Eversheds Comment: NHS Told To Tighten Data Security
Main Category: IT / Internet / E-mailAlso Included In: Public Health
Article Date: 01 Jun 2009 - 3:00 PDT
email to a friend 
printer friendly 
view / write opinions 
rate article
Following calls from the information commissioner for the NHS to improve its data security, after breaches involving the loss of thousands of personal medical records, Bill Gilliam, head of the health sector group at international law firm Eversheds comments:
"As part of the NHS's internal procedures, it is important to include clear provisions in employment contracts, setting out obligations relating to confidentiality and security. NHS entities need to consider establishing an internal information security policy that clearly defines their employees' obligations regarding information security, and sets out the consequences of a breach of the policy (eg disciplinary action or dismissal). Confidentiality requirements are of course imposed on NHS professionals by their own regulatory bodies, including the General Medical Council and the Nursing and Midwifery Council.
Consequently, breaches of data security by such professionals can adversely affect their registration. It is vital that, as well as having these requirements in place, all personnel are fully alive to the risks of breaching data security and take practical steps to minimise the risks, particularly where data is taken off site. Ironically, it is often the most conscientious individuals, who are taking work home or working whilst in transit, who represent the greatest risk.
"In addition, the NHS must ensure that contracts with third party suppliers and other third parties, such as temporary staff and employment agencies, contain clauses referring to confidentiality and security. Having a policy in place that deals with such breaches, and implementing that policy swiftly in the event of any breach, should not only help to mitigate the consequences for the NHS and any individual(s) affected by the security breach, but may mean a more favourable view of the breach is taken by the Information Commissioner (or any other relevant authority) in the event of an investigation. The Information Commissioner (IC) has recently issued further guidance on dealing with data security breaches."
Source
Eversheds LLP
|
Please rate this article: (Hover over the stars then click to rate) |
Patient / Public: |
or |
Health Professional: |
IT / Internet / E-mail headlines email to a friend printer friendly version
weekly newsletter daily news alerts
personalize your news
rss feeds
back to top
Any medical information published on this website is not intended as a substitute for informed medical advice and you should not take any action before consulting with a health care professional. For more information, please read our terms and conditions.
Contact Our News Editors
For any corrections of factual information, or to contact the editors please use our feedback form.
Please send any medical news or health news press releases to:
| Back to top | Back to front page | List of All Medical Articles |
| Privacy Policy | Terms and Conditions | © 2009 MediLexicon International Ltd |
