Trust is a valuable commodity and in the words of American business magnate, Warren Buffett — “It takes 20 years to build a reputation and five minutes to ruin it.” The greatest issue is not so much the fact that you have been lied to, but that it then becomes so much more difficult to trust.
Trust is especially valuable when it comes to our privacy, and what is more private than our most intimate data — our personal medical records. In May, Sir Alex Ferguson, Britain’s most successful football manager was admitted to Salford Royal hospital after suffering a brain haemorrhage. After emergency treatment and less than a month in the hospital, Sir Alex made a good recovery.
After an audit of the Trust’s computer systems however, it became evident that a number of staff members- Two doctors, a senior consultant, and two nurses allegedly gained unauthorised access to Sir Alex’s private data.
Doctor Chris Brookes, chief medical officer for the Northern Care Alliance NHS Group, which runs Salford Royal, said of the incident- “We can confirm that a number of staff who work at Salford Royal are currently subject to investigation in relation to an information governance breach… All of our patients have the right to expect that their information will be looked after securely and accessed appropriately. We take patient confidentiality extremely seriously.”
Human error is not the issue here, curiosity shouldn’t be a variable in the privacy of our data since ideally, this shouldn’t even be a possibility. The Information Commissioner’s Office (ICO) is the UK’s regulatory body charged with enforcing data protection legislation and bringing regulatory action against those found to have breached data laws. It regularly deals with health-related cases and states that within its figures for Q2 of 2018/19 alone, there were a total of 4,056 data security incident reports within the sector.
What can Hospital Trusts do to earn our trust? Doctor Chris Brookes, chief medical officer at the site responsible for Sir Alex’s breach also stated — “We take patient confidentiality extremely seriously and will take the appropriate action to ensure staff understand the seriousness of unauthorised access.” Does that mean staff were not previously aware of the seriousness of unauthorised access? Does that statement guarantee this won’t happen again?
If hospital sites and CMOs wish to redress the issue they should reconsider their solutions, since trust is built through actions, not words. Successful relationships, including doctor-patient relationships, are built on the foundation of trust. This isn’t automatically awarded to someone due to a title, but earned, and as each Doctor and healthcare professional represents the sector as a whole, their reputation affects the NHS’s reputation.
Advising someone not to be curious is not enough, we should have firm and robust measures to protect patient data. Around the world, companies are considering using blockchain technology to help with privacy and data safety as they have done for the financial sector. it is time to block unwarranted access so that we can rebuild some trust.
By Medicalchain’s Tim Robinson
