It has been decades since the NHS operated solely on a paper-based system.
Yet digital health records have only recently started to be used in a wider context.
A recent scheme implemented by NHS Wales trialed the use of digital records by pharmacists to treat patients for a sore throat, for example. And it proved to be a huge success, with a 98% satisfaction rate.
Patients were able to nominate their local pharmacy to access their medical records if they wished, which meant that, should they need treatment such as antibiotics for a sore throat, their pharmacist could check additional health information about them to ensure their prescription would be safe.
This system is now gradually being rolled out further across NHS Wales, with the aim of lightening the load on GPs, who would normally need to examine patients before prescribing antibiotics.
If greater responsibility can be given to pharmacists and patients can obtain more medicines without having to visit their GP, for example, it would alleviate some pressure on local surgeries, enabling them to make additional appointments available for people with more-urgent health concerns
And the success of the trial indicates that this type of service could also be implemented effectively elsewhere in the UK.
The pros of digital records
Speaking to BBH, Sascha Giese, head ‘geek’ at SolarWinds, explains: “The trial in Wales is a great example of how digitising the health sector is a positive step forward, and it highlights how digital records can be used outside of a consultation with your GP.
“If greater responsibility can be given to pharmacists and patients can obtain more medicines without having to visit their GP, for example, it would alleviate some pressure on local surgeries, enabling them to make additional appointments available for people with more-urgent health concerns.
“Patients would also benefit because they would receive the right help more quickly—either straight from the pharmacist at short notice or via the increased number of GP appointments available for booking.”
However, this approach also introduces concerns around data privacy and cyber security that may not have been previously discussed.
Challenges to be conquered
“Many people would be happy to have their medical needs met faster and more easily, but only if they have confidence the system in place will keep their data secure and accessible only by the right people, at the right times”, said Giese.
Data protection for patient records will almost always be the responsibility of the NHS and the Department of Health and Social Care, which will need to implement measures for storing the information securely.
Regulations for this will, therefore, apply more to these parties than to individual pharmacies.
It would be a disaster if personal medical records—and the sensitive data contained in them—were hacked because of an insecure pharmacy network
However, when pharmacists access the records in their pharmacies, their network must be secure enough to ensure there are no vulnerabilities to cyber attacks.
Giese said: “It would be a disaster if personal medical records—and the sensitive data contained in them—were hacked because of an insecure pharmacy network.
“Additionally, patients need to be sure their pharmacists can only access the relevant data in their records.
“For example, there may be some medications with the potential to impact the treatment options a pharmacist can prescribe. Some other aspects of a patient’s medical history, however, may be more private and are irrelevant to anyone other than the patient’s GP— and these must be inaccessible.
“It’s also crucial for the relevant data to only be accessible at the time the patient is at the pharmacy requesting treatment.”
Under lock and key
Along with the advances in the use of technology by the NHS, security measures have also developed rapidly over recent decades.
And, today, one of the most-effective ways to ensure relevant patient data is only accessed by the right pharmacist at the right time is through multi-factor authentication (MFA).
With this, pharmacists can only access a patient’s records when they are there to provide the right details—possibly through an app on their phone—including answers to questions, passwords, and potentially even fingerprints or retinal scans.
The trial in Wales is a great example of how digitising the health sector is a positive step forward, and it highlights how digital records can be used outside of a consultation with your GP
Once a patient shares the required information, the pharmacist can access the useful data and provide the necessary service.
While this may exclude anyone who does not have a smartphone, a simpler two-factor authentication (2FA) would also be secure and would only require the patient to have a mobile phone capable of receiving and replying to text messages, advises Giese.
“Though this wouldn’t help every single patient, most people have mobile phones, so this would likely be the most-effective way to keep data safe,” he said.
“And, in time, there may be more instances where MFA could be used to add additional security.”
Access rights management is also an important aspect of this technology.
This records everyone who accesses a file and—crucially—when they accessed it.
Giese said: “Employing access rights management would increase patient confidence; and if there was ever any doubt about whether a pharmacist had accessed data without a patient’s consent, there would be a record of what was accessed and when.”
He concludes: “Patient care can be boosted massively by the implementation of various technologies and, by expanding the use of digital health records, healthcare organisations can improve the services they offer to patients.
“Though the trial by NHS Wales is just one example of how medical records can be used more effectively, it’s clear with the right planning, these efforts can help lead the way towards more widespread digital transformation.”