In the past few years, the National Health Service (NHS) has made attempts to expand and ease the pressure on its extremely busy and hectic services with use of new technology. This included setting up an entire NHS internal email system that allows staff to send ‘secure’ emails to each other to share ‘sensitive information’.
An electronic prescription service is also available that allows GPs to send a prescription directly to a pharmacy.
But in the increasingly interconnected digital world, what are the concerns over using such technology? Should we be worried?
The NHS website states:
‘The ambition is that by 2018 every citizen will be able to access their full health records at the click of a button, detailing every visit to the GP and hospital, every prescription, test results, and adverse reactions and allergies’
Sounds like a risky thing…
These supposedly fast and convenient services are set to replace time spent filling paperwork so that time can be used for patient services and appointments. One example is a ‘Summary Care Record’ (SMR), which is a compilation of a patient’s medical health records that may help to reduce time wasted chasing paperwork, with the data accumulated from NHS hospital visits, GP appointments, dental appointments etc.
This electronic record can allow medical professionals to check vital information such as:
- Medicine the patient is currently taking/taken
- Any allergies the patient suffers from
Access to this information is designed to help medical professionals make faster and more accurate diagnoses and treatments, without the need to go through a patient’s medical history personally or have to wait for paperwork to be sent through. However, with all storage and access of data, there will always be concerns as to how secure it will be kept.
The duty to protect information by law
All persons, companies and organisations have a legal duty in accordance with the Data Protection Act to look after personal information in a safe and secure manner. Its principles strictly govern that personal information may only be used for specified reasons and only for those reasons, as well ensuring that it’s safe and secure at all times whilst in use, and discarded safely after use.
Personal information is something only the owner and permitted third parties should have access to. It’s something sacred that should always be protected and respected. When someone’s personal information is illegally accessed or used, the consequences can be severe.
Stolen personal information can be used to impersonate the owner in order to gain more access into even more private information, including bank account details.
Financial losses can be huge, and psychological harm can be significant.
Data breaches can be deeply intrusive and lead the victim to suffer a lot of distress, especially when they don’t know exactly who has their information and to what end it may be used. Medical information is classed as ‘sensitive’ information and even more steps should be taken to protect it.
Although the SMR is described as safe and secure – only accessible by authorised personnel – there may still be risks.
They say that nothing on the internet is completely impenetrable.
Hacks and data breaches occur on a daily basis and sometimes even giant companies become victims to them. If big organisations can lose millions because of hackers, and teenagers / young adults aged between 15-20 can hack into broadband giant TalkTalk, it seems only inevitable that an administration error, an internal breach or a third party hack could leave the NHS in the midst of yet another data breach scandal.
And that is why we have to be concerned.
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.
First published by Author on December 21, 2017
Posted in the following categories: Healthcare and tagged with data breach | data controllers | employee breaches | medical records | nhs | online security | personal data