European judgement casts doubts on NHS CRS consent

1

Problems withstaff accessing records

25 Jul 08 10:07

This issue is never going to go away. When there were paper records, there were cases of practice managers looking at the records of prospective staff to see if they were likely to take a lot of sick leave. Totally illegal, but they got away with it. The difference with elctronic records is that you have easier access to many more records. With standalone practice electronic systems, that form of illegal access still happened, also receptionists checking up on their neighbours illnesses. An audit trail only reveals what has already happened, it doesn't stop the access. And no one has reassured me that the NCRS audit trail will have the staff and time to monitor every single access that is unexpected. Accessing a patient record, or even demographics, should really immediately flag up the last four viewers, which would act as a deterrent within a practice, but in the wider world of shared records, you probably don't know who should and should not be having access. Are you going to recognise the names of social workers, podiatrists, physios, hospital receptionists, medical secretaries outside your area, and whether they are entitled to view or not? And will security services access even feature in an audit trail? I don't think so. But it is the safety of patients that is at risk. Most unauthorised access is due to curiosity, but there are abusers, paedophiles, blackmailers working for such a huge organisation as the NHS who will be able to make use of it, and if the audit trail is vetted at all, it will only be to provide evidence to the police once it is too late for the victim. Information governance is beginning to creep higher on the agenda, but the coal face staff do not have to have regular IG training the way they do fire and health and safety, and if someone is determined to access a record, they will do so anyway, no matter what training they have had. A large payout by a newspaper might well be fair exchange for the small pension most coal face workers end up with!

If we are to share records, which we have to do to care for them properly, then we have to make patients aware that there is a slight unavoidable risk, and give them the option to refuse to share if that is the only way they will feel safe. Which is why I believe that implied consent is the wrong approach, it has to be properly informed, and that takes time and resources to do properly.

---

2

Could your data be for sale soon ?

max.lock@live.co.uk

30 Jul 08 07:07

You have to ask yourself if it is possible that staff in the NHS could abuse the new records system and I believe that it is very possible. Patients are losing their trust in NHS staff keeping their records secure. As for the Smart Card, staff are alread using PCs logged in by another member of staff. This means the audit will be useless anyway and could probably lead to the wrong member being accused of accessing records inappropriately.

NHS staff are insufficiently trained in regards to confidentiality. This is obvious, due to the amount of CD, memory sticks, laptops, backup tapes that go missing ever year. The Chief Executive makes some half brained comment to the media about how he is sure that the data will be wiped for a quick sale of the equipment and that they are now tightening security for data and equipment. Two weeks later the same again somewhere else.

The NHS is to data security, what Severn Trent is to water leaks....

---

3

Real life test of local system

30 Jul 08 09:07

I was teaching staff how to use a path lab results system in a large Hospital group. When i remarked it was not possible to see staff groups in the system, a nurse piped up and promptly opened her own Smear test results. (I am clinical -so nothing new to me)

This promptly demonstrated that I was talking complete bollocks and also demonstrated the poor build of the software and the lack of any real field testing.

Two weeks later I was in a patient role in outpatients having fought tooth and nail to get an appointment.

The consultant announced that the appointment would have to be re-booked 8 weeks later as he had no access to my blood results and did not know how to use the 'puter.

I promptly opened my own results for him, for which he was extremely grateful.

But the point is -it was supposed to be impossible!

(Both resuolts were negative)

---

4

Re - Real life test of local system

max.lock@live.co.uk

30 Jul 08 14:07

I was glad to read that you have received negative results, but find myself concerned that you are able to access your own records. Obviously this consultant hadn't been given access yet, or his permissions were incorrectly configured. Either way it is access to the system that will be audited under your account and I feel this is another abuse of the system. Did you receive any guidelines as to when your own access to the system is authorised? If not, how can you train others so they are aware of their own responsibilities,

I take it for granted that as a trainer that you have full permissions, meaning you can read/write/delete and there I think is the problem. Anything could be removed or even added. If you get the wrong type of person, someone with a grudge against a patient, it end up being a fatal flaw in the system.

---

5

If you access your own results

30 Jul 08 22:07

If you access your own results could you trigger an investigation into your own browsing?

---

6

Audit trails

31 Jul 08 11:07

I await with baited breath the posting that says after accessing your own results, you were contacted by the Trust's Caldicott Guardian and asked to explain yourself. Has the CG even been trained yet, and where are they supposed to find the time to check, even if if they do receive notifications? What guarantee is there that an unscrupulous trainer (which you are obviously not, but there will be some) couldn't do untold damage?