Medical Records: Lost Property

Health written question – answered on 15th July 2008.

Alert me about debates like this

Photo of Keith Vaz Keith Vaz Chair, Home Affairs Committee, Member, Labour Party National Executive Committee, Chair, Home Affairs Committee

To ask the Secretary of State for Health

(1) what procedures are followed to retrieve NHS patient information which is (a) lost and (b) stolen;

(2) what safeguards are in place to prevent NHS patients' information being (a) lost and (b) stolen.

Photo of Ben Bradshaw Ben Bradshaw Minister of State (Regional Affairs) (South West), The Minister of State, Department of Health

The security of patient records is a local responsibility and each national health service body is legally responsible for holding information securely. However, the Department provides comprehensive policy, guidance and supporting tools for security compliance to NHS bodies and has also made encryption software available to all NHS trusts through a central procurement. The 10 strategic health authorities hold local organisations to account for their performance.

The Department is also providing, through the National Programme for IT, electronic patient record systems that are protected by the highest levels of access controls and other security measures, a secure NHS network for exchanging information that is centrally monitored and strongly protected, and secure NHS e-mail facilities that encrypt all data in transit within the system.

Action taken to retrieve lost or stolen patient information is locally determined and will depend on the circumstances of each particular event, but will typically include involvement of the police where theft has occurred or is suspected, and an internal investigation into the circumstances, with disciplinary procedures invoked where necessary and appropriate.

Does this answer the above question?

Yes0 people think so

No0 people think not

Would you like to ask a question like this yourself? Use our Freedom of Information site.