There is evidence to suggest that a lack of training within the NHS could put data security at risk.
A freedom of information request found that NHS trust staff have been insufficiently trained on how to protect data from a cyber-attack; in addition, there are concerns that there are some worrying business practices within the health service. The information revealed that more than 70% of trusts allow tablets and smartphones to be used within the workplace and that even more trusts supply such devices for use at work.
A similar number of trusts admit there has been little training provided in data security, even though many data breaches have been proven to have a connection to the use of mobile devices. One of the more shocking revelations is that staff are often using their own personal smartphones or tablet computers to access data such as patient records.
Many trusts are relying on encryption or security connected to their server to protect the data, or even relying on staff to adhere to the set policies on data security. The problem has been highlighted as the NHS plans to take the service paperless by 2018, thereby encouraging further use of mobile devices to access records and other data.
Experts say that the increased use of mobile devices within the health service needs to be properly managed in light of the rapidly increasing number of data breaches. Just 53% of trusts currently have a secure system for patient data sharing.