Client data: Keep it confidential
We all do things on a regular basis without realising the consequences but we could be committing some common data breaches that can have a significant effect if we’re not aware of them and don’t do anything about it. Here are some issues that might seem innocent but really aren’t:
Would someone really notice quickly if a patient discharge letter which was sat on top of a disorganised pile of documents waiting to be scanned into the clinical system, went missing? Whenever we mention having a ‘clear desk policy’ most GPs and staff moan that they’re being nagged, but it really could avoid a significant error. Notify and educate persistent offenders, document it, and take action if necessary.
I’ve mentioned in previous blogs about the consequences of hoarding but we shouldn't be retaining information or equipment longer than we need to. A considerable amount of old computer equipment, including old fax machines, that we no longer use are often stored in cupboards and may well contain confidential information. Have a system in place to regularly de-clutter and dispose of items correctly.
We all want to do the right thing and recycle our waste but it’s important to check that any sensitive information is correctly destroyed before recycling. Most cross-cut shredders will effectively destroy paper and old debit and credit cards and there are companies who can offer a secure, confidential waste disposal service to make things even easier.
Working from home
With an increasing number of staff requesting flexible working, many are now able to work from home. Many staff, unaware of the risks, are working on their own computers and laptops which may not have proper virus and data encryption software. Some also don’t have a paper shredder at home and could be disposing of work related paperwork into their domestic waste bins. Local NHS IT Services have systems in place for Practices to request laptops for secure mobile working.
Therefore it’s important to make sure you have robust policies and procedures in place to avoid possible data breaches. The QCS Management System can support Practices with the requirements to keep within the law.
Alison Lowerson – QCS Expert GP Practice Manager Contributor
*All information is correct at the time of publishing