Richii

A care provider with offices in the Isle of Man and Northern Ireland has committed to improving its data protection standards after losing a memory stick containing unencrypted patient data.

The charity, Praxis Care, lost the memory stick in August 2011.

The device held personal information relating to 107 Isle of Man residents and 53 individuals from Northern Ireland, which in some cases related to their mental health and care. It has not been recovered, according to the Information Commissioner's Office (ICO).

It's amazing that this kind of thing continues to happen. Encryption guys - it's not difficult or expensive (especially compared to the cost of losing it!).

More interestingly, why was this data walking around on a USB stick in the first place? As well as encrypting data, people need to start looking at containing it. Why is someone trying to copy patient data? Are they authorised to do so? Is the device an authorised destination? DLP doesn't have to be difficult or onerous to implement.