East Midlands Radiology Consortium (EMRAD) is the latest NHS organisation to choose the FairWarning® Patient Privacy Intelligence solution and take a proactive stance towards protecting patient privacy and combatting the improper accessing of Electronic Health Records (EHRs).
NHS staff remain one of the biggest threats to patient privacy. With a digital NHS, it is far too easy for staff to abuse their legitimate access rights and read electronic records that they have no right to see. As digitisation gathers pace and clinical networks begin to be shared and collaborated, potential security breaches throughout the NHS become an even greater cause for concern.
EMRAD, a consortium of seven NHS Hospital Trusts in the East Midlands, is pioneering clinical collaboration. Working with GE, EMRAD aims to provide a shared PACS (picture archiving communication system) that allows access to a patient’s radiology record (images and reports) at the point of clinical need within the consortium.
“A PACS system has typically been confined to a single NHS Trust”, says Penny Storr, Programme Director at EMRAD. “Our work with GE to provide a centralised system means that a patient could have their x-ray done at one Trust, yet it would be viewable and accessible from any of the seven NHS Trusts within the Consortium. This project is the first of its kind and should provide clear benefits to both patients and clinicians alike in the East Midlands area.”
A shared system, however, clearly means increased accessibility; more people will have access to view sensitive patient records. EMRAD were aware that they would have less control over who would actually be viewing the patient data and that governance would be a key issue. This was the primary driver for the decision to select the FairWarning® patient privacy monitoring solution. “It’s critical that we do all we can to prevent any security issues. FairWarning® allows us to monitor system access appropriately and effectively. It gives us the assurance we need that if a security breach was to take place, then we would be made aware of it and could act upon it accordingly”, Penny said.
As a Vanguard site, it’s essential for EMRAD to be seen as a national benchmark for new models of clinical collaboration and demonstrate that they take patient privacy seriously. “We want patients to trust us and know that their data will be handled with the sensitivity and respect it deserves.
FairWarning® allows us to confidently say that patient information at EMRAD is safe”, Penny added.
“The decision to implement FairWarning® not only ensures EMRAD adhere to all the necessary regulatory and compliance requirements for such a project, it also significantly enhances EMRAD’s reputation”, said Brett Draper, Managing Director, ITHealth. “By implementing FairWarning’s solution, EMRAD clearly demonstrate that they are being pro-active about patient privacy and want to ensure that their innovative technological improvements will not be hindered by avoidable security issues”.
In addition, FairWarning will help deliver operational efficiencies at EMRAD. “Typically, when NHS organisations are made aware of a potential breach it falls on IT to manually go through the audit trails. This can be a very onerous task that can take a lot of time and resource. Since FairWarning is such a proactive and automated system, the amount of investigation work required significantly reduces and the speed of reporting is accelerated”, Brett concluded.
Currently, five of EMRAD’s seven NHS Trusts are now live with the centralised PACS system. Implementation of FairWarning should begin in the Autumn once all seven NHS Trusts are live and actively sharing the system.