NHS to face greater scrutiny as patients get a greater say on quality of services.
The changing shape of the NHS, with extended lines of communication from healthcare organisations through to social care providers, while potentially promising more integrated care, creates additional security risks. Clear evidence from the UK and worldwide shows that the greatest risk to patient data security is from staff accessing electronic records they have no right to see. This opens the door to identity theft, fraud and other criminal activity.
The misuse of sensitive data can do enormous damage to patients and to the reputations of healthcare providers and their senior management. It can also lead to a substantial waste of taxpayers’ money at a time when the NHS has to make savings and increase financial efficiency.
Greater competition for patients and contracts means that organisations must work harder than ever to safeguard their reputations. Commissioners also want to be certain that the services they purchase will not lead to complaints by, or harm to, their patients.
The planned roll out of HealthWatch, which will champion patient interests and concerns at local and national level across England, will see healthcare providers face closer scrutiny than ever before. This will put the NHS under further pressure to demonstrate its effectiveness at addressing pressing public concerns, such as the confidentiality of patients’ personal healthcare records.
Kurt Long, CEO and Founder of FairWarning®, said, “The Health and Social Care Act, and the setting up of HealthWatch, means that patient privacy is becoming a more pressing concern than ever for NHS senior managers. Health and social care providers who act now have an excellent opportunity to strengthen their reputations with patients, clients and commissioners who will feel confident that high-quality training and safeguards are all in place. They will also be able to meet the growing demands from government, regulators, patient groups and the public to keep electronic records safe.
“Our experience shows that the huge threat that exists from privacy breaches is actually straightforward to tackle by replacing cumbersome manual systems with ones that are automated, fast and effective. Once patient records are secure, senior management teams no longer have the worry that there might be a major privacy breach issue ticking away like a time bomb at the heart of their organisation. They are free to focus their energies on the immense challenges of implementing the new Health and Social Care Act and making far-reaching efficiency savings.”
NHS Scotland has already moved to protect patient confidentiality, but much of the NHS in England is ill-equipped to prevent or detect privacy breaches. Yet, the passing of the Health and Social Care Act means that care providers will have to exchange data with an ever-growing number of external bodies. These will include new providers from small independent clinics, to social and private enterprises delivering anything from routine surgery to paediatric palliative care. Security is a must in all these relationships.
An independent survey carried out on behalf of FairWarning® last year showed that an overwhelming majority of British people believe that chief executives and senior managers who fail to prevent a serious data breach should face severe consequences. Patients also say that they would put off seeking care, or possibly not give the full facts to a clinician, if there were worries about their confidentiality.
At the same time the regulatory environment is becoming tougher, with the Information Commissioner’s office committed to firm action on NHS data breaches. Dame Fiona Caldicott has been commissioned by the government to head an independent review on the protection of patient data. In this environment healthcare organisations must be certain that they are in full control of who accesses patient data and be able to prevent its misuse.
Notes for editors
About the UK independent patient opinion survey
The main findings of the survey included that:
- 1% agree that chief executives and senior management should be sacked or fined if they were aware of risks but failed to act and there is a serious breach. 73.3% felt that better enforcement of rules and regulations would cut security breaches.
- 5% think that a serious breach of personal data would do severe or considerable damage to a hospital’s reputation.
- 2% strongly or somewhat agree that the NHS should monitor who looks at their files.
- Over 61% were very or somewhat worried that their identity could be used to commit fraud or used by criminals to target them, their family or home.
- 6% have, or would, withhold information about a sensitive personal medical matter from a healthcare provider with a poor record of protecting patient privacy.
- 3% have, or would, put off seeking care for a sensitive medical condition due to privacy concerns.
The UK survey was carried out by New London Consulting and took place in the nine day period from Thursday, August 25, 2011 to Friday, September 2, 2011 inclusive. See the survey: How Privacy Considerations Drive Patient Decisions and Impact Patient Care Outcomes.
The EU’s new stance on data privacy can be seen at: ec.europa.eu/justice/policies/privacy/review/index_en.htm and the results of The EU’s Special Eurobarometer359 survey are at http://ec.europa.eu/public_opinion/archives/ebs/ebs_359_en.pdf
About FairWarning, Inc.
FairWarning® is the inventor and world’s leading supplier of cross-platform healthcare privacy auditing solutions for Electronic Health Records. FairWarning® proactively protects healthcare organisations from emerging legal and privacy threats which include medical identity theft, identity theft, and other forms of healthcare information crimes. FairWarning® is industry’s leading best practice solution for automating privacy auditing. The company is located in Clearwater, FL, USA with offices in London, England and Paris, France. To learn more, please visit https://www.fairwarning.com or call 0800 047 0933 or US +1 727 576 6700.
Healthwatch England, launching in October 2012, will work with local Healthwatch and will also:
- Advise the NHS Commissioning Board, English local authorities, Monitor and the Secretary of State.
- Have the power to recommend that action is taken by the Care Quality Commission (CQC) when there are concerns about health and social care
Local Healthwatch, launching in April 2013, will take on the work of the Local Involvement Networks (LINks) and will also:
- Represent the views of people who use services, carers and the public on the Health and Wellbeing boards set up by local
- Provide a complaints advocacy service from 2013 to support people who make a complaint about
- Report concerns about the quality of health care to Healthwatch England, which can then recommend that the CQC take