Reports that the door entry and KeySafe codes for number of NHS patients were included on the address labels of letters sent to clients of the NHS Personal Demographics Service have been roundly condemned.
This latest data fiasco surrounding the NHS and its storage of personal information is exactly the reason why authentication processes were developed for accessing data.
According to the Pulse health newswire patients were alarmed to discover their KeySafe and other door entry codes had been printed on the first line of an address label used to mail out communications for the NHS Connecting for Health operation.
This crass error effectively puts the physical security of vulnerable members of society at risk, as it means that postal workers – and anyone viewing the letter – will become aware of the entry code to gain access to the house or flat of the patient.
Whilst the reasons for this data error have yet to be investigated, the fiasco highlights the reason why authentication technologies were invented. Put simply, a good authentication system allows access to data to be carefully controlled, as well as audit logged, meaning that if something does go wrong, then the people who had access to the data can quickly be identified and remedial measures imposed.
And when crass IT security situations play out like this, authentication technology allows IT professionals to quickly discover what went wrong, and help to prevent it happening again.
This situation sounds like a procedural error on the part of an IT manager somewhere within the NHS Connecting for Health operation, effectively allowing the private data to be detailed on the printed area of the labels used for posting.
As well as helping IT professionals to take steps to prevent this unfortunate situation occurring again, authentication would probably have prevented this situation actually happening, as it would have stopped all but the most senior of staff having blanket access to this data.
Quite clearly a combination of circumstances have come together to allow this fiasco to occur, but using effective authentication as part of the data access procedures would have stopped this data from being re-used as part of a general address label mailout.