GPs told to secure web data

  • 1 March 2011
GPs told to secure web data
IT failures continue to be rife across government

GP representatives have warned doctors to check the confidentiality of patient data submitted when patients use online services on practice websites.

The BMA’s General Practitioner Committee said it was important to make sure information governance safeguards are in place on practice websites, as increasing numbers of surgeries offer online functionality.

The GPC said many GP practices were using third party suppliers to build and host their practice websites.

It told local medical committees: “These websites are often hosted by companies outside the NHS. This may result in a third party processing information about patients, which could include name, address, date of birth and NHS Number.”

The doctors’ representative committee also noted that patients may be unaware that the website is not part of the GP practice and said: "It is important that websites make it clear to patients that any data they submit are being handled by a third party, if this is the case.”

The GPC said it GPs should check-out any company offering services that involve patient identifiable data, to make sure they have appropriate information governance safeguards in place.

It added: “Where data is held on servers, for example when patients’ complete web forms, there should be an agreement, in the form of a signed contract, with the web hosting service which states that they will not retain copies of any data.”

The majority of GP practices now have practice websites and the main GP system suppliers all offer or plan to offer online functionality for patients.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

Study finds two-thirds of UK GP surgery websites have accessibility errors

Study finds two-thirds of UK GP surgery websites have accessibility errors

A study into UK GP surgeries’ websites has found that two-thirds (66%) of sites have detectable design errors, potentially excluding one-in-five users.
Care.data: gone but not forgotten

Care.data: gone but not forgotten

Care.data has been officially dead for more than a month, but its legacy is far from buried. Ben Heather takes another look at the devil…
NHS-backed apps put patient data at risk

NHS-backed apps put patient data at risk

Dozens of apps that feature in the NHS Health Apps Library put the privacy of patient data at risk, according to a paper published in…