UK COMPUTER STOLEN Stolen pharmacy computer contains private medical details | Bristol news | This is Bristol:

Stolen Bristol pharmacy computer contains private medical details
Wednesday, September 16, 2009, 07:00

The personal medical details of up to 1,000 customers of a Bristol pharmacy are in the hands of criminals after a computer was stolen.

Billing Pharmacy Limited, which has branches in Stoke Gifford, Downend and two in Kingswood, said the computer was used to store customers' personal details, including their past and present medications and allergies.

But the company has not been able to alert those affected by the security breach because the information was not backed up.

The computer was stolen from the company's premises in April but the theft has only just come to light.

The Information Commissioner's Office said Billing Pharmacy Limited had breached the Data Protection Act as a result of the theft and the company has now pledged to improve data security. Although each member of pharmacy staff had an individual password to access the database, the computer was not encrypted.

The company will now ensure portable and mobile devices used to store and transmit personal data, including laptops, are encrypted.

The firm has also agreed to draft a formal data protection policy, providing guidance for staff on the collection, storage, use and disposal of personal information.

Sally-Anne Poole, head of enforcement at the ICO, said: "It is vital that sensitive personal information, such as patient information, is handled securely.

"This is an important principle of the Data Protection Act. Organisations must implement appropriate safeguards to ensure personal details about patients are stored securely."