Generally I agree that people should be able to use the methods that suit
them, but they must be made aware of the risks. With e-mail I think the
biggest risk (because it's a neat combination of technical and human
weakness) is auto-complete when you start typing an email address. The
scope for sending sensitive information to the wrong person is enormous. On
the other hand, if you have someone's email address as a field in their
database record and click a button labelled 'Send an email to this person'
the risk is significantly diminished. The system can also, of course, keep
a copy of the communication as part of the record: win/win.
That suggests that it is better for the organisation to think ahead and set
up a system that can capture and hold email addresses, then make it
mandatory to email from within the system - rather than make ad hoc
decisions that result in individual staff taking the riskiest option for
want of anything better. Head in the sand is not the answer.
Best wishes,
Paul
Paul Ticher
0116 273 8191
www.paulticher.com
22 Stoughton Drive North, Leicester LE5 5UB
For continuous priority support on Data Protection, sign up to my support
service:
www.paulticher.com/data-protection-services
----- Original Message -----
From: "Simon Howarth" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Monday, March 31, 2014 9:14 AM
Subject: Re: Secure Messaging for patients
I am very much involved in this area and it annoys me that there is a still
as "Oooo you can't do that" attitude. The plain fact is that patients
themselves are requesting contact by these methods. Of course we need to
ensure that patients are made aware of the risks and we need to further
ensure that information of a sensitive nature is kept to a minimum. However,
contact by text and email and Skype are all being done within the NHS now,
with due care given to risks and benefits.
One place I do work for are in the process of putting together a text
messaging service to let HIV patients know their test results; requested by
a growing number of patients.
Also, we get very hung up about email - it's not perfect, but it's a very
effective and secure communications medium and a perfect vehicle for
providing key information to patients. The sooner we adopt good practice and
get on with it the better.
There are a lot of projects (less joined up than they might be) on the go at
the moment, here are a few:
* Test results by text to HIV
* Appointment reminders
* A system in the midlands to allow patients to be reminded to take actions
on their health - "Take you insulin".
* Skype used for mental health consultations.
* Emails between patients and doctors for key health issues.
* Systems like "www.patientsknowbest.com" which is changing how medical
records are perceived within healthcare.
It's here. We need to embrace this stuff and make sure it is done right
rather than try to block it on the grounds that there is risk. There is risk
with everything, all the time.
On the subject of GPs - I have yet to meet a GP under 65 that is not for all
this, their concern is that it is done correctly and does not remove the
relationship that GPs have with their patients.
As you can see I can write a book on this stuff, and in summary - this
progress is good. Let's do it right and improve care and save money - the
holy grail of the NHS.
Simon Howarth MSc. MBCS CITP
Director and Senior Consultant
The Information Edge
Mob. 07836 365588
Webtech Systems Limited t/a The Information Edge. Registered in England No.
3428632
www.informationedge.co.uk
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Brunella Longo
Sent: 27 March 2014 17:21
To: [log in to unmask]
Subject: Re: [data-protection] Secure Messaging for patients
And in any case, if one had the faintest idea of what 'secure' means in
information and communication technologies, he / she would never put forward
such talks "in the interest of patients" - and not because of "simple" risks
of losing confidentiality but because accidental or fraudulent errors in
patients' data risk to misrepresent their health status and to make GPs
liable for the consequences.
Anyway, if anybody is interested in a pilot project exploring ways in which
human computer interactions in the health records management field can be
designed in order to provide the system with additional levels of trust and
security, please get in touch.
Brunella Longo
Information Management Adviser
http://www.brunellalongo.co.uk
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask] All user commands
can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list
owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your
needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list
owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your
needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|