In 2007:
* HM Revenue & Customs lost 2 unencrypted CDs containing child benefit records for 25 million people (including the bank details of 7.25 million families) - the worst data security breach in UK history
* HM Revenue & Customs lost the pension policy details of 15,000 customers
* The Department of Work and Pensions lost the personal financial details of 40,000 housing benefit claimants
* The DVLA lost the details of 6,000 drivers from Northern Ireland
* The DVLA lost the details of 3 million candidates for the driving theory test
What is even more worrying is that some of these databases are now stored by private companies outside the reach of the Data Protection act (USA) meaning there cannot be a legal response to these failures to keep our info locked up.
Thanks to the "secondary use services or SUS" thousands of non-medical staff will have access to this database. Measures to put "sealed envelopes" and "access auditing" (if users even bother to use their own account) have not been put in place yet. Yet the database goes fully live from next month; some records have already gone onto it via an unannounced trojan put into the Apollo medical software update last year. The practices affected were not even told that records were being uploaded secretly in the background while the software was running!
According to the BMA 9 out of 10 docs are against the database:
Newswire Article: BMA News Press Release: Doctors have no confidence in NHS database, says BMA News poll 02/01/2008
So I would suggest that any of you who share their concern "opt-out" your own records before it is too late. Once they are on the system you can't have them taken off. A template letter is on thebigoptout.org
Best Regards,
mr_colt.