Cyber-Ark says NHS Grampian laptop theft highlights need for private data to be securely data vaulted

(PresseBox) ( Dedham, )
Cyber-Ark, the digital data vaulting specialist, say the theft of a laptop from Aberdeen Royal Infirmary recently, which contained the details of more than 1,300 patients, could have been avoided.

"This incident, involving a laptop stolen from a locked office, smacks of poor security policies at the NHS authority," said Mark Fulbrook, Cyber-Ark's UK and Ireland director.

"Granted, the laptop was protected using a standard Windows password, but this level of security can easily be circumvented by an IT professional. You have to question why the data was stored on unencrypted basis on the computer in the first place," he added.

According to Fulbrook, patient data of this type should never have been stored on a portable computing device, but stored instead on a computer server in encrypted format, accessible to laptop users on a remote - and encrypted - VPN basis.

Using this approach, with the master passwords only accessible to a few senior offices using a data vaulting approach, would mean that access to the patient data was available on a fully audit logged and authenticated basis.

The fact that data was on patients with an inflammatory bowel problem, he went on to say, is all the more embarrassing for the patients concerned, who will now be worried about their friends and colleagues discovering their unfortunate problem.

Worrying about medical problems being revealed, he explained, are potentially much more embarrassing than almost any other issues being made public, and the fact that these types of diseases are often made worse by stress is really bad news for the patients concerned.

"Not only will the patients affected by this laptop theft be worried about their data being made public, but the worry of the situation could actually make their problems worse," he said.

"The fact that the problem was totally avoidable makes this data loss situation a lose-lose event for all concerned," he added.

For more on the Aberdeen NHS laptop theft fiasco:

For more on Cyber-Ark:
Für die oben stehenden Pressemitteilungen, das angezeigte Event bzw. das Stellenangebot sowie für das angezeigte Bild- und Tonmaterial ist allein der jeweils angegebene Herausgeber (siehe Firmeninfo bei Klick auf Bild/Meldungstitel oder Firmeninfo rechte Spalte) verantwortlich. Dieser ist in der Regel auch Urheber der Pressetexte sowie der angehängten Bild-, Ton- und Informationsmaterialien.
Die Nutzung von hier veröffentlichten Informationen zur Eigeninformation und redaktionellen Weiterverarbeitung ist in der Regel kostenfrei. Bitte klären Sie vor einer Weiterverwendung urheberrechtliche Fragen mit dem angegebenen Herausgeber. Bei Veröffentlichung senden Sie bitte ein Belegexemplar an