Security Breach in Doctors’ Site Results in Data Protection Act violation

The Department of Health (DH) suffered an unacceptable security breach when failures in computer security allowed others to view sensitive personal information of doctors forwarding applications for post of trainee, the Information Commissioner's Office (ICO) said.

The website of the MTAS, i.e., Medical Training Application Service, was breached in 2007 following the dispute over training of doctors. Anyone who logged onto the MTAS website could see the confidential information of numerous doctors, including sexual orientation and religious beliefs.

The DH took the site offline during the investigation of the allegations. The entire system was put away in May 2007 when calls were made for the resignation of Patricia Hewitt, the former Secretary of Health.

Assistant Commissioner Mick Gorrill at the ICO said that the security breach was unacceptable. He stressed organizations need to secure personal information they hold, for that is one of the key rules of the Data Protection Act. Channel4 published Gorrill's statement on December 19, 2007.

According to an ICO research, 90% of people were disturbed about organizations' failure to ensure security of their information. Hence, it is important that the DH adopts appropriate measures to protect personal information of individuals.

Following the security breach, the commission blamed the DH of violating the Data Protection Act and warned it to be careful to avoid such incidents, otherwise it could face prosecution.

The discoveries of the ICO pressurize the ministry regarding the dealings with personal information. The Office of Information Commission, on December 19 2007, ordered the DH officials to encrypt all personal data and conduct regular tests of the systems.

According to the BMA (British Medical Association), the security breach at MTAS reflects a scandal that shouldn't happen again. Chairman of the BMA Junior Doctors Committee, Ram Moorthy, said that the anxiety the incident caused to junior doctors and medical students was enormous. Already they have been shuttling around due to a recruitment process that was unfairly conducted leading to a complete destruction of trust they imposed on IT systems of the government. Ehiprimarycare published this in news on December 20, 2007.

Related article: Securities Push Up A Must For Web Companies

» SPAMfighter News - 1/3/2008