Management consultancy Accenture has issued a new report entitled "Information Governance: The Foundation for Effective eHealth".

The report investigates information governance (IG)* within the healthcare sector and identifies a number of critical elements of IG, including:

• Interoperability
• Data integrity
• Access control
• Security
• Data handling
• Data quality
• Consent
• Compliance

The report continues to discuss five disciplines of IG:

• Data privacy
• Data confidentiality
• Data security
• Data quality
• Data integrity

Accenture said: “By embracing the breadth of information governance, e-health practitioners can develop effective policies, processes and tools that support the enterprise-wide adoption of common information principles. This consolidated approach to information governance enables health care organisations to effectively manage, maintain and control patient information in support of robust patient care."

Read the report

* Information governance encompasses the processes, functions, standards and technologies that enable high quality information to be created, stored, communicated, valued and used effectively and securely in support of an organization’s strategic goals.

We spent five minutes with Robin Ingram, our Information Assurance Consultant, to learn more about the changes organisation’s face when they tackle the version 8 information governance toolkit. Robin has worked closely with Connecting for Health (CfH) and the Department of Health (DoH) for several years, providing them with feedback gained by helping organisations through the IGT process.

“The Information Commissioner’s Office describes poorly managed information assets as a ‘toxic liability’ and information loss as a ‘career ending event’. Despite this, there are still many reports of data security violations – the NHS accounts for over a third of all reported breaches. This new release of the IGT will help organisations to significantly improve their security processes," says Robin. "Version 8 is like nothing we’ve seen before. It’s a lot more time-consuming than previous versions and involves organisations to go into greater depth about their policies, procedures and processes.”

Read the interview in full

Version 8 of the IG Toolkit (IGT) must be submitted by all health and non-health organisations is 31 March 2011. In addition, Trusts and SHAs must submit their Baseline and Performance Update submissions by 31 October 2010. Our webinar will help you understand and manage the assessment process.

The Information Commissioner’s Office has described poorly managed information assets as a ‘toxic liability’ and information loss as a ‘career ending event’. Despite this, the NHS still accounts for over a third of all data security violations. Given the number of staff employed within the NHS, that statistic is perhaps not surprising. Nevertheless, losses of confidential patient records attract significant media attention and maximum fines of up to £500,000.

The Department of Health Digital Policy Team has designed the IGT assessment process to minimise information security incidents within the NHS. If individuals and organisations comply with IGT guidance, information security is considerably strengthened.

Everything in the IGT is there for a reason, either to protect:

• the N3 network and all organisations connected to it,
• Spine applications, or
• the confidentiality, integrity and availability of patient data.

Released on 30 June 2010, version 8 is considered to be more rigorous than its predecessors and includes several material changes. It’s more challenging to complete and a lot more time-consuming than previous versions as organisations are required to go into greater depth about their policies, procedures and processes.

Speakers
Robin Ingram
Robin is Hytec’s Information Assurance Consultant. He works closely with Connecting for Health and the Department of Health, providing them with feedback gained by helping organisations through the IGT process.

Robin is a Member of the BSI Associate Consultant Programme, a Security Advisor to the London Public Services Network (LPSN), an ISO 27001 Lead Auditor, ISO 27001 Internal Auditor and an ISO 27001 Implementer.

Who should attend?
Those responsible for, and tasked with, completing the IG Toolkit; including:

• Chief Executive
• SIRO
• IG Lead
• Information Asset Officer
• Data Protection Officer
• Caldicott Guardian
• IM&T Manager

What will they learn?
To help explain the changes in version 8, we are hosting a webinar. As well as having the opportunity to put questions to the speakers, participants will learn:

• what the changes are,
• what they mean,
• how it impacts the requirement to complete the assessment,
• what needs to be done before 31 October 2010, and
• the consequences of failing to comply

Date
Wednesday 22 September 2010, 11:00am – 12:00pm

 
Cost
This is a complimentary webinar, designed to share our expert’s knowledge and experience with organisations that are currently completing their IGT submissions.

