Receptionist snoops on medical records
Three GPs share their approach to a practice problem
Three GPs share their approach to a practice problem
It is with horror that you discover that a member of staff has been accessing the electronic records of patients who are her neighbours. This member of staff had no need to do this in the course of her duties but was curious to see what their problems were. She has not divulged anything outside the practice, as far as you are aware. What action should you take?
Dr Elizabeth Scott
'How to avoid that feeling of sick panic in the pit of your stomach'
Those who have not faced this dilemma don't know the feeling of sick panic in the pit of your stomach when you first hear that one of your receptionists has been nosey-parkering in the files. They are ignorant of the anxiety dreams of being pursued by litigants waving case sheets and shouting: 'How could you let this happen?'
I am not. It happened to me in the days of paper records when receptionists had to put files together for the next day's surgeries so they were always at the filing cabinets. At that time there was nothing to stop the surgery cleaner having a good read either.
We relied on their probity, the fact that the doctors' writing was as near cuneiform as made no difference, and that the cleaner was so visually challenged that I often thought she should be called a dirtier.
What did I do? I met with the offender and asked her if she thought what she had done was right. She did in fact feel very guilty and assured me that she would never pass on anything she found in the patient records. As far as I know, she never did, but she resigned from the practice shortly afterwards and never spoke to me again.
Electronic records can provide a solution. A decent system can be set up to provide password restricted access, which is graduated to the individual's need to know. Receptionists would be able to scan in letters but not open patients' records. Doctors would have complete access. Doctors who leave their rooms without logging off are safeguarded by the need to re-enter a password once their computer has gone into standby mode.
So many practices work on in a welter of electronics that have grown up around them without setting ground rules. Believe me, if you want to sleep easy, set up a graduated access code system. It safeguards everyone. In addition, build in a confidentiality clause to all contracts of employment so that those found breaching it may be given a warning with the knowledge that after the third warning they will face dismissal. It doesn't make employees feel threatened: in my experience it makes them feel proud of their password status and keen to maintain it.
Dr Rodger Charlton
'Seek the advice of your defence association first'
This is a very serious incident and my first step would be to ring my defence association for advice as a breach of confidentiality by a member of staff is the responsibility of the doctors in the partnership. I would also raise this matter with my partners as soon as possible to make them aware of the situation.
With the advice from the defence association and my partners I would arrange a formal meeting with the member of staff at which a partner, the Caldicott lead for the practice and the practice manager would also be present. (The Caldicott lead is the person at the practice responsible for safeguarding confidentiality of patient information.)
At the meeting we would make the member of staff aware of the seriousness of what she has done and the detrimental effect a possible divulgence of her findings to her neighbours would have. Disciplinary action would depend on the professional advice we had been given, what we had agreed as a partnership, what was written in the contract of employment and the advice of the Caldicott guardian at our PCO. The incident would be recorded in our significant event log and would be raised later to make other members of staff aware of the seriousness of such an offence and its potential damage to patients and the practice.
As patient records in primary care are rapidly becoming electronic and potentially accessible by many different parties, ways of preventing this in the future need to be discussed and implemented. Staff also need to be aware that ignoring such a practice protocol could lead to dismissal.
Dr Julian Randall
'It is your duty to train all your staff properly'
The actions of your staff are your responsibility; ignorance is no defence. You have a duty to train staff properly and to know they are behaving appropriately thereafter. An essential part of that training is instruction in the ethics of confidentiality, to make them aware of their duty of care to protect it, and that failing to do so is against the law, as governed by the Data Protection Act.
All staff should be aware that access to records is on a need-to-know basis, that unnecessary discussion is inappropriate and to be avoided within earshot of other patients and outside of the surgery. Did you educate this member of your team when you hired them? If not you were negligent and have only yourself to blame.
Remedy the situation by informing all your staff that this was unethical behaviour and illegal, and is not to be repeated. Take the opportunity to educate them – and yourself for the next time you take on new staff.
If your employee was already aware of the rules about records and computer data, their behaviour was both unethical and insubordinate. You need to interrogate them about whether the information was discussed at home. If this is denied, point out that you have no proof of that, so why should they be given the benefit of the doubt? You need to place the employee – chastened, one hopes – under caution that repetition will be taken as defiance and result in dismissal.
If the caution is heeded you have a better employee than before, if not then the decision is made for you. There is a progressive tendency towards entropy in all organisations; check if sloppiness in one area indicates a general trend.
What does this incident teach us?
Relevant laws and guidelines
- Data Protection Act 1998
- Access to Medical Records Act 1998
- Clinical governance – each NHS organisation is required to have a Caldicott guardian who is responsible for ensuring that patient confidentiality is respected
- Human Rights Act 1998
- Employment law
Staff training and protocols
- Staff training should cover confidentiality on day one
- Contracts of employment should warn that any breach (or colluding with or covering up such a breach) could lead to a warning or instant dismissal
- The rights of members of staff to access various levels of information should be defined; it should be possible to limit the level of computer access according to the individual's security level
- Staff should be warned the computer has an audit trail; they should keep passwords secret, and log out when they have finished at a terminal
- Confidentiality protocols should also extend to paper records and telephone calls. All waste paper containing patient information should be shredded
- This and similar breaches should be treated as significant events for the practice to learn from, and for inclusion in QOF and personal learning portfolios
Connecting for Health – new ways to breach confidentiality?
- Role-based access, legitimate relationships, smart cards, 'sealed envelopes' (see below) and audit trails and alerts have been included
- Patients are deemed to have given implied consent to sharing their healthcare information between clinicians caring for them unless they have specifically opted out
- Patients can ask for the Read Code 93C3 'Refused consent for upload to national shared electronic record' to be added to records; this is still a matter of dispute. Information they wish to keep secret could be placed in a sealed envelope
- Patients' summary care records will be accessible to any NHS staff in England who need legitimate access. It will probably consist of demographic information and key information about medication, allergy and so on
Melanie Wynne-Jones is a GP in Marple, Cheshire