Plans For Paperless NHS Could Mean Data Protection Risks For Patients

It’s all well and good to go paperless and save money; but hasn’t this all been said and attempted before?

The NHS want to be innovators in the ‘digital age’ – and rightly so. Earlier this year, Health Secretary Jeremy Hunt promised to save the U.K. £4.4 billion with an investment plan to make the health service more efficient by going paperless. But, as Hunt pushes for a paperless health service, concerns are still brewing amongst the data protection camp.

And it’s a real concern with the health sector still the biggest perpetrators of data breaches and leaks.

Amongst the serious data breaches of the past couple of years – with big organisations like Yahoo and Sony in the mix – the NHS still holds the top spot in terms of data breaches. In 2014, 498 data breaches were reported to the Information Commissioner’s Office by NHS departments. The data breaches ranged from losing personal details stored on USB sticks or on printed copies, to uploading sensitive information online, and serious leaks like the 56 Dean Street clinic one. In one case, Oxford Health NHS Foundation Trust put 4,200 patients’ details online as well as sending personal details to the wrong patients!

The investment proposal – NHS Digital – will allow patients to access their information online, with booking services accessible on digital tools like apps, as well as having access to a doctor online with the option of a video link rather than going in person. You can see the perks of the investment. For starters, it saves a lot of paper, and secondly, for those who have difficulty accessing a doctor, many may find this new kind of service to be more efficient and user-friendly.

However, there is always a balance with everything. The system could allow documents to be centralised, which means more risk is placed on security of personal details that may well be stored in huge masses. There are also concerns for those who are not ‘technologically smart’ who may find it difficult to use this ‘hi-tech’ service, and could inadvertently put their own data at risk through naivety.

Hunt’s aim to improve the service is a huge risk for patients’ details

A YouGov survey published in April this year found that 72% of British adults were concerned about hacking and breaches to their personal details stored digitally. That’s almost three quarters of the British population worried about their details being hacked online. By pushing the proposed investment forward, Hunt may be allowing the fears of the British public to be further cemented. If the NHS does not put into place excellent security, NHS patient records could be at risk of the next inevitable hacking.

And nobody wants to see a mass hacking of personal and sensitive medical information. It would be a total disaster!

NHS Digital, formerly known as HSCIC, has been a “long roadmap” for the NHS to go paperless. Back in January 2013, Hunt placed a seemingly unrealistic goal of three years for going paperless. Plans to anonymise and share patient information on the Care.data platform was delayed due to lack of consultation over the plans. The platform was self-professed as a “care data and access to UK health records: patient privacy and public trust”.

On further investigation, Cambridge University researchers found that the platform “faces multiple challenges due to its mismanagement and miscommunications, inadequate protections for patient anonymity and conflicts with doctors”. However, the plan has been revitalised from the grave, with announcements of 2020 being the year the NHS will go paperless. The plan will “do what it says on the tin”, and cease all paper documentation when treating patients across all health care services.

If Hunt wishes to press forward with the plans, there must be more than adequate security in place to fend off the online hackers. With their track record, the NHS may be subject to a more stringent data protection compliance scheme to ensure that the patients’ personal data protection rights are upheld.

Let this be a warning to the NHS and not a lesson learned before the next hacking scandal/data protection breach comes into the public limelight again.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.

Create A Call Back

Information on how we handle your data is available in our Privacy Policy.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.