypted memory sticks – and a number of other mishaps – reported by the South London Healthcare NHS Trust.

According to reports, one of the devices contained information on approximately 600 maternity patients and the second device contained the names and dates of birth of 30 children. Wishing to work from home, an employee downloaded this information onto a personal memory stick to get their job done and was unaware an encrypted device should have been used.  In another incident, a junior doctor took home ward lists containing patients’ personal information, treatment plans and test results.

In the security breaches highlighted above there are two common threads – human error and employees trying to get their job done. While human error cannot be avoided, technology advances now mean that people don’t have to circumvent the IT department and security measures, putting data at risk, just so they can work from home.

As a secure cloud-based collaboration tool, Huddle is supporting many public sector employees to work securely on the move or from remote offices. Our public sector customers already use the secure public version of Huddle for external collaboration with data up to IL2 (‘Protected’ classification) and for those that need to work on more highly classified data we have Huddle IL3 (‘Restricted’ classification), which is hosted on FCO Services’ Government Secure Application Environment (GSAE) cloud infrastructure.

Find out how NHS South West is using Huddle to create a virtual community of the next generation of leaders and a central knowledge base here and how NHS East of England used Huddle to support collaboration around the national “Safety Express” QIPP programme here.

James Matthews


Request a Demo

© 2006 - 2019. All Rights Reserved.