A recent risk analysis conducted by the National Health Service (NHS) on its new patient database system concluded that the proposed system is susceptible to attack, which could potentially undermine patient confidentiality.
The potential for hacks and leaks of patient data is considered an insider threat from those working within the NHS. Although the data is stored as anonymous, procedures can be undertaken to identify which data belongs to which patient.
The new database system should have been underway, with the database proposed to have started collecting data from March this year. The ICO and Doctors have forced delay of the new database system for at least six months on the grounds that they believe that patients have not been made fully aware of the new system especially the areas regarding their rights to opt-out of the scheme.
The aim is to achieve a secure database of patient information by 2015 increasing the accessibility to health records. However having a pool of valuable data all in one location makes it susceptible to malicious attack from hackers as well.
Information security experts are doubtful of the new system and believe that the database will face many challenges from roll-out to implementation and the challenges of maintaining security of the data.
Before the new database system is approved the NHS will carry out a publicity campaign ensuring the public are made aware of their rights under the new scheme.