The NHS are coming under increasing pressure to share data privacy breaches with the public following a lot of press coverage recently about major NHS data breach fines. The Information Commissioner’s Office (ICO) has subsequently raised fresh concerns about the NHS ability to protect this data.
Publicservice.co.uk wrote an article recently where Christopher Fincken, Chairman of the UK Council of Caldicott Guardians, expressed his personal view that it was:
“quite wrong that fines imposed on NHS bodies effectively come out of funding patient care”.
The ICO responded by saying that it took into account what an organisation can afford to pay, therefore defending the use of financial penalties. They furthered that fines are an important aspect of enforcement but only represent “one of the tools in the ICO tool belt.”
Mr Fincken believes the NHS should:
• Making healthcare providers fully accountable for breach disclosure to patients and breach notification to the ICO.
• Mandating trusts to build patient privacy into NHS IT systems by enforcing the mandatory use of audit trails across all healthcare applications.
• The introduction of robust standards for audit trails.
• Reinforcing a culture of privacy in the NHS through education and awareness.
Disclosure & notification
Data security breaches within the NHS have increased by 935 per cent in the past five years, according to official surveys. As there is still no legality which means this information is not shared with the public and must be resolved, which the government need to enforce.
Tighter legislation means that when a breach occurs, providers must disclose to patients this error which would bring a level of accountability to care providers that cannot be achieved by other measures such as random audits and fines.
Change the culture
These recommended changes are as much cultural as they are technological one. Wider healthcare technology education, training and awareness of patient privacy within the NHS needs to be improved. The implications of security breaches must be fully understood across the health sector and healthcare leaders must also become privacy leaders.
These changes will help to transform data security within the NHS, by building levels of trust between patients and the NHS at the same time as enhancing patient care through the secure use of electronic healthcare.
About GPMBuzz
Connect with the community and discussions
Get in touch!
Forum Sponsors & Associates
