Electronic data protection: procedures need drastic improvement
http://www.100md.com
《英国医生杂志》
EDITOR—Gulena et al are correct to challenge overzealous interpretation of data protection law in their questionnaire survey of patients' and visitors' views about having their names displayed in hospital.1 Measures taken by doctors to safeguard patient confidentiality, especially electronic records, are, however, severely deficient and fuel the concerns of those entrusted to police data security.
We invited 32 surgical trainees to complete a questionnaire regarding their Data Protection Act registration and electronic data confidentiality practices.
Of 29 responders, 26 trainees regularly computerised and stored patients' data. One person was registered with the Data Protection Act. Only three of 14 desktops, eight of 19 laptops, and three of 14 handheld computers forced a password logon. Sixteen of 29 trainees used the same password for all machines, and 25 of 27 passwords were less than eight characters long. All desktops, 16 of 19 laptops, and five of 14 handhelds were routinely connected to the internet, and half of these had not had their online security settings adjusted. Of 29 trainees, 28 did not encrypt their sensitive data files. Ten trainees had sent patients' data unencrypted over the internet, using a non-secure server.
Electronic data confidentiality practices among surgical trainees are unsafe, and this is unlikely to be confined to our study population. A breach in confidentiality would have widespread implications for public trust. Clinicians have a legal obligation to implement adequate medical IT security.2-4 Existing passwords should be improved, and biometric logon systems (fingerprint scanning) considered. Files containing sensitive data should be routinely encrypted. Magnetic and solid state computer storage devices (including hard disks, floppy disks, CD Roms, DVD Roms, and memory sticks) should undergo routine physical or electronic data shredding after their final use.5 We are implementing medical information technology security training for this particular group of doctors and would urge others to initiate similar programmes before a serious breach occurs.
Damian Mole, research fellow, surgery
Department of Surgery, Queen's University Belfast, Belfast BT12 6BJ damianmole@ntlworld.com
Colin Fox, information technology manager, Giulio Napolitano, information technology and security manager
Northern Ireland Cancer Registry, Department of Epidemiology and Public Health, Queen's University Belfast
Competing interests: None declared.
References
Gudena R, Luwemba S, Williams A, Jenkinson LR. Data protection gone too far: questionnaire survey of patients' and visitors' views about having their names displayed in hospital. BMJ 2004;329: 1491. (18-25 December.)
General Medical Council. Maintaining good medical practice. London: GMC: 2003.
The Council of Europe. The protection of medical data. Recommendation No R (97) 5 and explanatory memorandum. English edition. Strasbourg: Council of Europe Publishing, 1997.
Information Commissioner's Office. Do I need to notify? Wilmslow: IC, 2005. www.informationcommissioner.gov.uk/eventual.aspx?id=2662 (accessed 24 Feb 2005).
Gutmann P. Secure deletion of data from magnetic and solid-state memory. www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html (accessed 24 Feb 2005).
We invited 32 surgical trainees to complete a questionnaire regarding their Data Protection Act registration and electronic data confidentiality practices.
Of 29 responders, 26 trainees regularly computerised and stored patients' data. One person was registered with the Data Protection Act. Only three of 14 desktops, eight of 19 laptops, and three of 14 handheld computers forced a password logon. Sixteen of 29 trainees used the same password for all machines, and 25 of 27 passwords were less than eight characters long. All desktops, 16 of 19 laptops, and five of 14 handhelds were routinely connected to the internet, and half of these had not had their online security settings adjusted. Of 29 trainees, 28 did not encrypt their sensitive data files. Ten trainees had sent patients' data unencrypted over the internet, using a non-secure server.
Electronic data confidentiality practices among surgical trainees are unsafe, and this is unlikely to be confined to our study population. A breach in confidentiality would have widespread implications for public trust. Clinicians have a legal obligation to implement adequate medical IT security.2-4 Existing passwords should be improved, and biometric logon systems (fingerprint scanning) considered. Files containing sensitive data should be routinely encrypted. Magnetic and solid state computer storage devices (including hard disks, floppy disks, CD Roms, DVD Roms, and memory sticks) should undergo routine physical or electronic data shredding after their final use.5 We are implementing medical information technology security training for this particular group of doctors and would urge others to initiate similar programmes before a serious breach occurs.
Damian Mole, research fellow, surgery
Department of Surgery, Queen's University Belfast, Belfast BT12 6BJ damianmole@ntlworld.com
Colin Fox, information technology manager, Giulio Napolitano, information technology and security manager
Northern Ireland Cancer Registry, Department of Epidemiology and Public Health, Queen's University Belfast
Competing interests: None declared.
References
Gudena R, Luwemba S, Williams A, Jenkinson LR. Data protection gone too far: questionnaire survey of patients' and visitors' views about having their names displayed in hospital. BMJ 2004;329: 1491. (18-25 December.)
General Medical Council. Maintaining good medical practice. London: GMC: 2003.
The Council of Europe. The protection of medical data. Recommendation No R (97) 5 and explanatory memorandum. English edition. Strasbourg: Council of Europe Publishing, 1997.
Information Commissioner's Office. Do I need to notify? Wilmslow: IC, 2005. www.informationcommissioner.gov.uk/eventual.aspx?id=2662 (accessed 24 Feb 2005).
Gutmann P. Secure deletion of data from magnetic and solid-state memory. www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html (accessed 24 Feb 2005).