The laptops were taken from an NHS site in Blackpool, the boot of a car in Manchester, an employee’s home in South Manchester and from a hotel room in London, according to the Lancashire Evening Post.
The NHS Trust said no patient information was stored on the laptops and no data was breached.
Using Absolute Software’s Computrace product, the Trust was able to remotely access and wipe the computers. Computrace was also used to track and locate the stolen laptops, which lead to the recovery of the devices, and arrests were made.
Alan Boardmann, technology security systems engineer at Lancashire Care NHS Foundation Trust, told the Lancashire Evening Post: "With such a high percentage of remote workers moving between different locations, we have to be realistic about the security issues this presents. Theft is unfortunately inevitable”.
Cyber-Ark’s European director, Mark Fullbrook, was still critical of the NHS Trust’s security measures: “The critical question is why the staff was toting laptops that contained some degree of NHS data on them”.
He argued that if the NHS Trust used secure collaborative and data sharing and storage software, the data could have been stored centrally on a secure server and collaboratively shared when required.
“The days of having to store data on the laptop or netbook because of data transmission bandwidth issues are now long gone. Storing and sharing data collaboratively in a highly secure manner is clearly the way forward”, he added.