Public Release: 

Keeping Electronic Patient Records Whilst Maintaining Privacy Is Feasible With Appropriate Systems In Place

BMJ

(Privacy in clinical information systems in secondary care)

(Commentary: Lt's discuss wider social and professional issues)

(Commentary: Organisational and cultural aspects are also important)

Click below to download PDF document
You will require Acrobat Reader to view file.
Click here for PDF document

The electronic patient record threatens to make private health information open to violation, either by illegitimate users or by inappropriate access by legitimate users, says researchers in this week's BMJ. However, controlled access to confidential patient information is possible so long as the appropriate access systems are created, say Ian Denley, a computer analyst and Dr Simon Weston Smith from the Conquest Hospital in Hastings.

In their paper the authors describe their experiences of how control over the perusal of private information in large scale clinical information systems is being achieved in three British hospitals in Hastings, Liverpool and Exeter. They show that a clinical system's knowledge of a patient's clinical contacts and of a user's responsibilities can be applied safely to limit access to patients' private information.

Denley and Weston Smith's proposal should be applauded, says Dr Martin Gardner from the University of Glasgow in an accompanying commentary. However, the implications of spending patients' taxes on sophisticated computer systems to protect the privacy of their data, as opposed to funding the provision of services, must be taken into consideration he says.

In a separate commentary Dr Rory O'Conor from the Pinderfields Hospital in Wakefield, writes that the proposed approach to restricting access to electronic patient records may be overly restrictive. He argues that it may deny clinicians the ability to share data, which he says is a missed opportunity, especially when it is perfectly feasible to collect data whilst maintaining the anonymity of the patient. O'Conor concludes that for any electronic patient information to work, good security design, appropriate organisational procedures and the right cultural approach will all have to be adopted.

###

Contact:

Dr Simon Weston Smith, Consultant Haematologist, Conquest Hospital, Hastings

Tel:44-1424-755255

Fax:44-1424-758022
simon_weston_smith@compuserve.com

Dr Martin Gardner, Clinical Research Fellow, Information Retrieval Research Group, Department of Computing Science, University of Glasgow, Glasgow

Tel:44-141-330-6292

Fax:44-141-330-4913
martin@dcs.gla.ac.uk

Dr Rory O'Conor, Consultant Clinical Epidemiologist, Clinical Audit Department, Pinderfields Hospital, Wakefield

Tel:44-1924-212850

Fax:44-1924-814864
rory.oconor@panp-tr.northy.nhs.uk


Disclaimer: AAAS and EurekAlert! are not responsible for the accuracy of news releases posted to EurekAlert! by contributing institutions or for the use of any information through the EurekAlert system.