The Western Morning News, a regional newspaper in Britain, has a front page exclusive today about how hospitals and councils in the south west of the country have had embarrassing incidents involving lost data in the last three years.
The newspaper uncovered the incidents after it submitted a request under the Freedom of Information Act, discovering that documents regarding child protection had been lost in the post, confidential patient information given to the wrong people, and computer equipment stolen containing unencrypted data.
The report goes into more details as to the precise nature of the incidents, but what was most interesting to me was the way in which the newspaper acquired the information about the data breaches.
I believe that the media recognises that stories of officialdom gone bad, with embarrassing tales of how the people meant to be looking after us are careless with our private information, make for good headlines and sales. This isn’t a technical nerdy discussion which is going to switch off casual readers – this is a story that the general public understand and are concerned about.
It shouldn’t take the threat of a newspaper potentially using a Freedom of Information request exploring your council, government or hospital’s care of your personal information to make them treat data security seriously. But if that’s what it takes them to wake up to the problem in 2009 so be it.
You should expect many more stories in the press about data loss in 2009. The question is – is your own ship in order to mean that your company or organisation isn’t the one making the headlines?