Digital Transformation

Hospital confidentiality breaches on the rise, study finds

Worrying new statistics show data breaches at hospitals are a regular occurrence.

New research has discovered that the number of confidentiality breaches and losses of patient data at hospitals is on the increase.

A Freedom of Information request submitted by Pulse magazine revealed that for the 55 trusts that could provide comparable year-on-year statistics, there were 2,805 such incidents in 2012/13.

This was a 20 per cent increase on the 2,337 recorded in 2011/12, with common examples including letters being left in public places and documents sent to the wrong person or site.

In addition, it was noted that there was a 15 per cent rise in breaches between 2010/11 and 2011/12, something the General Practitioners’ Council (GPC) said could lead to the public losing faith in the NHS.

The issue may also have to be addressed as a matter of urgency if the government is to press ahead with its target of a completely paperless health service by 2018.

In one case, a research fellow accidentally left patients’ details at a shop, which could have been serious had an employee not spotted the folder and handed it in promptly.

Joint chair of the GPC’s ICT subcommittee Dr Chaand Nagpaul said data protection needs to be taken seriously.

"At a time when the government is pushing ahead with widespread data sharing, it’s vitally important the public have confidence their data is secure, only accessed when relevant to their care. This must be a priority," he added.

Chief executive of Wessex LMCs Dr Nigel Watson said this should not put officials off digitising data, commenting: "We do need a system whereby we can share data professionally and we have a good opportunity now to look at our systems and make sure they are robust."

It comes after a survey by the British Security Industry Association found one in four healthcare workers had experienced some kind of data breach at their organisation, with two-thirds saying it came as a result of incorrect disposal of material.

A third reported that theft was the reason for the data protection failure.