According to a report by Parliament Street, the UK-based think tank, NHS Trusts have reported 9,132 stolen or misplaced patient records.
The disclosure has prompted concerns over its implications for data security and patient safety, with experts warning of an increase in the sales of such records on the dark web.
According to the report, University Hospital Birmingham topped the list with 3,179 misplaced records, followed closely by Bolton NHS Trust at 2,163 records missing. The third largest was University Hospital Bristol with 1,105 records lost.
>See also: The NHS at 70: What next for its technological development?
Wigan and Leigh NHS Foundation Trust reported 426 lost or stolen documents despite using an electronic database system and Royal Devon and Exeter NHS Foundation Trust reported 425 documents lost or stolen and stated they only used paper case notes. The report also found that 94% of NHS Trusts still use handwritten notes for patient record keeping, despite often having electronic record system software in place.
Tip of the iceberg
A total of 68 hospitals responded to Freedom of Information requests for the Parliment Street report, meaning these figures may just be the tip of the iceberg.
Barry Scott, CTO EMEA of Centrify, said: “These incidents underline the need to improve security procedures around the management of health records within the NHS. With sales of health records on the dark web and identity fraud on the rise, the need to protect the privacy of patients whilst moving towards secure digital systems is both urgent and essential.”
>See also: How to navigate the NHS data protection minefield
“The health service remains a top target for hackers, and whether their motive is to wreak havoc or steal identities, it’s critical that every single patient record is treated as a high priority by Health trusts. Achieving this means ensuring only accredited doctors, nurses and staff can access private information, and providing encryption and identity access management solutions to keep cyber criminals locked out.”
CTO’s perspective
For any CTO embarking on a digital transformation initiative, one of the biggest challenges they face is assessing current data management technologies, understanding what needs to be modernised and which technologies should replace existing technologies.
NHS trusts are not unique, information governance is immature at the majority of companies, very few bother developing a data governance council or appointing a chief data officer.
>See also: ‘Chief data officers are enabling digital transformation’ – Gartner
CTOs need a way to define and implement information policies, definitions, and rules to support efficient business processes and trust in reporting.
Data governance solutions enable CTOs to enforce data policies that comply with regulations such as GDPR as well as decreasing the likelihood of data being misplaced.
Nominations are now open for the Women in IT Awards Ireland and Women in IT Awards Silicon Valley. Nominate yourself, a colleague or someone in your network now! The Women in IT Awards Series – organised by Information Age – aims to tackle this issue and redress the gender imbalance, by showcasing the achievements of women in the sector and identifying new role models