The programme showed how easy it was to buy private medical data from criminals in India.
Reporter Chris Rogers was shown getting a sample of 100 medical records was offered a further 10,000 if he went to India. The programme found data could be bought for £4 per individual record. All the data identified in the programme was from private medical organisations, not the NHS.
Responding to the revelations, Mark Kobayashi Hillary, NOA Offshoring Director said, “It is useful for programmes like Tonight to be exposing these crimes, but not to disparage a largely trusted and successful outsourcing and offshoring industry.
“It’s important that this is understood to be a data crime, not an offshoring crime.”
Kobayashi Hillary said data security was not dependent on location. “Such data theft could occur just as easily in Aberdeen as in Mumbai. The expose shows there are still some contact/processing centres behind the times which are letting the industry down and fuelling bad perceptions.”
The NAO said the expose highlights the importance of the users of outsourcing employing “credible, reputable and mature suppliers”.
Good suppliers now have very strict policies to avoid any data theft, said Kobayashi Hillary. “These include no USB or external email access, no paper and pens allowed; basically all avenues for data removal are taken away.”
The NAO also called for more transparency about where data is processed. “Information theft is a fact of life in this modern age, but if we demand transparency from our suppliers it can at least be reduced,” said Kobayashi Hillary.