Monday, May 25, 2009

Data breaches go on, and on…

Losses of personal data are so commonplace these days that they barely seem newsworthy. But today's reports are really quite spectacular:
The personal medical records of tens of thousands of people have been lost by the NHS in a series of grave data security leaks. Between January and April this year, 140 security breaches were reported within the NHS — more than the total number from inside central Government and all local authorities combined.

Yet the government ploughs on with centralised databases containing tens of millions of medical records.
Sensitive files detailing the extra marital affairs, drug taking and use of prostitutes by very senior officers in the RAF have been stolen, raising fears within the Ministry of Defence that personnel could be vulnerable to blackmail. Up to 500 people in the service could be affected by the theft.

That has finally laid to rest my belief that the British armed forces were among the very few organisations with an adequate understanding of information security. Aside from wide-eyed disbelief, you get the feeling that the design of systems containing the most sensitive personal information imaginable is being conducted in the manner of toddlers throwing toy bricks around at playschool.

2 comments:

Anonymous said...

But it was the RAF...

Ian Brown said...

Don't you consider them part of the armed forces? Or do you mean that their toy brick design style was already well known :)