Registration
To register please send the following information to webinar@hytec.co.uk

• Name
• Job role
• Organisation
• Phone
• Email

Mike Cross, a freelance journalist specialising in healthcare informatics and e-government and member of the British Computer Society, posted his insight of what the Government's whitepaper (Equity and excellence: Liberating the NHS) means for NHS IT.

Mr Cross comments: "The NHS white paper contains one phrase that should fire us with excitement. It is, of course, 'an NHS information revolution'."

The healthcare sector is currently undergoing enormous change and the media is full of speculation on the future of the industry. Even though a full whitepaper is expected in the autumn on the NHS information strategy, outlining the future of initiatives such as the National Programme for IT, the recent whitepaper dropped some tasters of what is sitting on the horizon, for example: "NHS services will increasingly be empowered to be the customers of a more plural system of IT."

Mr Cross concludes the piece with: “The NHS that will be forged in the white heat of this information revolution will be worth it.”

To read the article in full, please click here

Following the release of the Government's health white paper - "Equity and excellence: Liberating the NHS" - E-Health Insider asked NHS staff with a particular interest in IT for their initial reaction, key concerns, and thoughts on what it will mean for healthcare informatics.

"The paper raises more questions than it answers. We don’t know what the coalition fully intends for the National Programme for IT in the NHS or the Summary Care Record. Primary care IT is currently supported by primary care trusts and there has been no mention of how that will work if we move to GP consortia."
Dr Richard Vautrey, deputy chairman of the BMA's GP committee

"The white paper could mean an end to a national approach - and the potential loss of good functionality. The white paper also raises the concerns that there is no current plan regarding informatics, and there is the potential for the fragmentation of support services."
William Lumb, IT clinical lead NHS Cumbria

"I think the IT system companies need to stop and listen to what GPs need and want, because I think clinical systems will need to change. For example, we are going to need whole area based appointment systems and we are going to have to get live data sharing up and running as soon as possible."
Dr Neil Paul, Sandbach GP

"The focus on the visibility of records, starting with GP ones, is interesting. We are going to need to rely on the sharing of information across services and systems very quickly; but I am not sure that the confidence exists at present."
Simon Whitehouse, director of primary care, Central and Eastern Cheshire Primary Care Trust

"NHS IT will have to become more customer focused, delivering business cases that demonstrate that technology really can release cash savings and tangible benefits as opposed to only soft benefits that are difficult to quantify."
Zafar Chaudry, chief information officer, Liverpool Women's NHS Foundation Trust and Alder Hey Children's NHS Foundation Trust.

To read the article in full, please click here

According to an article in Silicon.com, a law forcing all organisations to publically declare data breaches is expected to be in place in the UK within four years.

Lawyers at Field Fisher Waterhouse believe that most organisations are not reporting breaches. They say that the Information Commissioner's Office new powers to fine companies up to £500,000 for serious breaches of the Data Protection Act, are discouraging companies from owning up to data breaches.

The legislation would be introduced across Europe, and require all organisations to notify the relevant authorities as well as individuals affected in the event of a serious security breach involving personal data.

The proposed changes to the EU directive will be published by the EU Commission in November this year, and if approved, will have to be reflected in UK law by the end of 2014.

To read the article in full, please click here

Despite the Information Commissioner’s Office (ICO) imposing tougher fines on organisations that fail to protect patient data, Hytec estimates that around 10% of NHS trusts in England are on ‘amber alert’. This means that they have scored 40 - 69% when completing the Information Governance Statement of Compliance (IG SoC) approved assessment.

IG SoC is the process that all organisations have to complete in order to access Connecting for Health (CfH) services, including the N3 network and Spine. The steps in the IG SoC process set out a range of security related requirements which must be satisfied in order for an organisation to secure the N3 network and its information assets.

Since 2007 the NHS has been responsible for almost a third (over 300 incidents) of all data security breaches reported to the ICO. In April, the ICO was granted the power to impose fines of up to £500,000 for organisations that fail to protect data. Yet despite this deterrent, some health trusts are still failing to achieve satisfactory IG SoC assessment ratings.

Director of Information Security at Hytec, Alan Hunt commented: “Data security is the responsibility of everyone involved in an organisation. Some of the most common security breaches are due to lost or stolen data on portable devices, and human error when disclosing sensitive information. Most mistakes can be overcome through staff training and use of appropriate technology such as encryption.”

