869 access queries on patient records
CONCERNS that staff at north Wales hospitals might be accessing patient medical records they shouldn’t be were flagged up more than 800 times in the last two years.
Since a new system was brought in in 2016, 869 potential incidents for concern were raised.
But Betsi Cadwaladr University Health Board said while certain access might be queried, the system might be flagging legitimate access attempts – such as where the staff might have the same surname as a patient but be no relation.
A spokesman for the health board said: “Staff sign an ‘acceptable use’ policy when they use our IT systems, and complete mandatory training on information governance every two years.
“Where suspected inappropriate access is found proven, an incident management process and the ‘All Wales Disciplinary Policy’ is followed.
“We regularly remind staff about the need to comply with the acceptable use policy and we ran a campaign to raise awareness and remind staff of their roles and responsibilities regarding accessing patient information before the launch of the National Intelligent Integrated Audit Solution system in April 2016.
“It’s important to note that there are a range of legitimate explanations behind why an ‘incident of concern’ would be recorded, such as patients with common surnames matching with staff, or staff having similar home addresses to a patient.
“The data shared in the Freedom of Information request only details potential incidents, rather than breaches in confidential data.”