Slashdot Mirror

← Back to Stories (view on slashdot.org)

NHS Fined After Computer Holding Patient Records Found On eBay

Posted by timothy on from the all-these-billing-addresses-are-identical dept.

judgecorp writes "NHS Surrey, part of Britain's health service, has been fined £200,000 when a computer holding more than 3000 patient records was found for sale on eBay. The system was retired, and given to a contractor who promised to dispose of it securely for free, in exchange for any salvage value... but clearly just put the whole system up for sale."

9 of 186 comments (clear)

  1. How does... by Anonymous Coward · · Score: 3, Insightful

    The government fine itself?

    1. Re:How does... by Joce640k · · Score: 4, Insightful

      They shouldn't be fining themselves, they should be jailing the person responsible for handing them to the "unnamed contractor" (who was probably a friend).

      --
      No sig today...
    2. Re:How does... by hairyfeet · · Score: 5, Insightful

      Actually as a PC repair guy who often does this very thing I say they should throw the contractor in jail, he is making us all look bad.

      I've done plenty of work for the city in the past and they know any donations they give to me will be wiped clean so they have no problem handing me desktops and laptops that are being replaced. Is there any records on them? probably but I wouldn't know as the first thing they get is a boot 'n nuke from me, the ONLY thing I don't wipe is the factory restore partition if it has one, everything else? Wiped before I ever mess with the system.

      So I'm all for throwing this asshole in jail because its jerks like this that end up causing systems to be disposed of via shotgun. In a dead economy there is plenty of folks hurting out there and these off-lease systems can be used to make sure anybody can have a PC, hell thanks to donations from the city I have a complete desktop system for $50 at the shop. Sure its not the fastest thing in the world but it surfs, burns DVDs, and when somebody needs a PC so their kid can look up info for school reports and they can look for a second job? A system like that can really make a difference. This is why I fricking HATE when assholes like this do dumb shit like just throwing it on eBay, he could have boot n' nuked and been done in no time, throw the lazy ass in jail.

      And if you work in a position that has getting rid of older systems as part of your duties? Don't dispose of via shotgun, talk to the local shop guys, talk to the local churches, there is usually a guy like me that is happy to refurb 'em for the poor folks and unlike this douchebag we're happy to do secure wiping on anything you hand us. There is nothing like the feeling of making a difference, just last week I donated a couple of systems to one of the local churches so they could expand their computer classes, they do a lot of work with abused women and teaching them basic computer and office skills helps them get a job and not be dependent on some wife beating scumbag. I wouldn't have been able to hand those systems over if they hadn't been donated to me, so ask around, those old P4s and Athlons may be junkers to you but it could make a difference to somebody else.

      --
      ACs don't waste your time replying, your posts are never seen by me.
    3. Re:How does... by beltsbear · · Score: 4, Insightful

      Agreed. I used to do the same, take in free donated systems and wipe them with dban or other zero writing software. It was easy and ensured the buyer got a clean system. The main reason why people destroy perfectly good machines out instead of giving them to someone like me (or charity) is fear of the type of behavior shown.

      And for god sakes, you do not need to DESTROY the hard drive. Zero writing is fine for anything not containing national security level secrets.

  2. Fines.. by Bert64 · · Score: 5, Insightful

    Fining the NHS is pointless, it only harms the NHS itself... Those responsible don't care because its not their money.
    They should fine the contractor instead, as it was his laziness/incompetence that caused this.

    --
    http://spamdecoy.net - free throwaway anonymous email - avoid spam!
    1. Re:Fines.. by Fjandr · · Score: 3, Insightful

      While there was negligence on both parts, I definitely agree that the contractor should be penalized for failure to perform the promised service.

  3. A: Because it breaks the flow of a message by DNS-and-BIND · · Score: 5, Insightful

    Q: Why is starting a comment in the Subject: line incredibly irritating?

    --
    Shutting down free speech with violence isn't fighting fascism. It IS fascism!
    1. Re:A: Because it breaks the flow of a message by Anonymous Coward · · Score: 0, Insightful

      Except what you did is put the answer in the subject line and the question in the body which actually *does* break the flow of a message whereas the OP merely started his question in the subject line and answered in the body, which follows the natural order we read text (left to right, top to bottom).

  4. Should be fining the contractor, not the client by radio4fan · · Score: 4, Insightful

    I don't really get this. The NHS contracts out the disposal of the machines to a private contractor, who then royally screws up, and it's the fault of the NHS?

    Surely the responsibility lies with the contractor?

    FTA:

    “Should they [the contractor] be accountable? Definitely not, because NHS Surrey have been entrusted with the welfare of their patients. Should the contractor be responsible? Absolutely, yes,” Jones added.

    This seems to me an argument that the NHS cannot outsource or subcontract anything.

    What is NHS Surrey supposed to do in this scenario? Use in-house people to analyse the machines to make sure there is no data remaining before disposing of them?

    Or just keep data-disposal services in-house? Personally, I think this would be a great idea, but it goes against the dogmatic 'privatise absolutely everything possible' trend in the UK.

    “We should not have to tell organisations to think twice, before outsourcing vital services to companies who offer to work for free.”

    Except they didn't work for free: they worked for the salvage value. I can't really see how the low value of the contract proves fault.