“To still have some trusts on amber is concerning as it means that they do not have all of the processes in place to secure patient data,” said Mr Hunt. “Our IG SoC Gap Analysis Service helps trusts ensure they are compliant with the legislation and that they continue to follow best practice. The announcement of this service is timely given that all organisations must now submit their assessments for the latest version of the Information Governance Toolkit (Version 8), by 31st March 2011.”

Version 8 of the Toolkit, announced last week, is regarded as being more rigorous than its predecessors in that there are now only two grades of assessment: SATISFACTORY (coloured green) where level 2 has been achieved on all requirements, and NOT SATISFACTORY (coloured red) where level 2 has not been achieved on all requirements.

Hytec’s IG SoC Gap Analysis Service is carried out by a Senior Information Assurance Consultant and helps trusts to identify and bridge the gap between where they are currently and where they need to be. The service is tailored to the size and type of organisation and identifies areas that a trust or organisation needs to address in order to fulfil their IG SoC responsibilities.

Mr Hunt continued: “As well as completing the IG SoC assessment, trusts have a multitude of legislation that they have to adhere to. They are also facing increasing pressure to reduce costs and drive efficiency savings. So for trusts that want to go one step further, we offer an Infrastructure Review Service to assess the security, stability, scalability and compliance of their ICT networks.”

In addition to ensuring a trust is IG SoC compliant, Hytec’s Infrastructure Review Service checks that its network adheres to the latest best practice and governance whilst benchmarking it against NIMM (NHS Information Maturity Model). Furthermore, it establishes whether a network is secure for PID, looks for potential improvements for flexible and mobile working and helps determine areas for potential cost savings.

If you would like more information on the IG SoC Gap Analysis Service, or the Infrastructure Review Service, please contact us on 01865 887 428, or email enquiry@hytec.co.uk

Read what he has to say here

BJHC&IM highlighted the results of a recent survey of IT security professionals.

Incredibly, it revealed that over half of respondents (52%), admitted carrying unencrypted company data on a USB stick; of these 11% protect their devices with passwords alone.

To read the article in full, please click here

Have you read this week's special IT and information governance edition of Pulse?

Features include:

• Making sure your electronic records are up to scratch
• GPs risk email security breaches
• When to disclose information - and when you should say no
• Let technology take the strain
• Survey on the future of IT

To read the issue in full, please click here

With the Information Commissioners Office (ICO) given the power to impose fines of up to £500,000 for severe data loss incidents you would think that organisations would step up their procedures to ensure their data remains safe and secure. However, this seems far from the reality.

Public Technology has reported how the ICO is "highly concerned" after further data security breaches were made in two NHS Foundation Trusts.

Basingstoke and North Hampshire NHS Foundation Trust sent an unencrypted Excel spreadsheet containing the pathology results of over 900 patients was sent via an unsecured email address. Whilst Stoke-on-Trent NHS Foundation Trust filed 2,000 physiotherapy records incorrectly, putting them at risk of being accidentally lost or destroyed.

Mick Gorrill, head of enforcement at the ICO, said: "With a quarter of all data breaches reported to the ICO involving the NHS, the service needs to do more to protect patients' data. Everyone makes mistakes, but there are far too many within the NHS.”

To read the article in full, please click here

This article in BJHCIM reports on the findings of 'The Data Management Healthcheck 2010'; a global survey into hospitals' ongoing strategies for managing their IT systems.

It has shown that secure data management is the healthcare industry's most pressing issue as hospitals move from paper-based health records to electronic systems, with the top IT spending priority for 2010 being disaster recovery (44%).

To read the article in full, please click here

Hytec is today celebrating its 30th year of supporting public bodies with ICT solutions that help them improve efficiency and deliver better services.

Hytec Microsystems was first established in June 1980, delivering mainframe protocols and communications solutions to NHS and local government customers. Over the years, the company evolved its focus towards information security and secure connectivity to networks such as the Government's secure intranet, GCSx and the NHS’s N3.

