§ Miss Emma NicholsonTo ask the Secretary of State for Health how many instances have been detected in his Department of computer(a) hacking, (b) viruses, (c) logic bombs, (d) Trojan horses or (e) other types of computer misuse, whether perpetrated by authorised or unauthorised users of computers; and how many unsuccessful attempts have been recorded.
§ Mr. FreemanThere have been no instances detected and no unsuccessful attempts recorded.
§ Miss Emma NicholsonTo ask the Secretary of State for Health in view of evidence from the United States of America and France, that personal health records are being maliciously damaged by the implantation of computer viruses, what precautions are being taken against similar breaches of United Kingdom public health and medical records held on computer files.
§ Mr. FreemanIt is not the policy of the Department of publicise the measures taken to ensure the security of medical data since such information would be of assistance to potential attackers.
§ Miss Emma NicholsonTo ask the Secretary of State for Health if he will make a statement on all recorded cases of unauthorised access to his Department's computer files.
378W
§ Mr. FreemanThere have been no recorded cases of unauthorised access.
§ Miss Emma NicholsonTo ask the Secretary of State for Health if he will give details of his Department's policy on review of the security of its computer files.
§ Mr. FreemanThe Department regularly reviews its computer security arrangements, but it would not be appropriate to publish details of procedures and arrangements.
§ Miss Emma NicholsonTo ask the Secretary of State for Health if he can quantify the risk of damage by hackers to sensitive computerised files in his Department.
§ Mr. FreemanComputer systems containing sensitive information are subject to physical and local security measures designed to remove or minimise the risk of damage, including that by hacking, to that information. The Department does not consider it sensible to publish details of risks and counter-measures involved.
§ Miss Emma NicholsonTo ask the Secretary of State for Health whether staff are briefed about computer hacking and computer viruses; whether there are contingency plans to deal with computer downtime caused by unauthorised penetration; and what plans exist to deal with penetration of particularly sensitive systems.
§ Mr. FreemanStaff are briefed on a wide range of security risks and counter measures including those by hacking and viruses. Security contingency plans include provision for potential computer downtime caused by unauthorised access. These arrangements vary according to the level of sensitivity of the information held. The Department considers that the effectiveness of these arrangements would be reduced if details were made public.