It’s all well and good to go paperless and save money; but hasn’t this all been said and attempted before?
The NHS want to be innovators in the ‘digital age’ – and rightly so. Earlier this year, Health Secretary Jeremy Hunt promised to save the U.K. £4.4 billion with an investment plan to make the health service more efficient by going paperless. But, as Hunt pushes for a paperless health service, concerns are still brewing amongst the data protection camp.
And it’s a real concern with the health sector still the biggest perpetrators of data breaches and leaks.
Amongst the serious data breaches of the past couple of years – with big organisations like Yahoo and Sony in the mix – the NHS still holds the top spot in terms of data breaches. In 2014, 498 data breaches were reported to the Information Commissioner’s Office by NHS departments. The data breaches ranged from losing personal details stored on USB sticks or on printed copies, to uploading sensitive information online, and serious leaks like the 56 Dean Street clinic one. In one case, Oxford Health NHS Foundation Trust put 4,200 patients’ details online as well as sending personal details to the wrong patients!
The investment proposal – NHS Digital – will allow patients to access their information online, with booking services accessible on digital tools like apps, as well as having access to a doctor online with the option of a video link rather than going in person. You can see the perks of the investment. For starters, it saves a lot of paper, and secondly, for those who have difficulty accessing a doctor, many may find this new kind of service to be more efficient and user-friendly.
However, there is always a balance with everything. The system could allow documents to be centralised, which means more risk is placed on security of personal details that may well be stored in huge masses. There are also concerns for those who are not ‘technologically smart’ who may find it difficult to use this ‘hi-tech’ service, and could inadvertently put their own data at risk through naivety.
Hunt’s aim to improve the service is a huge risk for patients’ details
A YouGov survey published in April this year found that 72% of British adults were concerned about hacking and breaches to their personal details stored digitally. That’s almost three quarters of the British population worried about their details being hacked online. By pushing the proposed investment forward, Hunt may be allowing the fears of the British public to be further cemented. If the NHS does not put into place excellent security, NHS patient records could be at risk of the next inevitable hacking.
And nobody wants to see a mass hacking of personal and sensitive medical information. It would be a total disaster!
NHS Digital, formerly known as HSCIC, has been a “long roadmap” for the NHS to go paperless. Back in January 2013, Hunt placed a seemingly unrealistic goal of three years for going paperless. Plans to anonymise and share patient information on the Care.data platform was delayed due to lack of consultation over the plans. The platform was self-professed as a “care data and access to UK health records: patient privacy and public trust”.
On further investigation, Cambridge University researchers found that the platform “faces multiple challenges due to its mismanagement and miscommunications, inadequate protections for patient anonymity and conflicts with doctors”. However, the plan has been revitalised from the grave, with announcements of 2020 being the year the NHS will go paperless. The plan will “do what it says on the tin”, and cease all paper documentation when treating patients across all health care services.
If Hunt wishes to press forward with the plans, there must be more than adequate security in place to fend off the online hackers. With their track record, the NHS may be subject to a more stringent data protection compliance scheme to ensure that the patients’ personal data protection rights are upheld.
Let this be a warning to the NHS and not a lesson learned before the next hacking scandal/data protection breach comes into the public limelight again.
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.