To celebrate its 30 year anniversary, Hytec will invest in a 12-month information sharing programme focussing on the sharing of expertise and best-practice models through a variety of media, including this blog, workshops, e-bulletins, technical webinars, executive briefings, case studies and white papers.

"We’re proud of the reputation we’ve built. For 30 years we have worked hard to develop our expertise and deliver business transformation services that really help our customers in achieving their goals," said David Bryant, Hytec’s Managing Director. "Today, our healthcare and local government customers are feeling greater budgetary pressure than ever. Hytec’s solutions and services are focussed on ensuring that our customers are able to benefit from the effective use of technology to deliver real cost savings and business process efficiencies."

Another week another data security scandal...

This time Management in Practice reports how Lampeter Medical Practice breeched the Data Protection Act after downloading a database of 8,000 patient records onto an unencrypted USB stick, and then posting it to the Health Boards Business Service Centre. The USB stick never arrived at its destination and has now been deemed lost.

Thankfully the Practice is now reviewing its policies to ensure a similar issue doesn't occur in the future, but for any practice to use an unencrypted USB stick is an unnecessary risk.

To read the article in full, please click here

According to this article from E-Health Insider, the NHS has been the source of almost a third of the data breaches reported to the Information Commissioner’s Office (ICO) since 2007.

The figures suggest that the health service has a particular problem with the theft of devices holding personal data; emphasising the importance of encryption as the last defence for sensitive information.

The figures show that in the NHS:

• 116 data breaches were caused by stolen data and hardware
• 87 were caused by lost data and hardware
• 43 breaches from data disclosed in error
• 17 breaches from information lost in transit
• 17 from technical/procedural failure
• 13 from non-secure disposal, and
• 12 from 'other' causes

Following this report, the BBC announced that West Berkshire Council had lost a USB stick which was not encrypted or password protected. It contained information about the ethnicity and physical or mental health of several children in the region. The ICO said it was the second data security incident reported by the council within six months.

To read the articles in full please click the links below:

E-Health Insider

BBC

This opinion piece from Business Computing World tells of the IT security dangers facing organisations.

Jim Black, Marketing Manager at web filtering company Bloxx, comments:

"There’s hardly a day goes by without a major security breach or incident; and these are only the major incidents at larger, higher-profile organisations. It is safe to assume that IT security breaches and incidents are costing UK businesses billions each year."

He continues to discuss the results of a 2009 study by anti-virus vendor, Sophos:

"In the past, email spam and email-borne malware were considered to be the main attack vectors. Now the Web is the favoured route for the cybercriminals and hackers. However, that does not mean that the security risks of email have diminished, far from it.

Spam continues to be a major problem, with anything up to 95% of all emails sent every day being classified as spam. And email attachments, in particulars PDFs, continue to pose a significant threat.

However, more often, email is now used to drive recipients to compromised websites via web links embedded into the email message. It would appear that it’s all too easy for the hackers to be able to modify web pages to deliver malware onto unsuspecting visitors. Recent figures from Sophos suggest that a new infected Web page is found every 2.5 seconds and that 80% of these pages are to be found on reputable sites."

To read the article in full, please click here

We recently researched NHS trusts in England to see how they were coping with achieving the Information Governance Statement of Compliance (IG SoC). We found that whilst the vast majority of trusts have achieved 'green' status, there are 10% who are falling behind.

IG SoC is the process by which organisations enter into an agreement with NHS CFH for access to the NHS National Network (N3). The process includes elements that set out terms and conditions for use of NHS CFH systems and services including the N3, in order to preserve the integrity of those systems and services.

The steps in the IG SoC process set out a range of security related requirements which must be satisfied in order for an organisation to be able to provide assurances in respect of safeguarding the N3 network and information assets that may be accessed.

At HC2010 on the 27 April, we launched our new "Infrastructure Review Service". The service is designed to check that a trust network is compliant with the latest best practice and governance, whilst benchmarking it against NIMM (NHS Information Maturity Model) and the IG SoC Toolkit. It will establish whether the network is secure for PID, look for potential improvements for flexible and mobile working and help determine areas for potential cost saving.

If you are interested in learning more, please email us, or call 01865 887 428.

We asked a practice manager: How do you see your ICT changing in the future?

