had a letter from the NHS yesterday about my nearly 17yr old dughter Charlys recent hospital visit to the sleep clinic.
Apparently all her personal and medical info was stored on a laptop and for some reason a member of senior management took the said laptop to Scotland with him the other weekend, left it in his car and it has been stolen.
None of the info was encrypted (whatever that means). The NHS apologised and said the police were looking into it and the member of senior management had been suspended pending further enquiries.
They said its very high risk that whoever stole the laptop would now have all Charlys medical and personal details and if I have any questions I can ring them on this 0800 number.
I am fuming as now her identity could be stolen for all sorts of illegal stuff and I don't want the police turning up here to arrest her for something like opening a bank account and money laundering or worse.
I don't know what to do except sit tight and wait and see if one day the police come knocking.
It really is worrying and I can't see why a senior member of staff would take said laptop to Scotland with him on a weekend break and leave it in his car.
If anyone has any advice on what I should do please do say.

Get in touch with http://www.cifas.org.uk/ they will be able to register her as somebody that has had her details stolen (cat 0).  They will then be able to place a password, and a flag on her credit file. If anyone tries to use her details, then you will get a phonecall to confirm that is was your daughter that made the application, and asking for her for her password.  It will slow down any credit applications she makes, but is worth it for the peace of mind it will give you.  CIFAS works along side both Experian and Equifax.  I hope this helps.

That's disgusting that they were so careless with your daughters information. Grrrrrrrr.
Spitze's post looks very helpful though so I hope you get some peace of mind.

that is terrible thing to happen, i wonder if everyone on the lap top has been contacted ?
also seems to be keeping it quite not in the news or anything, maybe it should be so people know
that details have gone missing, there seems to be an awful lot of this happening at the moment.
carolann

Or could this be a hoax?  It seems unlikely that personal data is not kept encrypted, or to have a complicated password on it.

I'm with you Ice Queen, on the hoax theory. I work in the NHS and I'd be very very surprised if any Manager or even a Consultant, had need to keep patient details on their lap top. In my Hospital anyway, patient details are not on any sort of national database. Great big volumes of paper notes are still the norm.

Dawn R.

Not nit-picking :-D but how could it be a hoax if the OP received a letter from NHS telling her about the loss?
And I'm sure i've heard about other losses of data being un-encrypted even from banks!

i would doubt patient details would include her bank account! surely she didnt give that to them? i would forget it- she wont be liable for anything that comes from this as long as police were informed plus shes still a minor

I think the OP meant someone else could open a bank account/credit card in her daughters name and was worried about repercussions/the hassle involved if that were to happen

>None of the info was encrypted (whatever that means).

Encryption means that the data is encoded into a non-readable script so that anyone trying to read the data would have to break the code or have the password.

>I am fuming as now her identity could be stolen for all sorts of illegal stuff and I don't want the police turning up here to arrest her for something like opening a bank account and money laundering or worse

Believe it or not, having someone's personal and medical data isn't so much of an identity risk.  Although there are plenty of companies jumping on the bandwagon who would rather the public think otherwise, to offer identity protection to consumers for a price.

An identity risk is when documents that prove identity are stolen, such as authentic utility bills, mortgage statements etc, etc; the type of documents lenders ask for when opening a new account.  Of course having one's personal data as well as documents that prove identity doubles the risk. 

So I wouldn't worry so much, certainly having your daughter registered with CIFAS, being vigilant about any sort of identity proving documents going astray in the post and keeping an eye on her credit reports http://www.experian.co.uk/creditreport/ will minimise the risk of identity theft.

Not a hoax as it was on local tv and radio quite a few times in the days when it happened, they said info was passworded but not encrypted. as you say what the H*** had he taken it on holiday for anyway.
Chris
ps what is worrying is that hospital = nhs no. which is key to lots of other ID stuff

I work in the NHS as well and all of our work is just on our computers and definitely not on laptops, all seems a bit strange to me!

My Lloyds account gives me an expiran print out if anyone does a credit check on my accounts. I started the account on the third time I had a card cloned. Costs me £25 a month though, If money ect was lost through this problem a copy of the NHS letter whatever will ensure that all money ect is refunded. But its the thought that all your personal stuff is paraded around thats the problem.

> I work in the NHS as well and all of our work is just on our computers and definitely not on laptops, all seems a bit strange to me!

It was on a laptop and was not a hoax, It's a bit like those laptops that were stolen from a London hospital the other day, they all had personal data on them.

I suspect perrodeagua that some people in the NHS have access to the data and can download it onto their laptops to work on it.  As this was personal data it should have been encrypted, I trust the manager who was responsible has been punished for this.

I trust the manager who was responsible has been punished for this.

He has been suspended while it is investigated.