NHS patient letters meant for GPs went undelivered for years The NHS has been accused of covering up a large data loss involving the loss or mislaying of more than half a million pieces of confidential information. Confidential medical correspondence – including test results, diagnoses and treatment plans – between GPs and hospitals went undelivered during the five years from 2011 to …
> Physical data is inherently less secure than digital - it's difficult to trace, goes missing easily and is often open to interference
Physical data is inherently more secure than digital - it's easier to trace, difficult to forge or alter without detection, and requires a conscious effort to destroy.
And when it goes missing, it will finally turn up in a warehouse somewhere, rather than go straight to the great bit bucket in the sky.
That's why we still use physical ballot slips for voting.
Physical records are easy to be burned, flooded or otherwise tampered with, lost or god knows what; no audit trail either.
These paper records need to be forgotten about as a bad idea. They're not easy to share to start with. That's not to say that records shouldn't be tightly controlled.
Yes there are risks regarding information security, but I do know of Dr's practices that have burned down with loss of (illegible) records - isn't that a massive clinical risk? I think so.
SD
'What's that, Lassie? You say that the NHS couldn't handle data safely if it were all engraved on stone slabs each chained up inside a nuclear bunker and yet they want to build a national database where they can sell off pseudo anonymised data sets that are demonstrably commonplace to circumvent?'
Access by clinicians and other nhs staff has separate levels of access and is logged and checked. Not so for private service providers, who all have a cavalier attittude to data handling. There have been many detected, and punished (instant dismissal) cases of access to personal data for personal reasons among the very large number of private providers. One person was dismissed for verbally informing a patients friends that she was attending a sexual health clinic (she was a cleaner at the clinic). With such a large amount of staff, problems will always occur. Each person accessing an nhs system has a personal access card.
There have been many detected, and punished (instant dismissal) cases of access to personal data for personal reasons
And plenty of cases where nothing more was done than a slap on the wrist, like the doctor who accessed Gordon Brown's medical records just out of curiosity. That case was detected, but how many are not?
It's not immediately clear whether or not what happened falls under the remit of data privacy
It's not clear (to me, anyway) that any of the data protection principles have been violated. But physical printouts or letters produced by computer are subject to controls similar to those for digital data.
"Personal data shall be accurate and, where necessary, kept up to date."
They fail that principle by archiving 200000 change of address forms, ignoring the information in them leads to their customer records being out of date.
"Personal data processed for any purpose or purposes shall not be kept for longer than is necessary."
5 years is far longer than is necessary.
"5 years is far longer than is necessary."
No actually. Most hospital records have to be retained for 8 years after the last treatment or the death of the patient. Maternity records have 25 year retention. The reason for retention is a mix of medical need and also in case there is legal action in the future.
Complex patients can have a paper hospital record that is 2' thick.
Full info here. https://www.bma.org.uk/advice/employment/ethics/confidentiality-and-health-records/retention-of-health-records
In the NHS, records generally have to be retained for a minimum of 7 years from last treatment or from when the patient reaches 18. So when a baby is born, it's records are held for 25 years but the mother's (assuming she is over 18) only for 7.
However it is up to the clinical governance of each NHS body to set their local record retention policy as long as they adhere to the minimum requirements and can clinically justify the policy. For example there may be a clinical reason to retain cancer results (blood tests, xrays etc.) for significantly longer than 7 years in order to map changes, but not much reason to retain an xray of a broken leg for longer.
Missing the point a little, these would have included referral letters, diagnosis notifications, letters asking people to come in for appointments etc etc.
These haven't been acted on, heck I bet they can't even find out if some of these people are still alive and if there was a negative impact on health of those who are and those who not aren't.
Bottom line is that some of these could have been letters to patients or to a patient GP updating them on something VERY important such as urgent treatments for cancer, Hep C etc.
the doctor tends to phone and say something like "you need to come and see me now, don't wait for an appointment"
Yup. Happened to me when my T2 diabeties was identified (had blood tests for another reason, blood sugar was at a level that would lead to blindness and/or several unpleasant things in short order if not fixed..).
To add a slight element of farce - I went in the next day to see them, saw a locum whose first question was "what did you want to see us about?". I explained, a senior partner was summoned..
My favourite was when (during a long slow recovery from a severe illness a while ago) I went in to have my regular blood check in the morning, continued going about my day, and then at 7pm the phone rang: "This is the emergency room at the ERI. The lab's just phoned us about your blood results. Ermmm..are you alright?" Either I can cycle happily with a blood glucose of 2.0, or the lab made a mistake:)
"Missing the point a little, these would have included referral letters, diagnosis notifications, letters asking people to come in for appointments etc etc."
Not forgetting the threats of fines for people who don't attend appointments and fail to notify. That could be a bit difficult if the hospital claims they sent you a letter and you claim you didn't receive it. They don't use recorded or registered delivery so it's their word against yours.