They said: "Our main challenge is ensuring that our equipment keeps pace with advances in software because we are asking more of our PCs every day as we use more web based applications and voice recognition software. The hardware just can’t keep up.

We are currently in the middle of a protracted replacement of our aged PCs. As the new ones don’t have sufficient RAM to run our applications efficiently, we are having to pay to upgrade them ourselves.

We will strongly resist moves to hosted applications as we believe it is vital that we maintain complete control of our systems and data. We are, however, encouraged by iSoft’s move toward ‘virtual’ hosted applications which may offer us the best of both worlds."

To read the interview in full, please click here

In the last two years, the NHS has had more serious data breaches than any other organisation in the country. Since the end of 2007, there have been 287 data security violations made by the NHS - 30% of the total number reported.

This article in Smart Healthcare gives details of a speech by Deputy Information Commissioner David Smith.

In it, he says: "Today, people are willing to share more; a culture of reducing costs and sharing has emerged. Data breaches are still happening, and are often due to insider wrongdoing, or theft and loss of data on portable devices. There are too many organisations ticking the boxes, without investing in real measures to keep up staff training and awareness. Contractors and processes must be checked."

To read the article in full, please click here

Health trusts are striving to deliver cost-effective, joined-up services that support the NHS’s aim of providing people-centred healthcare in the community. To do this, they need ICT that supports healthcare innovation.

Today we launched our new healthcare infrastructure solution, InfraShare™, at the Health Informatics Congress.  

Recognising that effective ICT solutions can only be built on secure, stable and scalable platforms, InfraShare allows trusts to share patient data and trust information securely by creating an N3-based network that:

• is consistent with the NHS Infrastructure Maturity Model (NIMM)
• is compliant with CfH Information Governance standards;
• provides a platform for centralised remote ICT support, which reduces the need for on-site visits by IM&T support engineers;
• enables remote deployment of antivirus, security patches and software updates;
• provides secure and authenticated remote access to GPs so they may review clinical data held within the surgery or central trust systems
• and, serves as a bedrock for secure delivery of further information sharing, mobile working, clinical or administration systems.

To read more about InfraShare, please click here

We will be exhibiting at HC2010, ICC Birmingham, 27-29 April.

HC2010 is the UK's largest event for health informatics and social care professionals. The event focuses on IT systems and products designed to enhance and improve aspects of patient and social care.

We will be launching a new ICT solution at HC2010, which allows trusts to share patient data and trust information securely across the N3 network.

Our new solution creates an application platform that is secure, stable, scalable and compliant - an infrastructure for information sharing, an infrastructure that:

This month's BJHC&IM features an opinion piece by security expert, Phil Colledge. In the article, Phil covers the IT issues facing health trusts and the difficulties in overcoming them.

Firstly, he highlights that big central databases, such as the Summary Care Record, are attractive for hackers and this reduces the overall security of the information.

Secondly, he says that there are too many computer systems in NHS trusts and only a small number of these require a smartcard to access the information. Unfortunately, most of a trusts confidential information is held on these local systems so it is a lot easier for unauthorised people to access because: "People leave systems logged in and choose stupid passwords!"

Finally, Phil points out that most NHS organisations still have a considerable number of paper-based patient records. This is because under the current NPfIT programme, there are no plans to scan paper-based records and by law, trusts have to keep patient's records for several years after their death. Therefore, even if we stop producing paper-based records now, the last paper records would be destroyed in 65-95 years time.

Phil concludes by saying that the NHS still has a long way to go until it is completely secure. He believes that computer security is achieved by design not by after-thoughts; therefore it's important that trusts take their IT security needs seriously and be proactive about putting protective measures in place, rather than reacting once a security breech has occurred.

To read the article in full, please click here

In recent months the Information Commissioners Office (ICO) has highlighted the NHS as being one of the worst offenders for data loss, reporting as many incidents as the entire private sector.

Last week the ICO was finally given the power to impose fines of up to £500,000 for organisations who fail to protect personal data - so are GPs in your trust doing enough to safeguard their patient's information?

Our Director of Information Security, Alan Hunt, has put together a ten-point plan that highlights the most important security issues for practice managers.

