Article Text
Abstract
Recent large-scale personal data loss incidents highlighted the need for public bodies to more securely handle confidential data. We surveyed trainees from all specialties in the Welsh Deanery for their knowledge and practice. All registered trainees were invited to participate in an online anonymised survey. There were 880 completed and non-duplicated responses (52.9% response rate). Responses were analysed using Microsoft Access. Over 40% (388/880 (44.1%)) did not use formal guidelines on storage or disposal of confidential data. The majority appeared to dispose of confidential paper documents securely, that is, using shredders and white shredder bags. However, there were significant numbers of unmarked responses. Clinical documents, such as theatre lists, were taken home by 281/880 (31.9%) of trainees. The majority secured their computers (569/871 (65.3%)) by either not keeping patient identifiable data on them or using encryption. However, 302/871 (34.7%) did not adequately secure their computers. The surgical and anaesthetic specialties were least aware of formal confidentiality guidelines (95/178 (53.4%)) and 52/102 (51.0%) respectively) and least secured their computers (106/178 (59.6%) and 63/102 (61.8%) respectively). Education is needed to improve knowledge and practice of confidential data handling. This may be delivered through workshops during induction programmes or as part of European Computer Driving Licence (ECDL) modules. Training is especially indicated for the surgical and anaesthetic specialties.
- Education for health care professionals
- professional—professional relationship
- confidentiality/privacy
- information technology
- information technology
- education for health care professionals
- professional—professional relationship
- confidentiality/privacy
Statistics from Altmetric.com
Footnotes
Competing interests None.
Provenance and peer review Not commissioned; externally peer reviewed.
Read the full text or download the PDF:
Other content recommended for you
- Legal and ethical considerations in processing patient-identifiable data without patient consent: lessons learnt from developing a disease register
- Confidentiality of personal health information used for research
- Accessibility versus confidentiality of information in the emergency department
- How overturning Roe v Wade has eroded privacy of personal data
- Cybersecurity and healthcare: how safe are we?
- Review recommends duty to share data when in patient’s best interests
- Developing a globally applicable cybersecurity framework for healthcare: a Delphi consensus study
- ‘Where is the ECG machine?’: a quality improvement project using WhatsApp to improve the efficiency in locating shared medical devices in an inpatient unit
- Phishing in healthcare organisations: threats, mitigation and approaches
- Protocol for the China PEACE (Patient-centered Evaluative Assessment of Cardiac Events) Million Persons Project pilot