The Information Commissioner’s Office (ICO) was given new powers to audit the NHS last month. For the first time, NHS organisations will face compulsory audits from the ICO to ensure compliance with the Data Protection Act. More than ever, the security credentials of NHS systems – including the cloud collaboration tools many departments are already using to meet key objectives – will be under close scrutiny.
Information Commissioner Christopher Graham claimed the health service is among the “worst performers” when it comes to data security, despite the fact that “some of the most sensitive personal information” is held by NHS authorities. Fines totalling £1.3 million have already been imposed on healthcare bodies by the ICO – including the £70,000 penalty issued to the Aneurin Bevan Local Health Board in 2012 when an email containing sensitive details was sent to the wrong patient.
Describing the announcement as “a reassuring step for patients”, Mr Graham said the new powers will “give us a chance to act before a breach happens”.
However, it may not be such a reassuring development for those working within our embattled health service. No NHS professional would argue that data security and patient confidentiality are not hugely important issues, but will the spectre of scrutiny from the ICO place an additional burden on staff in an already overstretched organisation?
Furthermore, is it likely to create additional hurdles as NHS Trusts and other organisations continue to explore working better through collaboration? It’s easy to understand why some workers in the NHS might be asking these questions. At a time when staff remain under enormous pressure and are still adjusting to unprecedented structural changes, budgets are squeezed further and the financial future of the health service remains uncertain, the need for effective collaboration in an organisation that employs some 1.7 million people is compelling.
Government accredited security for NHS projects
Here at Kahootz, we’re hopeful that data protection enforcement from the ICO will not derail collaboration efforts in the NHS. And with the right collaboration tool, there’s no reason it should. Perhaps the ICO’s announcement simply underlines what many people working in the NHS already know: the importance of choosing a collaboration tool that offers watertight security credentials.
Available to NHS organisations via the G-Cloud’s Digital Marketplace, Kahootz is an online collaboration platform that has been independently security tested to the satisfaction of several government departments. Although the framework used to evaluate the security of services in the G-Cloud is currently in transition, our tool has received Pan Government Accreditation to Impact Level 2. That means you can be sure your data is always protected when you’re in Kahootz.
Furthermore, several NHS organisations are already using Kahootz to collaborate safely and securely. As more health service bodies go into the G-Cloud to find collaboration tools that can support their need to work closely with each other and external partners, the ability to demonstrate the security of these tools will become even more important for suppliers.