Lancashire Care NHS Foundation Trust Secures Computers and Sensitive Patient Data with Absolute

The Lancashire Care NHS Foundation Trust, established in 2002, provides a range of mental health services for children and adults, along with substance misuse services, for a population of around 1.4 million people in Lancashire.

The Trust employs approximately 3,500 people located at 100 sites across the region. As a public sector organization, and particularly as a health service, the Trust has a duty of care to ensure the privacy of its patients’ data and to protect the investment in Trust assets.

Challenges

One of the biggest challenges facing the Trust is the NHS mandate to move many Healthcare services out into the community. This results in an increase in mobile workers using laptops off-site.

“As a Trust, we cover a wide and disparate area across the North West region and we have a lot of community-based teams and individuals who can spend days or even weeks away from their office. They rely on their laptops to manage and deliver services in the community, but it is a big challenge controlling and keeping track of hundreds of devices spread across the region,” says Alan Boardman, Security Systems Engineer for Lancashire Care NHS Foundation Trust.

Additional pressure to maintain data security comes from potential government fines of up to £500,000 for breaches of the Data Protection Act. The Trust has implanted policies that have largely mitigated the threat of data loss. All data is securely held in a data centre and accessible only through the network. However, it is possible that some data may still reside on a device.

Solution

The Trust deployed Absolute on 2,500 laptops and desktops across its five primary care areas and the other organizations for which it provides IT support. This enabled the organization to support its increasingly mobile workforce while ensuring the security of sensitive data.

“Absolute is a key part of several security layers we employ to help reduce the risk of data loss. And it’s not just the financial risk — we also need to protect our reputation for providing a high level of data security.”

Alan Boardman, Security Systems Engineer, Lancashire Care NHS Foundation Trust

“Among all the systems that the Trust has put in place to help protect sensitive data and hardware assets, we see Absolute as the best security product that we’ve bought. We don’t have sensitive data on our laptops, but with Absolute and our other encryption policies, we’ve added an even more secure defense to ensure the Trust and the patients we care for are fully protected,” says Boardman.

The Trust also leverages Absolute for risk mitigation, and once alerted about suspicious device activity, performs actions such as device freeze, end-user messaging, or data delete — depending on the status of the device and the level of action required.

Results

1
PROVE COMPLIANCE
Provides auditable proof that all data is wiped from stolen or mislaid devices regardless of location
2
PROACTIVE ALERTS
Allows the Trust to monitor changes to endpoints and identify suspicious device activity
3
MITIGATE RISK
Proactively respond when a suspicious device is identified. Perform actions such as device freeze or data delete to ensure data is secured