Healthcare IT failing on security

The IT security threat posed by healthcare workers is rising as they become increasingly mobile and use laptops containing sensitive patient information.

Unlike some other parts of the world, UK law does not protect data kept on healthcare computer systems beyond 'duty of care' and a professional requirement for patient confidentiality.

The warning from Absolute Software, which specialises in computer theft and asset tracking, follows a spate of high-profile data loss incidents in recent months, including the NHS losing hundreds of thousands of patients' records.

Absolute Software said that, while encryption provides strong external security, the biggest threat is from within.

Employees can get access to encrypted information as they have encryption keys and passwords. Organisations are advised to complement encryption with the ability to remotely delete data from missing computers for the highest level of protection.