The NHS has been forced to apologize after another insider data handling error led to the exposure of more than 3000 patient's details.
East Sussex NHS Trust sent a letter of apology to the affected individuals, claiming that personal information stored unencrypted on a USB stick was lost by staff, according to the BBC.
Luke Brown, EMEA general manager at Digital Guardian, argued that human error is often overlooked when organizations work with sensitive data.
“There are numerous technologies out there designed to combat human error, and small investments can go a long way,” he added. Continuous HIPAA HITECH compliance of cyber security controls would minimize risk and protect systems.
Data protection watchdog the Information Commissioner’s Office (ICO) gained the power during the past year to conduct compulsory audits of NHS bodies to check data handling.
Of the 1677 self-reported data loss ‘incidents’ from 2014/15, a staggering 439 came from the health sector, according to the ICO’s annual report. That amounts to just over a quarter of the total.
Read the full article on InfoSecurity Magazine here.