PATIENT CONFIDENTIALITY is the absolute bedrock of medical care, underpinning patients’ confidence that they can consult freely and without fear. Recent events have dented this confidence: some 100 patient files were found in a bin outside Roscommon hospital; the medical records of a number of patients of St Joseph’s hospital in Ballina, Co Mayo, were discovered in a litter bin in a local housing estate; and records outsourced for transcription to the Philippines by Tallaght Hospital and other healthcare institutions were subject to “unauthorized access and disclosure.”
The files found in Roscommon contained names, addresses, details of medical tests and doctors’ comments about individual patients undergoing treatment at a different hospital in Mullingar. While the bin discovery incidents could be explained by laziness and a lack of professional rigour on the part of individual Health Service Executive staff, it may also reflect a lack of governance which, regrettably, has been a recurring theme since the HSE was established. The organisation has frequently been upbraided by the Health Information and Quality Authority (Hiqa) for its deficient management on a range of issues affecting the safety of patients. One of Hiqa’s briefs is to improve the flow and analysis of information in the healthcare system to ensure it delivers a consistent quality of care for patients. It recently issued recommendations for “unique health identifiers” for healthcare practitioners and organisations. These are designed to facilitate the timely sharing of clinical information between service providers and will pave the way for the full introduction of electronic health records. The data breaches involving voice files outsourced to the Philippines highlight the need for more efficient in–house models. But the ultimate aim must be the introduction of a single transferable electronic health record that is readily accessible by staff in primary care as well as those providing episodic care in acute hospitals.
Hiqa is currently preparing standards covering the privacy and confidentiality of patient records incorporating governance management, data quality and security. In the light of the recurrent breaches of patient confidentiality caused by the mismanagement of medical records seen in recent weeks, the Minister for Health must now expedite the introduction of national standards for health information.