NHS laptop and mobile thefts rise by a third

Published: 11-Jun-2019

Laptops, mobiles, tablet computers, and televisions among items reported lost or stolen from hospitals across the country as thefts rise

The NHS has reported almost 1,300 electronic devices missing over the last three calendar years, according to new research from leading think tank, Parliament Street.

The findings are contained in a new report entitled NHS Data Security: Device Loss, which examines the numbers of the lost or stolen devices reported within NHS hospitals, looking specifically at tablet computers, mobile phones, and laptops.

Increasingly we’re seeing hackers and fraudsters targeting accredited devices and using legitimate log-in details to gain access to confidential data and private records without raising suspicion

Researchers discovered that, overall, 1,283 devices have been reported missing by 58 NHS hospitals since 2016.

In 2016, the overall figure of lost devices was 383, slightly increasing to 389 in 2017, and jumping to a staggering 511 by 2018 – an overall increase of 33% across the three years.

The data was obtained under Freedom of Information (FOI) legislation, and included losses reported by both staff and patients on site at the respective hospitals.

Mobile phones were the most-popular device reported missing over all three years – with 284 in 2016, rising to 309 in 2017 and then 366 in 2018; an overall increase of 29%.

However, the device which saw the largest percentile increase in loss or theft was laptops, with 55 reported missing in 2016, rising to 81 in 2018 – an increase of 47%.

The NHS trust with the most recorded devices lost or stolen over the last three years was Eastbourne District General Hospital, which has lost a total of 110 devices since 2016.

The second and third highest number of missing devices were at Bradford Teaching Hospital and Salisbury NHS Foundation Trust, which saw 96 and 81 reports of lost or stolen devices respectively.

However, some hospitals which responded to the request disclosed they had no devices lost or stolen in the last three full years. These were James Paget University Hospital and Liverpool Heart and Chest Hospital.

Tackling this problem means adopting a zero-trust approach to all user accounts, ensuring every employee who tries to access critical information is screened with the necessary password, location, and authentication procedures to ensure they are who they say they are

The report also observed some more-detailed notes which were pertinent to the lost devices request.

Kings College Hospital, for example, confirmed that in 2016 they had reports of two breast pumps being stolen and a microwave oven.

And University Hospital Southampton said that, in 2016, a patient managed to steal a ward TV by vomiting on the floor to distract a registered mental health nurse.

He then requested privacy and put the TV in his bag.

The nurse then helped him carry his bags to the taxi rank.

Commenting on the problem; Andy Heather, vice president of access management security specialist, Centrify, said: “Rising thefts of critical mobiles and laptops could pose serious cyber security risks to NHS hospitals.

“Increasingly we’re seeing hackers and fraudsters targeting accredited devices and using legitimate log-in details to gain access to confidential data and private records without raising suspicion.

“Tackling this problem means adopting a zero-trust approach to all user accounts, ensuring every employee who tries to access critical information is screened with the necessary password, location, and authentication procedures to ensure they are who they say they are.”

You may also like