Assuring the confidentiality of shared electronic health recordsBMJ 2007; 335 doi: https://doi.org/10.1136/bmj.39421.544063.BE (Published 13 December 2007) Cite this as: BMJ 2007;335:1223
- Mark McGilchrist, senior research fellow 1,
- Frank Sullivan, professor of research and development in general practice and primary care1,
- Dipak Kalra, clinical senior lecturer in health informatics, director 2
- 1Health Informatics Centre, University of Dundee, Dundee DD2 4BF
- 2Centre for Health Informatics and Multiprofessional Education, University College London, London N19 5LW
The recent loss of sensitive data on 25 million people by the government of the United Kingdom is just the latest in a series of events covering a wide variety of institutions in different countries.1 2 Media coverage has tended to focus on obvious aspects of the unintended release of personal data, such as the disks that were lost and omissions in procedure, such as encryption.3 The most important question in all of these scandals, however, is how a single failure or lapse in procedure could result in a catastrophic disclosure.
The consequences of these security failures are exacerbated by our increasing tendency to centralise large and detailed data from multiple sources, and the existence of policies and legislation that enable the sharing of data between organisations. In health care, the collection and storage of sensitive personal data is essential for delivering a high quality clinical service and for research.4 Indeed, the future function of the National Health Service (NHS) depends on it.5