Recent instances of loss of data from NHS Trusts seem to have prompted the Lancashire Teaching Hospitals NHS Foundation Trust to strengthen its email security.
The Trust has deployed Voltage Security’s SecureMail encryption system to protect data contained both in the internal and external emails. Integrating with the existing infrastructure, SecureMail enables end-to-end, content level encryption of email and mobile messaging.
Saeed Umar, IT project manager at Lancashire Teaching Hospitals, said: Deploying Voltage email encryption is a win-win situation for us: end users get an easy and straightforward experience and administrators don’t have to manage encryption keys, software downloads or installation of files.
Deployment of SecureMail was part of the Trust’s efforts to protect sensitive data, such as NHS numbers, employment information, and care records and comply with the Information Governance Assurance Programme and NHS regulations.
SecureMail is expected to help the Trust comply with the directive that prohibits transfer of unencrypted personally identifiable data across the NHS. The Cabinet Secretary also requires all the public sector organisations to encrypt the data stored in the PCs, or on portable device such as a laptop, PDA or mobile phone.
NHS Central Lancashire has recently apologised for breach of information security at HMP Preston in December last year. An NHS worker lost the USB stick containing the data of 6,360 patients, who are prisoners at Preston. Though the USB stick was encrypted, the password was attached to the device.
In November last year, research by Liberal Democrats has found that data loss has been rampant in NHS Trusts, with the theft of diaries, briefcases, CDs, laptops, and memory sticks. Patient notes were found dumped in bins or left in public places, it claimed.