A recent audit of the Wellington region's health service revealed patient records being stored in public corridors with no controls on access
The audit [Telarc] underlines that the organisation is bordering on dysfunctional. It records grave failings, such as leaving patient records in public corridors where anybody passing can take a peek,.... Dominion Post 8 Nov 2007There are plenty of things that can be done technically to meet the required standards of privacy but if the underlying organisation has an irresponsible attitude to security we will see ill-considered technical 'solutions' that compound the problem.
As Blindside comments on one mobile health care device
Let’s see. Wireless transmission of sensitive information–yeah, we’ll get to that right after we take care of those pesky ergonomic and battery life issues. And preventing hacking and malware to ensure that the information is accurate? Hmm. Let’s put that on the list of things to do after we make sure it doesn’t add to the weight of the tablet deviceI suspect that the subject of healthcare privacy needs a shake up from top to bottom. A few questions ...
- Is it clear what the customer (that's us, not the health managers) wants?
- What 'need' do these 'wants' reflect?
- Do the legislation and ethical requirements reflect this underlying need?
- Is there suitable compliance and enforcement of the legislation and ethical requirements?
- Should we get anaesthetists and paediatric cancer specialists before worrying about privacy and security?