With the introduction of the Personalised Health and Care 2020 Framework, the Government aims for the NHS to become ‘paperless’ by 2020, switching storage of all healthcare records to a digital format. It is planned that patients will also have access to their own data, which will be easily viewable online and via the official NHS app.
Although these developments are a step towards modernising the UK’s healthcare system and increasing patient freedom, the technology and debate surrounding the use and sharing of data presents new challenges.
According to data shared by NHS Digital in December 2017, a UK patient’s Summary Care Record (SCR) is accessed by a health or care professional every four seconds. Such GP records include items such as medication and allergy information, often accessed through a web portal.
SystmOne, one of the most popular software suites used by GP surgeries nationally, has already experienced it’s fair share of controversy. In 2017, the Information Commissioner’s Office (ICO) investigated concerns that the records of over 26 million patients could be accessed at any time regardless of whether or not there was a medical reason to do so. These records can be accessed by a range of employees such as receptionists, clerical staff, healthcare assistants and medics working in pharmacies, care homes and even prison.
In 2018 a fault in the software’s code also meant that the decisions of over 150,000 patients to opt-out of data sharing were never passed on to NHS Digital.
Such incidents are not only embarrassing and difficult from a PR perspective, anything less than watertight security puts patient confidentiality and safety at risk. Can you imagine the chaos that would ensue if a data centre security breach led to the deletion or adjustment of medical records by external parties?
There are many security options that can be integrated within a data centre, ranging from basic to government level. Every facility should contain CCTV and alarm systems at a very minimum, but on the other end of the scale, during a recent project with Hertfordshire, Bedfordshire and Lincolnshire Shared ICT Services, we introduced a main entrance and plant room door locking and access control system, along with rack-level proximity card locking. For the highest quality security, we also recommend investing in perimeter fences, external barriers and trained security staff.
Where sensitive medical data is concerned, we believe security should be implemented internally as well as externally.
Inside, when it comes to physical enclosures and racks, one of the most secure products on the market are locking handles. We have installed the E-LINE series of security handles by DIRAK around the world in a range of industry sectors from banks and financial institutions to universities and education establishments. Security handles also provide real-time reporting, which allows users to detect breaches as soon as they happen.
If you would like to know more about security or safety in your data centre or computer room, get in touch with the 2bm team today for expert advice.