Radio Netherlands Worldwide’s English news service reports that the Dutch Data Protection Authority has criticised hospitals for being careless with patients’ computer records. This criticism follows an inspection of 20 hospitals, not a single one of which was found to have adequate data security. The Authority blames hospital management. Apparently entire departments were using the same login name and password and, in many hospitals, computers were left running so that anyone could access the system if no member of staff was nearby. Remarkably a similar inspection four years ago produced the same results.