Press room: Thu, 28 May 2009
The NHS Security Debate - Accessing Patient Records
In the news again
The subject of securing patient data has always been tricky. Balancing privacy; the patient’s right to own and delete their data, against the need of healthcare professionals to access the information to deliver effective care, is difficult to say the least. This was illustrated in an article in Tuesday’s Guardian, which outlined how NHS patients will be able to delete their summary-care records from the Spine, should they wish to have the data permanently removed.
Given previous government data breaches, it is perhaps understandable that many people are worried about who has access to their records and how the information is secured. However, evangelising deletion of records as a method of protection is counterproductive. When time is of the essence, an understanding of a patient’s medical history can mean the difference between life and death and it can also be critical in providing medical staff with the protection they are entitled to.
Hippocratic oath: "All that may come to my knowledge in the exercise of my profession or in daily commerce with men, which ought not to be spread abroad, I will keep secret and will never reveal."
There is another way - sealing
As such it makes far more sense to retain the information and secure it another way. Summary care records can be kept for reference on the NHS Spine and sealed, rather than deleted, so that specific staff can access them in case of emergency. There would also be safeguards in place to provide alerts to any broken seals and investigations into the circumstances would ensue.
Role based access
CFH already maintains a strong security tool that helps the situation – role based access. This ensures that the individual who requests the patient data needs the level of detail information required for their role and no more. So, say within a GP practice, the receptionist does not need to see the same medical details as the nurse or the GP – simply their name and address.
Legitimate relationships
This brings up the subject of who should be able to access patients’ records - it would make no sense for all GPs across the country to be able to see the records of all patients. To ensure a correct level of confidentiality there must be legitimate relationship between the patient and the person viewing the patient’s record. Privacy cannot be ignored - patients do not want all NHS employees to have access to their files, let alone anyone outside of the service. This is not just a reflection on any file that contains potentially sensitive information, but rather that all patients should be entitled to privacy – one of the fundamental tenets of the medical profession.
Access can be tackled by developing workgroups of staff dealing with the patient. For example, the majority of medical staff do not need full access to a patient’s file, but the GPs and nurses in their practice clearly do. By ensuring that these parameters are carefully set patients can feel confident that their data is only being viewed by personnel who need that specific access in order to carry out their care effectively.
There has to be a way forward that meets the needs of all concerned parties but whichever route the NHS takes to secure patient data it will not be an easy one.
