**********************************************************
The following is issued on behalf of the Hospital Authority:
The spokesperson of Prince of Wales Hospital (PWH) announced today (May 6):
An incident of loss of USB flash drive containing hospital files of PWH took place in early May 2008. The stored files were mainly general working documents with personal data of patients, including name, ID number and laboratory test items. Around 10,000 records might be involved.
Usually the concerned staff member would delete the data stored in the USB flash drive upon completion of the task. In view that she could not recall if she has actually done so for this case, for the sake of security, PWH immediately reported the case to police and the Privacy Commissioner. The police are now investigating the case. The Hospital Authority (HA) was also notified through the Advanced Incidents Reporting System (AIRS). The Hospital has so far received no enquiries or has had any records related to the leakage of data of patients.
Staff members were reminded again before the occurrence of the above incident to avoid using non-encrypted USB flash drive to store or download data of patients. They are also required to follow the established protocol on protecting data and privacy of patients.
A set of comprehensive guidelines was in place in HA to protect the data and privacy of patients. As stated in the guidelines, healthcare workers are allowed to directly read data of patients in the computer systems only under the circumstances that there are actual operational needs, such as providing treatment to patients, conducting medical research or for teaching purpose.
HA regularly organizes training sessions for staff of all grades and ranks on protection of data and privacy of patients. Regular security audits on computers are also conducted. Appropriate disciplinary action would be taken in accordance with the human resources policy if any staff member is found not observing the data security guidelines.
Ends/Tuesday, May 6, 2008
Issued at HKT 19:48
NNNN