http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2007/12/20/ndocs120.xml By Rebecca Smith Medical Editor 20/12/2007 Computer security failures that allowed sensitive personal details of junior doctors applying for training posts to be viewed by others were an "unacceptable breach of security" by the Department of Health, the Information Commissioner has found. The sensitive details of thousands of doctors, including religious beliefs and sexual orientation, could be seen by anyone logging on to the Medical Training Application Service site. The commissioner said the Department of Health had breached the Data Protection Act and warned that if it happened again the department would be prosecuted. The findings increase pressure on ministers over the handling of sensitive personal data and follows a series of security blunders. Yesterday officials were forced to admit that the pension details of 6,500 people had been lost by HM Revenue Customs - the same department that lost two discs in the post containing the child benefit records of 25?million people. Officials at the Department of Health were ordered yesterday to encrypt any personal data and test the systems regularly. The national online computer system will not be used in next year's recruitment process following the fiasco this year. A local CV and paper-based application process will be used instead. The security breaches were part of the reason why the whole process collapsed in chaos in May this year. Ram Moorthy, chairman of the British Medical Association's Junior Doctors Committee, said: "This was a scandal that must never be repeated." __________________________________________________________________ Visit InfoSec News http://www.infosecnews.org/
This archive was generated by hypermail 2.1.3 : Thu Dec 20 2007 - 23:29:06 PST