RCGP offers advice for around online consultations safety

RCGP offers advice for around online consultations safety

April 11 2018 Advice and considerations around the safety of online patient consultations has...

Wales sets out more on IT supplier selection for GMS Framework Contract

Wales sets out more on IT supplier selection for GMS Framework Contract

February 21 2018 Public Health Wales has published further information about the tendering...

Consultation opens on MoU on data sharing between NHS Digital and Home Office

Consultation opens on MoU on data sharing between NHS Digital and Home Office

February 19 2018 Public Health England is seeking views on the impact of data-sharing...

NHS to distribute KardiaMobile AF diagnosis device

NHS to distribute KardiaMobile AF diagnosis device

February 15 2018 A device the size of a credit card that can be used to diagnose atrial...

NHS Wales opts for Vision and Microtest as preferred GP IT software providers

NHS Wales opts for Vision and Microtest as preferred GP IT software providers

February 1 2018 NHS Wales Informatics Service appears to have dropped EMIS Health as a preferred...

  • RCGP offers advice for around online consultations safety

    RCGP offers advice for around online consultations safety

    Wednesday, 11 April 2018 13:19
  • Wales sets out more on IT supplier selection for GMS Framework Contract

    Wales sets out more on IT supplier selection for GMS Framework Contract

    Wednesday, 21 February 2018 15:57
  • Consultation opens on MoU on data sharing between NHS Digital and Home Office

    Consultation opens on MoU on data sharing between NHS Digital and Home Office

    Monday, 19 February 2018 11:03
  • NHS to distribute KardiaMobile AF diagnosis device

    NHS to distribute KardiaMobile AF diagnosis device

    Thursday, 15 February 2018 16:07
  • NHS Wales opts for Vision and Microtest as preferred GP IT software providers

    NHS Wales opts for Vision and Microtest as preferred GP IT software providers

    Thursday, 01 February 2018 11:20

a medical professional at computer cbAugust 15 2017

People handling patient records must have a valid reason to access the information in them, the Information Commissioner’s Office has warned.

 The reminder follows a Magistrates’ Court ordering a health care assistant to pay £1,715 after unlawfully accessing patient records without a business purpose. The hospital worker was given a fine and ordered to pay costs “after pleading guilty to offences of unlawfully obtaining and unlawfully disclosing personal data.”

Among the 29 patient records accessed by the health care assistant were those of “family members, colleagues and others where no connection with the defendant is known, between December 2014 and May 2016.

“Some of the information was subsequently shared with others. That was not only a breach of patient confidentiality but also against the Data Protection Act,” the ICO said this week.

It is one of several prosecutions the ICO has brought over the past few months. Head of Enforcement Steve Eckersley said: “Once again we see an NHS employee getting themselves in serious trouble by letting their personal curiosity get the better of them.

“Patients are entitled to have their privacy protected and those who work with sensitive personal data need to know that they can’t just access it or share it with others when they feel like it. The law is clear and the consequences of breaking it can be severe.”

The ICO pointed out that a new law, the General Data Protection Regulation (GDPR) will replace the Data Protection Act 1998 with effect from May 25 2018.

“The ICO can take action to change the behaviour of organisations and individuals that collect, use and keep personal information. This includes criminal prosecution, non-criminal enforcement and audit. The ICO has the power to impose a monetary penalty on a data controller of up to £500,000,” it said.

Anyone who processes personal information must comply with eight principles of the Data Protection Act, which make sure that personal information is:

  • fairly and lawfully processed;
  • processed for limited purposes;
  • adequate, relevant and not excessive;
  • accurate and up to date;
  • not kept for longer than is necessary;
  • processed in line with the individual’s rights;
  • secure; and
  • not transferred to other countries without adequate protection.

The government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR.

Links:
ICO announcement          
ICO case summary            

Management News

April 23 2018 A pilot scheme is highlighting anticipated waiting times for a hospital referral, using an ‘e-traffic light’ system. When a GP is wanting to make the referral, a green light on the...
April 23 2018 Buprenorphine has been found to have lower rates of overdose death than methadone when used in opioid substitute therapy. The impact was particularly seen in the first four weeks of...