09 Jan Balancing confidentiality with accuracy and accessibility using the NHS’ IGF
Since the introduction of GDPR (General Data Protection Regulation) and the Data Protection Act 2018, UK businesses have been lawfully guided to consider privacy in the collection, processing and storage of personal data. Often this means ensuring the continued confidentiality of this data and minimising the data which needs to be processed. However, it is crucial to remember the importance of data accuracy and accessibility. This is particularly significant in sectors that deal with highly sensitive information, such as healthcare.
Nowhere is this more evident than within the NHS, where patient healthcare information must be meticulously managed. While GDPR sets the foundational standards for data protection and privacy, the NHS Information Governance Framework (IGF) provides additional, invaluable lessons. These lessons are especially relevant to the management of personal data across various sectors, ensuring that data is not only protected but also accurate, trustworthy, and readily accessible when needed.
Holistic approach
IGF journeys
The NHS IGF embraces this holistic approach by placing a special importance on the need to structure information governance around 2 “journeys”.
These are:
- “Journey 1: Sharing personal/Confidential Patient Information (CPI) between health and social care bodies within a Shared Care Records (ShCR) for the individual care of patients or service users.”
- “Journey 2: Sharing personal/CPI between health and social care bodies across geographical boundaries for the individual care of patients or service users.”
By explicitly stating the specific use of special category personal data (or CPI) before sharing it, organisations can maintain trust and compliance. Just as crucial is making this information accessible at the point of care, so that healthcare professionals with legitimate relationships can access the data they need, as soon as they need it. While GDPR covers these aspects, they can sometimes be overshadowed by a heavier focus on confidentiality and security across different sectors.
Businesses in any industry can learn a lot from the NHS’s approach to managing information. By clearly explaining why they need to share specific data, organisations can build trust and ensure compliance with regulations. It’s also important to make sure the right people can access important information when they need it. While it might seem at a glance that GDPR focuses on keeping data safe and private, it’s equally important to make sure the data is accurate and available. This balanced approach not only keeps information secure from unauthorised access but also helps businesses work more efficiently and effectively and preserves patient safety with information that is correct.
Below, we look at these journeys in more detail, starting with the second:
Data Accessibility
Purpose of processing
Lessons learned
Let’s not forget confidentiality
- Get in touch to find out more how the IGF can be adapted to your healthcare platform or service.
Balancing confidentiality with accuracy and accessibility using the NHS’ IGF
Since the introduction of GDPR (General Data Protection Regulation) and the Data Protection Act 2018...
Mobile Phone Theft – The Hidden Dangers and How to Protect Yourself
Mobile Phone Theft: A Growing Threat Mobile phone theft is not only common but also becoming increas...
Evolution of Phishing – what AI is doing to revolutionise social engineering
Phishing started as a basic tactic for attackers to exploit our trust. They were often directionless...
Going the extra mile with Cyber Essentials Plus
Most companies are aware of the benefits of obtaining Cyber Essentials certification for their busin...
Charity Cyber Essentials awareness month: strengthening cybersecurity for charities
This October, InfoShelter is excited to join forces with IASME and the National Cyber Security Centr...
Sorry, the comment form is closed at this time.