Assuring the confidentiality of shared electronic health records
BMJ 2007; 335 doi: https://doi.org/10.1136/bmj.39421.544063.BE (Published 13 December 2007) Cite this as: BMJ 2007;335:1223
- Mark McGilchrist, senior research fellow 1,
- Frank Sullivan, professor of research and development in general practice and primary care1,
- Dipak Kalra, clinical senior lecturer in health informatics, director 2
- 1Health Informatics Centre, University of Dundee, Dundee DD2 4BF
- 2Centre for Health Informatics and Multiprofessional Education, University College London, London N19 5LW
- m.m.mcgilchrist{at}dundee.ac.uk
The recent loss of sensitive data on 25 million people by the government of the United Kingdom is just the latest in a series of events covering a wide variety of institutions in different countries.1 2 Media coverage has tended to focus on obvious aspects of the unintended release of personal data, such as the disks that were lost and omissions in procedure, such as encryption.3 The most important question in all of these scandals, however, is how a single failure or lapse in procedure could result in a catastrophic disclosure.
The consequences of these security failures are exacerbated by our increasing tendency to centralise large and detailed data from multiple sources, and the existence of policies and legislation that enable the sharing of data between organisations. In health care, the collection and storage of sensitive personal data is essential for delivering a high quality clinical service and for research.4 Indeed, the future function of the National Health Service (NHS) depends on it.5
The …
Log in
Log in using your username and password
Log in through your institution
Subscribe from £173 *
Subscribe and get access to all BMJ articles, and much more.
* For online subscription
Access this article for 1 day for:
£38 / $45 / €42 (excludes VAT)
You can download a PDF version for your personal record.