Good information governance will become increasingly crucial for hospital Trusts. Patient data should always be held under a 'Lock and Key' system where the key is only available to the right person. Healthcare specific IT solutions exist to manage and provision access to data in a manner that provides strong authentication capabilities and auditing features. These systems can support hospitals in delivering high quality patient care while upholding information governance.
Trusts are facing enormous financial pressures, including budget cuts. While information governance and IT may not always seem to be the obvious answer, efficiency and higher productivity levels - coupled with a 'safety first' approach is conducive to safer services.
Simon Stevens, the new Chief Executive for NHS England, and formerly a Vice President for UnitedHealth - the world's largest private health company in the US - has been quick to draw on his experience and highlight best practices.
He stated at the end of May that the NHS could learn from the way the US had introduced hospital records, which had been a 'huge misfire' in this country with a £12 billion central scheme eventually abandoned (1).
Compliance is a key reason for organisations to invest in better IT and management solutions, many of which tend to focus on one area alone - password management.
In fact, good IT systems and information security policies should ensure that users no longer have to wait for accounts to be created and that NHS Trusts no longer have users sharing passwords, using generic accounts or staff enjoy having access rights that are no longer relevant to their role.
Information governance practices have been criticised in this country by Dame Fiona Caldicott since the NHS reforms took place in April 2013 (2). The latest report labels current information governance arrangements as having become worse - less stringent - and it has led to confusion as a result of the volume of reconfigurations and staff changes across the NHS.
The Cost of Inadequate Information Governance
The NHS Litigation Authority manages approximately 10,000 hospital cases per year - costing the NHS millions of pounds (3). But the NHS, in the future, will not be alone in managing an increase of privacy breach claims. If we take a look across the Atlantic, the U.S. Health Insurance Portability and Accountability Act of 1996 (HIPAA) includes provisions that address patient data confidentiality breaches. Under certain circumstances, a breach-whether unintentional or intentional - can result in fines between $100 dollars and $1.5 million dollars.
Laws in the UK are likely to become more stringent - but will they follow the U.S. model of practice? Changes to information governance may prove a challenge for some Trusts. However, establishing stricter laws relating to information governance and data protection is the right approach. Patients must have more trust in how the NHS handles their personal health information.
The NHS has to make up £20 billion in efficiency savings in healthcare during 2014/15 to remain viable (4). With the Quality, Innovation, Productivity and Prevention (QIPP) programme, ongoing information governance can become an integral part of saving money through efficiency savings by having the right information, to the right person, at the right time.
Time to Turn the Page
Clinicians endure extremely busy days and have to log in and out of several systems repeatedly during shifts. Sometimes, it can take a hospital up to three to four days to give a locum doctor the right access to systems. This is not conducive to good information governance or smooth workflows, especially in hectic and busy departments such as A&E, where clinical staff need to react quickly and access data in a fast and secure manner.
Information governance rules are no longer a nice-to-have; the days of shared passwords and unfettered access to private patient data are over. The chosen IT systems and policies must support health professionals who are under an immense pressure to enable them to be served quickly and can remain compliant with information governance in an automatic way to focus their attentions on the patient.
About Caradigm
Caradigm is a healthcare analytics and population health company dedicated to helping organisations improve care, reduce costs and manage risk. Caradigm analytics solutions provide insight into patients, populations and performance, enabling healthcare organisations to understand their clinical and financial risk and identify the actions needed to address it. Caradigm population health solutions enable teams to deliver the appropriate care to patients through effective coordination and patient engagement, helping to improve outcomes and financial results. The key to Caradigm analytics and population health solutions is a rich set of clinical, operational and financial data delivered to healthcare professionals within their workflows in near real-time. This data asset serves as the foundation for a growing number of innovative healthcare applications developed by Caradigm and industry partners, providing rapid incremental value to customers.
1. Daily Telegraph: 30 May, 2014 page 2 http://www.telegraph.co.uk/health/healthnews/10864015/NHS-chief-Simon-Stevens-We-need-cottage-hospitals.html
2. HSJ 17 February 2014 http://www.hsj.co.uk/news/caldicott-information-governance-knowledge-has-worsened/5067997.article#.U6AAZiiLjIU
3. http://www.breitbart.com/Breitbart-London/2014/04/07/NHS-Overcharged-For-Legal-Fees http://www.thesundaytimes.co.uk/sto/news/uk_news/Health/article1396891.ece
4. http://www.nao.org.uk/report/progress-in-making-nhs-efficiency-savings/ http://www.institute.nhs.uk/establishing_evidence/establishing_evidence/background.html http://www.publications.parliament.uk/pa/cm201213/cmselect/cmpubacc/865/865.pdf