24th March, 2010, Newbury, UK. New Data Protection Act powers coming into force of April 6th will mean Boards need to evaluate the ways in which they handle data and will have to consider whether email is a suitable method for transmitting personal data. The new law is designed to prevent any data breaches from occurring and allows the Information Commissioner’s Office (ICO) to impose fines on Trusts or individuals of up to £500,000 for serious offences.
Many Boards still use email to transmit sensitive information, yet email does not provide security for this type of data. Not only do they send board packs via email, but often personal data for Board decisions is also issued in this way.
“We have known for a long time that email is an insecure way to transmit data. Yet many Boards still use email to distribute sensitive, personal information such as patient complaint files or staff information to remote Board members” says Alister Esam, CEO of eShare. “Trusts that use eShare are already compliant with this aspect of the Data Protection Act.”
If data breaches do occur, the ICO will take into consideration what measures were in place to avoid breaches. The clear solution is to use professional secure server technology run by people who specialise in dealing with these systems. This allows Board members to access all necessary information in one secure location without the need to transfer, and store locally, sensitive data.
“The new laws will mean that Trusts have to embrace technology to protect their data” says Esam, “The outcome will be the use of secure governance software by all Boards going forward and this is going to mean better governance generally as Boards are forced to engage with all the other benefits governance software delivers.”
END