Trusts fail to act on data loss11th September 2008
NHS bosses are failing to take action against staff who lose data or breach confidentiality regulations.
A survey of 47 primary care trusts, hospital trusts and NHS authorities has shown that little action is being taken against staff who lose personal records or access patients records without the necessary authorisation.
The journal Pulse used Freedom of Information legislation to highlight the lack of action.
Its survey revealed there were 188 reports of staff breaching data privacy rules or accessing patient data without authorisation since January 2007, and 75 reports of lost data but only 14 of 263 incidents were followed up with formal disciplinary action, generally a verbal or written warning.
No trusts reported suspending or dismissing staff.
Among the incidents was the theft of a laptop containing the bank details of staff at Royal Cornwall Hospitals NHS Trust and a staff member at Norfolk and Norwich University Hospitals NHS Foundation Trust dumping 55 patients’ ward handover notes in a domestic bin.
The NHS Confederation and the Health Select Committee for NHS has already called on trusts to be firmer with staff responsible for confidentiality breaches.
Security expert Professor Ross Anderson from the University of Cambridge said it was likely many more security breaches were going unreported.
NHS chief executive David Nicholson has recently written to all senior health managers reminding them of their responsibilities with regard to data losses.
A Department of Health spokesperson said that all trusts were expected to take the matter of data loss “extremely seriously.”
Share this page
There are no comments for this article, be the first to comment!
Post your comment
Only registered users can comment. Fill in your e-mail address for quick registration.
Title: Trusts fail to act on data loss
Author: Mark Nicholls
Article Id: 8300
Date Added: 11th Sep 2008