To read the article, please click here

The British Medical Association (BMA) has just published a 50 point plan called: "Fit for the future – The evolution of general practice".

The report covers several areas within general practice including:

• Quality
• The changing NHS
• Commissioning
• Out of hours
• How GPs work
• The quality and outcomes framework
• Workforce
• Premises
• Information technology

Within the 'information technology section' the plan notes that "General practice has the highest level of computer use and literacy in the NHS", as "Modern healthcare relies upon high quality information technology (IT) systems supporting decision making, reducing errors (especially in prescribing), supporting business processes, improving patient responsiveness, enhancing audit and research, and enabling sharing of appropriate information."

The BMA believes that "Further development with general practice IT will require continual improvement in data quality, and the progression towards paperless practices. This will require appropriate safeguards for privacy, and provision and support of hardware and software solutions including those for scanning and mobile devices." And that "IT systems should continue to be developed to support inter-operability (use by different systems) and sharing of appropriate information."

They continue to outline the recommendations for GPs in relation to IT, which include:

• Support for data quality and moves to paperless practices need to be fully supported and financial incentives offered to facilitate such development
• IT projects should have realistic timescales, and a managed pace of change. More problems occur where projects have been rushed or badly thought through
• Concerns about issues of patient consent and confidentiality must be addressed
• Innovation in general practice IT needs to be encouraged, rather than top-down solutions being imposed. The core list of IT equipment should be expanded to allow practices to provide improved services for their patients
• NPfIT: In the National Programme for IT the GP elements in particular need to have a future. GPSoC and other agreements need to be honoured and progressed

To read the report in full, please click here

In this week's Pulse Dr Catriona James explains the new rules that are being introduced this month, that could see GP practices being fined up to £500,000 for a serious patient data breach.

The Data Protection (Monetary Penalties) Order 2010 will come into force on 6 April 2010 and could see GP practices facing fines of up to £500,000 for serious breaches of the Data Protection Act.

GPs are being advised to:

• Avoid inputting PID on to personal mobile devices such as memory sticks and PDAs
• Ensure they have an information security policy in place, covering issues such as the use of laptop computers
• Never put patient data on their personal computer
• Consider taking advice from IT specialists about ensuring the security of practice computer systems
• Be aware of Connecting for Health’s Good Practice in Mobile Computing, covering the secure use of laptops, PDAs and other mobile devices
• Report any loss of data to the nominated senior person within your practice, so that action can be taken and affected patients and the information commissioner informed if appropriate

To read the article in full, please click here

This article from the BBC highlights the worrying findings of a recent survey that was carried out by Big Brother Watch.

The survey asked every NHS trust in the UK for the number of their non-medical staff who had access to confidential patient records. Access was defined as being able to see at least a patient's full name, date of birth and most recent medical history.

The responses showed that 101,272 non-medical staff, such as hospital domestics, porters, and IT staff, had access to records. This was an average of 732 in each trust.

Big Brother Watch says this demonstrates "slack security and monitoring around those with access to patient medical histories."

Its director, Alex Deane, said: "The number of non-medical personnel with access to confidential medical records leaves the system wide open for abuse."

To read the article in full, please click here

Local news website, Newbury Today, has reported the reaction of West Berkshire's medical community in relation to the roll out of the Summary Care Records scheme.

Whilst NHS Berkshire West says, "the move will assist out-of-hours calls and enable clinicians to access vital information should a person become ill anywhere in the UK," many healthcare professionals across the region are worried about the security of the system.

Hungerford Surgery practice manager, Mike Hall, said: “With data protection issues an ongoing concern I would question whether the public really understand the change, and the process of opting out is rather convoluted.”

Whilst GP, Dr James Cave of Downland Practice, Chieveley commented: “While this is the future, my colleagues and I feel the problem is in the ability of the NHS to do this in a safe and secure way. In the current climate of ‘Big Brother’ fears it would only take one error for any problem to get out of hand.”

And ambulance technician Neale Marney, who volunteers with the West Berkshire Rapid Response Car, said: “I don’t want my records to be available electronically. With so many data protection issues to think about I wouldn’t support it myself.”