I wonder how much it costs to keep 500,000 docuemnts for 5 years?
To *store* them, not as much as you would think (there are companies that specialise in that sort of thing and use either vaults or caves as ready-made storage space).
To index/retrieve/sift/review/discard? Lots. Think of a large sum of money, double, add another large number then add 10%.
If you want to do it properly anyway.
Tony Pepper, co-founder and chief exec of data security company Egress, said the NHS's reliance on paper records is partly to blame for the systematic screw-up.
Yet knowing the NHS uses paper, you still went ahead and bid for the contract to deliver the letters. Hmm.
See the definition of relevant filing system.
I suppose it hinges on whether the paper was stored in such a way that you could retrieve it easily given the data subject's name or address. If it was piled in an unsorted heap, then perhaps the ICO wouldn't have any responsibility.
That may be only the tip of the iceberg. In recent years two different emergency treatment hospitals have taken details of my GP - but nothing has ever been put on my GP's records about what they treated.
Recently I received a letter from the hospital after an annual check up - saying I now need a GP referral to another department. The letter says a copy of the report has been sent to my GP. It then goes on to say "take this letter with you when you see your GP". That implies they do not have full confidence in the communication chain.
Anon for obvious reasons.
I know for a fact that some letters like this can go missing as there's no reconciliation between what's sent and what's received in some hospital to GP systems. It was previously manually checked, now it's just assumed that because they have a tick for it being sent that it was received.
I know for a fact this isn't always the case.
Misplaced? As in "the company didn't want to actually pay for delivery and logistics costs" misplaced?
The problem arose because the firm tasked with arranging the delivery of internal NHS correspondence mistakenly stored it in a warehouse.
You don't "misplace" a warehouse.
Tony Pepper, co-founder and chief exec of data security company Egress, said the NHS's reliance on paper records is partly to blame for the systematic screw-up.
See?! It's all NHS's fault for relying on those pesky paper record things! How dare they, and anyone for that matter, want paper records!
Tony also has some nice bridges for sale. Anyone buying?
Posties get prosecuted for stuff on a much smaller scale than this. I trust that the guardians of the law will be feeling collars at NHS Shared Business Services in the near future.
"Posties get prosecuted for stuff on a much smaller scale than this."
Yes, Royal Mail has certain obligations, some of which mean a "social" charge on standard deliveries to cover for the non-standard ones, like to the Outer Hebrides. Private "mail" companies don't have those obligation in law and so cherry pick the cheapest delivers. And, it seems, sometime simply don't bother to deliver and so long as the contract says something like "best endeavours", don't even have to deliver to the destination.
More worryingly is that the NHS were not carrying out any sort of performance review over at least a 5 year period on this contractor.
There is no such thing as the NHS, its a mish mash of hospitals competing with each other to get money off the CCGs, that group the GPs surgeries and have all the money, and a bunch of nation wide entities that like to spend money and dont know or more likely dont care what each other are doing.
Also, if you come up with a good idea and can make a plan they give you money, with no thought for execution, actually delivery or past record of delivery.
This is a symptom of the underlying problems with the fragment impatient Business, that in no way resembles a National Health Service.
one of those contractors sitting on an IR35 fence hence AC
According to Radio5 yesterday, the 500k records affected ~250k patients. I've not been able to find whether the patients were in one geographical area or spread around the country, but assume the latter. Do we really believe that the powers-that-be have tracked down the doctors, consultants, surgeons, radiologists etc. etc. for 250k patients and found that not a single patient's treatment or clinical outcome was affected?
Whilst this may be true, I would also have to assume that because these blood tests, xray results, scan results etc. went missing, it has cost the NHS a significant amount of money to recall the patients and re-test. Who's paying for that?
OK, say you want to get rid of paper.
While there's a common language to send data between NHS entities, HL7, the systems these feed into are so very different. A lot don't accept external data via HL7, or rather, very few segments.
You may argue that these systems shouldn't be bought if they don't... you would end up with no electronic patient record if that were the case. Prove me wrong, name a single EPR provider that has full event driven HL7 export and import. Too hard? How about one that even openly advertises full HL7 export and import.
That's all at the back of queue behind a consultant having one less click to prescribe, despite that same consultant complaining that they can't see a patients updated demographics in a third party RIS.
This wasn't a mistake. (Get paid for sending stuff but don't bother sending it)
The only 'mistake' was storing the undelivered mail instead of destroying it (or being caught)
This is no different to cases where posties are discovered to have been hoarding undelivered mail for years. Half a million letters doesn't take up as much space as you might think (I'm aware of cases where 50,000 letters were found stuffed under a bed)
Unless the storage environment was provably secure then personal data for everyone affectdd should be considered as "at risk"
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
