Homerton University Hospital NHS Foundation Trust has become the latest NHS Trust to select FairWarning® Privacy Breach Detection solution to monitor and protect patient privacy, joining a growing number of NHS organisations that are taking proactive steps to counter serious data breaches and the improper accessing of Electronic Health Records (EHRs).
Studies suggest that the greatest threat to patient privacy in the UK comes from NHS staff abusing their legitimate access rights to read electronic records they are not entitled to see. Research shows that the number of security breaches involving patient data has doubled in the UK in the past four years. But as moves towards a model of electronic healthcare gather pace, NHS organisations are increasingly recognising the ever-present risks of major data breaches, and are taking action to prevent them.
Matthew Hall, Information Governance Manager at Homerton University Hospital, said the decision to select the FairWarning® solution was motivated by a combination of factors - chiefly the need to enhance its reputation and to meet regulatory requirements. "Primarily we have taken this step so that we can demonstrate to the public that we do monitor access to their information, and that patients can have trust in us," he said.
"From a regulatory perspective, we are required to have a robust and proactive system that not only reports breaches but also prevents them from happening. We need to be able to show that we are monitoring access appropriately and effectively. FairWarning® will significantly help us to demonstrate that."
The Data Protection Act (DPA) has always been clear that NHS organisations must demonstrate compliance in terms of information security - but this is now being scrutinised and enforced more rigorously. The Information Commissioner's powers have been increased and the ICO is now able to issue fines of up to half a million pounds for data security breaches. This is already beginning to happen - not just to local authorities, but also to NHS Trusts.
Homerton's decision to deploy FairWarning® was based on the long-term view that the many benefits of electronic healthcare can only be realised if the issue of patient privacy is addressed at the outset.
"As the NHS moves further away from paper to electronic health records, it is becoming increasingly important for Trusts to demonstrate that they have effective monitoring systems in place. Consequently, the need for solutions such as those provided by FairWarning® will only grow. At Homerton, we can confidently say that information is safe," said Matthew Hall.
FairWarning® will also help deliver operational efficiencies at Homerton which, in the current climate of austerity, is an important additional benefit. Matthew Hall added: "Historically when we have been made aware of a potential breach it has fallen on IT to go through the audit trails. This has been an onerous manual process - taking up time and resources. With FairWarning®, not only will the amount of investigation work required reduce, but, with such a proactive, automated system, the speed of reporting will accelerate appreciably."
Homerton will initially deploy the FairWarning® solution across Cerner Millennium®, its EPR system for the acute side of the Trust - with a further implementation across the community EPR system, RiO, at a later stage. The flexibility of the solution was a major attraction. "The FairWarning® solution offers interoperability with all the systems we run across the hospital. This was one of the key reasons we chose it," said Matthew Hall.
Les Baker, UK Country Manager of FairWarning, Inc, said: "This is another example of an innovative, forward-thinking Trust recognising the necessity to protect patient privacy. We are hopeful that what they achieve through this deployment will encourage others to follow their lead. Electronic healthcare can be a liberating force for NHS professionals, providers and patients and promises to be a key component in delivering faster, safer and better care. But unless privacy monitoring is built into NHS IT systems at ground level, the risk of major data breaches will remain - and our ability to capitalise on the many benefits of electronic healthcare will be delayed."
About Homerton University Hospital NHS Foundation Trust
Homerton is a designated Olympic hospital for the athletes. This means that any athlete requiring hospital admission will be sent to them. There will also be a large polyclinic on the Olympic site, which will treat many conditions.
Homerton University Hospital provides hospital and community services to Hackney and the City of London. Specialist care includes: obstetrics, neonatology, fetal medicine, fertility, neuro-rehabilitation, bariatric surgery and asthma and allergy across east London and beyond. They were one of the first 10 NHS foundation trusts in England.
About FairWarning, Inc.
FairWarning® is the inventor and world's leading supplier of cross-platform healthcare privacy auditing solutions for Electronic Health Records. FairWarning® proactively protects healthcare organisations from emerging legal and privacy threats which include medical identity theft, identity theft, and other forms of healthcare information crimes. FairWarning® is industry’s leading best practice solution for automating privacy auditing. The company is located in Clearwater, FL, USA with offices in London, England and Paris, France.