Thursday, 16 June 2011

8.63 Million NHS Patient Records Stolen: Biggest Loss in NHS History

NHS North Central London has lost a laptop containing medical records of 8.63 million patients, including details of abortions, HIV infections, cancer and mental illness treatments. The NHS authority reported the loss to ICO (Information Commissioner's Office) only after 3 weeks.

The device was one of 20 lost from a storeroom at London Health Programmes, a research body based at NHS North Central London. Eight of the 20 have been recovered, while the authority is still looking for the remaining 12.

NHS has sent the ICO the following statement: "NHS North Central London is investigating the loss of a number of laptops. One of the machines was used for analysing health needs requiring access to elements of unnamed patient data. All the laptops were password protected and our policy is to manually delete the data from laptops after the records have been processed. NHS North Central London operates under strict data protection guidance and is taking the matter extremely seriously. We have started an investigation into the issues raised by the loss. We are liaising with the office of the Information Commissioner".

According to Jeff Hudson, CEO of Venafi, the loss of data, the health records was 100% avoidable. "People will lose or have stolen from them physical items like laptops, that is unavoidable. What is completely avoidable is losing the health records. If they were encrypted, then they would not be readable by the thief or whoever they end up with". The stolen laptop also had records of around 18 million hospital visits, operations and patient procedures.

Venafi's CEO noted that when David Smith, the Deputy Information Commissioner spoke at the Infosecurity Europe 2010 show just over a year ago, he revealed that the NHS was responsible for one third of all the data breaches his office had investigated.

Scandinavian Airlines to Issue NFC Stickers to Fliers

Scandinavian Airlines, previously called Scandinavian Airlines System or SAS, will distribute passive contactless stickers to 50,000 of its most loyal customers, EuroBonus Gold members, starting September 2011. The fliers can use the stickers to check in faster at the airlines self-service kiosks, lounges and gates. The system would be able to identify the customers and call up their flight details more quickly.

Kristine Mayer, strategic project manager at SAS and project manager of the Smart Pass service said: "the airline could easily offer the Smart Pass application to customers with full NFC phones when more handsets become available. At the moment, the availability of mobile phones equipped with NFC is low in Scandinavia. When the NFC mobile market is ready, it is a natural step that SAS Smart Pass is integrated in the mobile".

SAS has conducted a three-month trial that ended in April, using contactless stickers with about 100 frequent fliers. Since 2009, the Sweden-based airline has offered mobile boarding passes using 2-D bar codes, in connection with its SMS check-in service.

Queensland Issued Its 2 Millionth Go Card

The Queensland government (an Australian state) created a landmark by issuing its 2 millionth Go Card for its contactless ticketing system. The go card is a smartcard ticketing system developed by Cubic Corporation. The card is currently used on the TransLink public transport network in Queensland.

With the help of the contactless ticketing system, more than 3 million trips a week is already made, with 80% done through go cards, according to Cubic.

To make the moment memorable, Queensland Transport Minister, Annastacia Palaszczuk, presented a "multiplatinum" plaque to one of the top 10 go card retailers in the state. Palaszczuk said: "We have undertaken significant investment across the go card distribution network resulting in a 150% growth in the past 18 months. The travel data provided by go card is helping us to provide more frequent and reliable public transport, including 150,000 weekly train seats and 50,000 additional weekly bus seats we added to the TransLink network this month".

SPVA Releases Requirements for the Post Manufacturing Stage of a Payment Device

The Secure POS Vendor Alliance (SPVA), a non-profit business organisation founded by Hypercom, Ingenico S.A. and VeriFone, announces the release of standards for the post manufacturing stage of a secure payment device. The new guidelines require that a payment device be properly handled from the moment it is produced to the moment it is loaded with customer keys.

The newly introduced requirements are designed to increase accountability for numerous stakeholders including payment device vendors, manufacturers, key injection providers responsible for the initial loading of the payment device, acquirers and security audit firms.

"The current standards in the post manufacturing stage cannot provide complete authenticity and we feel that we have identified a list of solutions to improve security," said Roberto Fananas, Hypercom security manager. "The SPVA's guidelines for the post manufacturing stage ensure that key data and materials used in the key loading process meet specific security requirements, thus eliminating the risk of fraudulent behaviour."

"The recommended guidelines by our Lifestyle of a Secure Payment Device Technical Working Group are designed to meet the security objectives of confidentiality, integrity, accountability, authenticity and non-repudiation," said Steven Hughes, SPVA president. "The ultimate goal is to protect cardholder information and defend merchants and acquirers against security breaches."

For more information visit:

New NCR Self-service Technology Drives Future of Branch Transformation

NCR Corporation announces the global launch of the next generation of NCR Financial Kiosks, which provide automated service options for financial services companies looking to offer a new customer channel in branches or off-site locations. The NCR SelfServ 4 and the NCR SelfServ 8 offer consumers the convenience of bypassing teller lines and quickly completing typical branch transactions, such as account opening, account maintenance and financial product research and purchase. By migrating routine transactions to self-service channels, tellers can dedicate more time to customer service, facilitating high-value product purchases and cross-sales.

Designed with advanced touchscreen technology, the new NCR Financial Kiosks allow customers to easily pay bills, transfer funds and print statements through a secure self-service channel. Outside of basic banking functions, customers can search for loan, credit card and insurance rates, receive quotes and apply for a new product or service at the kiosk. They can even complete third party transactions, such as purchasing a ticket or paying a fine.

"In today's highly competitive banking environment, financial institutions are making incremental changes at the branch-level to better serve customers and differentiate their brand. These types of operational improvements can be accelerated by self-service technology," said Michael O'Laughlin, senior vice president, NCR Financial Services.

Gemalto Wins 2011 A.T. Kearney Best Innovator Award

Today, Gemalto announced of winning the prestigious A.T. Kearney 2011 Best Innovator Award for its best-in-class innovation management and leadership. The evaluation focuses on the practical "how to" in innovation practice and assesses what leading companies really do in order to achieve superior yield from their innovation strategies and investments. The jury of the award ceremony comprised of senior business executives.

The selection criteria focus on the processes in place to encourage and manage innovation. And it evaluates actual achievements at delivering innovative products and services. Gemalto remarkably evidenced a repeatable and well-established system of innovation management towards high-growth markets such as e-Government services, machine-to-machine applications and mobile financial services.

Note to Subscribers

If you would prefer to receive your News On Line email in plain text, please send an email with "Plain Text" in the subject line.

If you are a subscriber to our Daily News On Line service or Monthly Newsletter you are entitled to access restricted pages on our website news archive. For the username and password please send an email with "Subscriber Password" in the subject line. lesley.dann, Subscriptions Administrator, Smart Card Group.

To Unsubscribe Email Us at or click Unsubscribe

Important Information

From time to time, this news service may include industry forecasts and forward looking statements made by the companies concerned. Readers should be advised that Smart Card News Ltd cannot be held responsible for decisions and/or actions taken by readers of our news service, based on the information provided. This news is only to be distributed to persons/companies who have a contract with Smart Card News Ltd. Unless your company has gained a licence and/or written permission from Smart Card News, the contents of this news page are not to be forwarded to any other person or server. Any replication by any means without prior permission is illegal and action may be taken. If you receive this online news from a forwarded source please contact the team at Smart Card News Ltd. It is illegal to replicate this online news.

Tel: +44 (0)1903 734 677