NHS smartcard losses raise security concerns

Many thousands of smartcards that give NHS staff access to patient records have been lost or stolen, according to a report by GP magazine Pulse.

Share

Many thousands of smartcards that give NHS staff access to patient records have been lost or stolen, according to a report by GP magazine Pulse.

The NHS IT agency Connecting for Health told the magazine more than 4,100 cards were unaccounted for. It also insisted the cards could not be used to access records or other data without PIN numbers and without being inserted in a card reader attached to an NHS networked computer.

The new data revealing the extent of smartcard losses comes four months after Connecting for Health said it had no record of how many of the more than 400,000 smartcards so far issued had been lost of stolen.

Pulse magazine also made Freedom of Information requests of NHS trusts to find out the extent of card losses, and came up with a higher figure of 6,000 cards lost. But one in 10 NHS trusts said they had no record of the number of cards lost.

The losses will raise fresh concerns about the confidentiality and security of the electronic care records being introduced as the central element of the NHS’s £12.4bn National Programme for IT (NPfIT).

Late last year the British Medical Association wrote to health minister Ben Bradshaw calling for a halt to the roll-out of patients’ summary care records until the results of pilot projects have been reviewed.

And concerns about confidentiality are also likely to grow as work progresses to allow NHS records to be shared with thousands more staff in local authority social services departments.

Under current plans eventually about 1.2m smartcards will be issued to staff across the NHS. The cards give varying levels of access to patient records, but more than 60,000 will offer GP-level access and a further 63,000 will give nurse-level access.

"Recommended For You"

Germany drops patient record scheme, UK presses ahead Data discs on 18,000 NHS staff lost in the post