However, a PCT spokesman, Richard McCrann, said: “The system is very secure. Access is strictly limited to authorised staff who have a legitimate relationship with a patient who has given permission. NHS staff can only access the system through the use of a chip and pin-style smartcard, and no other government departments or agencies will have direct access.”

To read the article in full, please click here

To celebrate Pulses' golden anniversary, they asked GPs to help write a collaborative blog charting a typical day in the life of general practice. The GPs that decided to contribute covered a variety of issues that affect their day-to-day lives from patient consultations and PCT meetings to their huge workloads.

Some GPs commented on IT issues. We have highlighted a selection of these below:

Post: 'The blue screen of death'
"I am not using the ‘smart’ card, as I have left it in the other branch, and (frankly) having the smart card loaded achieves nothing for my daily work."

Post: 'A difficult decision'
"...the most challenging consultation was a patient who has come to see me to ask if he should have surgery, as recommended by the consultant....Today’s consultation has been complicated by the fact that I do not have the recent outpatient letter, so I am not advising them on the most up-to-date facts."

Post: 'A visit from the PCT'
"...I had quite a bit of email about EDLs (Electronic Discharge Letters – don’t get me started on patient safety!)..."

A couple of weeks ago, we spent five minutes with a local GP to quiz them about their view of NHS IT. She said their current systems were frustrating and the PCT was less than helpful when it came to solving any IT issues they had. Overall, her main concerns were how to ensure better patient care through sharing information properly with the out of hours staff, and seeing that her patient's data remained safe and secure at all times.

To read the interview in full, please click here

Have you seen the latest 'Special Report' in E-Health Insider called "All part of the plan"?

The feature discusses systems integration following the Department of Health's shift from a "replace all" to a "connect all" philosophy. To obtain the right content for the feature, E-Health Insider interviewed Hytec's Head of Systems Integration and Chief Technical Officer of OLM Group, David Rivett.

David has worked in systems integration for 20 years, and was most recently involved at our proof-of-concept demonstration at Redbridge polyclinic. He says: “There are millions of pounds of savings to be made by integrating systems not just within an organisation but between organisations. The biggest frustration I have is that customers do not realise the value of information so do not want to pay for the integration.”

To read the article in full, please click here

This article from the Times Online highlights the current status of Summary Care Records (SCRs) and how the British Medical Association (BMA) has expressed concerns that they believe that patient medical records are being uploaded too quickly.

SCRs will eventually link about 30,000 GPs and 300 hospitals to provide better coordinated patient care through online appointment systems, electronic prescriptions and faster computer links. Under the National Programme for IT, the aim is to create electronic records for 50 million people in England. So far, about 12 million patients in England have been sent leaflets with details about the new SCR system.

The system is designed so patients can opt-out if they do not wish for their information to be shared. However, the BMA is saying that the scheme is being rolled out too quickly and patients are not being given enough information to enable them to make an informed choice.

Hamish Meldrum, chairman of the BMA said: “The break-neck speed with which this programme is being implemented is of huge concern.....If the process continues to be rushed, not only will the rights of patients be damaged, but the limited confidence of the public and the medical profession in NHS IT will be further eroded.”

In December, the Department of Health (DoH) announced the acceleration for rolling out the system, but it has since been criticised for concerns over its security and a lack of enthusiasm from GPs.

In a separate article from Silicon.com, they highlight how the DoH has spent over £700,000 on a project to study the impact of introducing SCRs with the results of the study due to help informed the wider rollout of the system.

However, despite the fact that the BMA claim they were given assurances by the DoH that a national roll out would not proceed until the study's findings were published, it appears that the DoH are continuing with the mass roll, giving Strategic Health Authorities until March 2011 to create their records.

Whilst SCRs have the potential to save patients lives by enabling doctors unfamiliar with a patient to see an overview of their medical details - for example an out-of-hours doctor - not enough is being done to communicate the benefits of the system and this could prove disastrous for the success of this scheme.

In an independent survey of patients in areas where the SCRs have been piloted, it was found that seven out of ten patients were unaware that SCRs were being created.

To read the articles in full, please click the links below:

Times Online

Silicon.com