Friday, 9 December 2011

Protecting patient data - essential for you...and your organisation

With changes planned to the way in which health care commissioning is undertaken and with an increasing diversity of health care providers, the Department of Health (DoH) have signalled the intention that the NHS and the Information Commissioning Office (ICO) will work together to ensure delivery of good information governance.

The ICO is clear that health care staff should be more aware of data security, particularly as it is central to what they do. They report a disconnect between the awareness of staff to protect the patient information that is entrusted to them and the number of breaches that occur. An example of such a disconnect is illustrated by the Dartford and Gravesham trust which inadvertently destroyed 10 000 health care records which had been stored in a destruction room because the archive room had been full. Acton was taken against the trust.

According to the ICO, human error is not an excuse for the loss of data. It is a systemic problem. Too often people rely on technical solutions for their data security. It is much more, extending to the organisations themselves, how they operate, and the standards they set.

The IG toolkit is acknowledged as the bench mark standard for assuring good information and data security management. The Information Governance Board - which is set to become part of the Care Quality Commission (CQC) in 2013 under proposals in the health and social care bill - acknowledges that people have difficulties with some of the complexities of the tool kit and it was working on transitional guidance to help healthcare professionals with the changes to the NHS.

With the ICO now able to impose penalties of up to £500 000 for serious breaches of the Data Protection Act and against a background of more than 800 reported data breaches over 3 years attributable to nhs staff - 1 in 8 breaches reported by health care service organisations resulted in staff dismissals - then it is worth making sure that you have robust data security systems built around a sound information governance structure in place.

And so if you need support with your information governance framework? Speak to one of WWR's IG experts today.

No comments: