Durham County Council reassures pensioners after their information goes missing when a memory stick is lost

The Northern Echo: "No security breach" "No security breach"

COUNCIL chiefs say security was not breached when a computer memory stick containing the personal details of thousands of vulnerable pensioners was lost.

Clients of Durham County Council’s Care Connect warden service have been advised to set a new code on their key safe after the data went missing a few months ago.

The information is thought to also include burglar alarm codes, details of medication and the names, addresses and telephone numbers of relatives.

About 3,600 pensioners across the county have been affected but Durham County Council says there is no danger of criminals accessing the data because it was encrypted.

Key safes are secure places to keep house keys that can be used by care wardens to get into a house if the occupier is taken ill or has a fall. They are opened with an access code.

However, the relative of one pensioner on Care Connect said he was told the data was unencrypted and was lost when it was being taken between computer centres at Chilton, near Ferryhill, and Stanley.

The relative told The Northern Echo that he spoke to council staff after his parent received a council letter advising that the key safe code be changed. The letter, seen by The Northern Echo, does not mention the memory stick being lost .

Instead it says: “The reason for this (the code change) exercise is to ensure that the key safe code remains secure, as Durham County Council have a policy for the management of the security of the code.”

The relative said a council employee said that the stick disappeared some months ago during a regular data backing-up exercise.

He said: “When I finally discovered what had happened I was horrified.

“Instead of being honest and transparent they have tried to sweep it under the carpet and bluff their way through it.

“There are obvious security implications . There is a gold mine of information there if it gets into the wrong hands.

But Adrian White, the council’s head of contract services, said: “I would like to reassure everyone who uses the Care Connect service that there is absolutely no cause to be concerned. “The memory stick was fully encrypted, in line with government data protection guidance, to ensure that anyone outside the service would not be able to access the records.”

Comments (3)

Please log in to enable comment sorting

9:44am Tue 4 Feb 14

Taxpaying Homeowner says...

The easiest way to find out is for worried people to ask what make and model the stick was and what level of encryption was in place on the stick.

There are strict guidelines in place for how public data is transported and stored. I'm sure the council enforce these rules and undertake regular audits with it's partners.
The easiest way to find out is for worried people to ask what make and model the stick was and what level of encryption was in place on the stick. There are strict guidelines in place for how public data is transported and stored. I'm sure the council enforce these rules and undertake regular audits with it's partners. Taxpaying Homeowner
  • Score: 7

11:21am Tue 4 Feb 14

cushybutterfield says...

Surely when the 'Stick goes from hand to hand' and/or movement it should be 'Signed for'. Again a 'common sense Top security' method. This is a shocking example of Security Council 'Mega' neglect, 'masses of personal taxpayers' info etc, gone missing. It beggars belief even 'Burglar Alarm Codes', their needs to be a Public Inquiry into this appalling 'loss'.
Surely when the 'Stick goes from hand to hand' and/or movement it should be 'Signed for'. Again a 'common sense Top security' method. This is a shocking example of Security Council 'Mega' neglect, 'masses of personal taxpayers' info etc, gone missing. It beggars belief even 'Burglar Alarm Codes', their needs to be a Public Inquiry into this appalling 'loss'. cushybutterfield
  • Score: 8

8:55am Wed 5 Feb 14

S208 says...

Taxpaying Homeowner wrote:
The easiest way to find out is for worried people to ask what make and model the stick was and what level of encryption was in place on the stick.

There are strict guidelines in place for how public data is transported and stored. I'm sure the council enforce these rules and undertake regular audits with it's partners.
Then ask the member of staff if the password they used for it was of any use. "password" or their dog's name most likely, thereby rendering the encryption pretty useless against someone who really wanted to take a look.
[quote][p][bold]Taxpaying Homeowner[/bold] wrote: The easiest way to find out is for worried people to ask what make and model the stick was and what level of encryption was in place on the stick. There are strict guidelines in place for how public data is transported and stored. I'm sure the council enforce these rules and undertake regular audits with it's partners.[/p][/quote]Then ask the member of staff if the password they used for it was of any use. "password" or their dog's name most likely, thereby rendering the encryption pretty useless against someone who really wanted to take a look. S208
  • Score: 0

Comments are closed on this article.

click2find

About cookies

We want you to enjoy your visit to our website. That's why we use cookies to enhance your experience. By staying on our website you agree to our use of cookies. Find out more about the cookies we use.

I agree