Dear Sirs,

There have been a number of high profile cases in the Public Sector recently of data either being lost i.e. Laptops and memory sticks left in public places or malicious programs extracting contact information i.e. Personal details. I would like to know what security measures you have in place (or intend to put in place) to prevent such occurrences and who is responsible for IT Security (Name and Title)?

Many thanks for you assistance in this matter.

Yours faithfully,

David Blades

Freedom of Information, Ayrshire and Arran NHS Board

Thank you for your email. I am out of the office until 18 April 2011. If
your request is urgent, please contact my colleagues in the Communications
department 01563 826111 or email [email address].

Dear Freedom of Information,

Thank you for your response. I await the requested information, at your earliest convenience.

Yours sincerely,

David Blades

Freedom of Information, Ayrshire and Arran NHS Board

Dear Mr Blades

Thank you for your enquiry. We will respond as soon as possible and in
any event no later than 13 May 2011, this takes into account the public
holidays at Easter.

Kind regards

Louise

show quoted sections

Freedom of Information, Ayrshire and Arran NHS Board

1 Attachment

Dear Mr Blades,

Thank you for your request:

There have been a number of high profile cases in the Public Sector
recently of data being lost.

* I would like to know what security measures you have in place to
prevent such occurrances?

NHS Ayrshire & Arran currently has a number of security measures in place
to prevent the loss of data and/or malicious data theft :

Software

. Endpoint security/anti-virus software

. Port blocking software

. Encrypted memory sticks

. Endpoint encryption

Additional security measures

. Data sources password protected/stored in secure locations

. Local/National Firewalls in place

Policies

. Data Protection Policy

. Information Governance Standards

. eHealth Mobile Data Protection Policy

. Secure Communication, Transportation and Storage of Personal
Information Policy

. Appropriate Use of IT Facilities Policy

* who is responsible for IT Security (Name and Title)?

The person responsible for IT Security is Marianne Monaghan, Senior
Technical Specialist (IT Security).

I trust this is to your satisfaction. However, under the Freedom of
Information (Scotland) Act 2002 if you are dissatisfied with our response
you are entitled to request a review. A request for a review must be made
in writing to Dr Wai-yin Hatton, Chief Executive, NHS Ayrshire & Arran,
Eglinton House, Ailsa Hospital, Dalmellington Road, Ayr KA6 6AB, no later
than 40 working days from 16 May 2011. You must provide your name, an
address for correspondence, details of your original request and say why
you want a review. If our decision is unchanged following a review and you
remain dissatisfied with this, you then have the right to make a formal
appeal to the Scottish Information Commissioner.

Please do not hesitate to contact me should you require any further advice
or assistance.

Kind regards,

Ann

Ann Catherine Wilson L.L.B

Freedom of Information Officer

Communications dept

28 Lister Street

Crosshouse Hospital

Kilmarnock

KA2 0BE

Telephone: 01563 826112

Fax: 01563 826122

Email: [1][NHS Ayrshire & Arran request email]

[2]www.nhsayrshireandarran.com

Please take a minute or two to complete our survey - [3]Tell us what you
think

We use 12 point Arial in all our correspondence to make it easier for
people to read.

All our publications are available in alternative formats.

References

Visible links
1. mailto:[NHS Ayrshire & Arran request email]
mailto:[NHS Ayrshire & Arran request email]
2. http://www.nhsayrshireandarran.com/
http://www.nhsayrshireandarran.com/
3. http://www.surveymonkey.com/s/commsstrat...
Tell us what you think
http://www.surveymonkey.com/s/commsstrat...

Looking for an EU Authority?

You can request documents directly from EU Institutions at our sister site AskTheEU.org . Find out more .

AskTheEU.org