Safeguarding NHS patient data: Re-evaluating information management in your practice

Accusations that the NHS had tried to cover up the loss of 500,000 pieces of patient data hit headlines earlier this year, subsequently triggering a massive investigation.

Driven by fears that misplaced blood tests, screening results and other medical documents had put patients’ lives in danger, five separate inquiries were launched.

The NHS Shared Business Services (SBS) is reported to have mislaid the important information after sending the documents to a storage warehouse instead of forwarding them to the 7,700 GP surgeries they were intended for.

The results of the inquiries have yet to be publicly shared, but the focus has been on determining how many patients were harmed by the mistake (with some suggesting around 500 people were affected).

CQC’s data security review

It’s not the first time there have been concerns about the correct handling and treatment of sensitive information by the NHS or its partners.

Over recent years there’s been lots of media focus on cyber-security and its impact on the safety of digital information. Although it’s an area that warrants careful examination, paper-based information has proven to be just as vulnerable thanks to careless human behaviour.

In July of 2016, CQC released a report into how data is managed by the NHS, which raised plenty of worrying issues and signs of poor practice.

These included:

  • Physical notes and records being lost onwards and offsite
  • Notes being too visible (on trains where staff were working, and on unattended reception desks, for example)
  • Paper waste (containing sensitive or confidential information) left unattended in bags outside buildings
  • Post-it notes detailing passwords visibly stuck on computer screens

Whilst acknowledging that many of these mistakes are without malicious intent, the CQC report recommends restructuring processes and training staff more thoroughly to reduce their occurrence.

Re-evaluating data storage and security in your practice

For peace of mind that your practice meets the high standards of data safety and security it’s expected to, use the CQC’s report as a starting point for re-evaluating your own weaknesses and strengths in this area.

As noted earlier, lots of incidences of data breaches come down to human failure and simple, avoidable mistakes.

To counteract the likelihood of your staff accidentally making similar errors, provide them with the necessary equipment for securely storing patient information and records.

With companies like Invicta Mobile Shelving offering a variety of mobile storage systems designed to cater to the specific needs of the healthcare industry, it’s not hard to accomplish.

And take the time to notify all your staff of the recent data losses and breaches. Turn them into learning tools, using them to reinforce the importance of following correct patient information security protocols within office areas, wards, consulting rooms and out with the practice.

With recent scandals still firmly on everyone’s minds, being proactive about data security and management in your practice is a wise move to make.

Leave a Reply

Your email address will not be published. Required fields are marked *

eighteen − twelve =