recent work

London Hospital loses two unencrypted USB sticks – poor staff training is blamed

South London Healthcare NHS Trust was ordered to sign a formal undertaking after it mislaid two unencrypted memory sticks containing the personal data of 600 maternity patients and the medical and personal data of 33 children. Although both memory sticks were later recovered, the Information Commissioner’s Office (ICO) maintained concerns that the data could have been copied onto another device due to the sticks’ lack of encryption, and as such, the formal undertaking was requested.

“Due to not having received up to date information on governance training the employee was unaware that an encrypted device issued by the data controller should have been used”, said the ICO.

A formal press release was not issued by the ICO, presumably because the devices were recovered.

DataWise by Absolute Data, is committed to ensuring companies and organisations, regardless of their size, create and follow realistic policies and procedures that are above the law. We can help your organisation create robust and effective data protection policies and procedures: we can spend some time getting to know what data-related activity your business partakes in, and ensure that your policies and procedures reflect this activity. We can also help to train your staff; not only in the importance of data protection, but how they can ensure they are fully adhering to data protection law. DataWise, one of our services, provides clients with a data protection toolkit, which offers a robust and effective solution in reducing the risk of data breaches. With the ICO’s power to fine up to £500,000 for data breaches, it is worth getting in touch with us to discuss how your organisation can ensure legal data compliance. Contact us now at, or call us on 01423 790125.