ensuring confidentiality and security. 2 objectives to foster an awareness of the importance of...
TRANSCRIPT
Ensuring Confidentiality Ensuring Confidentiality and Security and Security
2
ObjectivesObjectives
• To foster an awareness of the importance of Information Security.
• To understand the main threats and counter measures
• To raise awareness of the relevant legislation in particular the Data Protection Act 1998
3
What is Information What is Information Security?Security?
Security means that we have
– Confidentiality– Integrity– Availability
of the information
4
What is a data handling What is a data handling systemsystem
• ‘The term covers the use and management of data through organised systems of all forms, whether based on human endeavours, paper methods or information technology.’
5
How does security affect How does security affect you?you?
• Information about you• Information about patients/clients• Information about the Trust
6
What can go wrong?What can go wrong?
All Data Handling systems are All Data Handling systems are subject to threats subject to threats
• Incorrect input• Theft• Wilful damage• Unauthorised access• Software Virus
7
Security Breaches: Security Breaches: examplesexamples
• A set of patients' medical records left in a skip by retiring doctor (real example!)
• A security guard reading personal data left on an employee’s desk overnight.
• A copy of a child at risk register found on a second hand computer (real example)
• A employee using the PC of another employee (who logged in and left PC unattended) to process data without authorisation
• An employee using data for which they have authorised access for unauthorised purposes – e.g a police officer using the police national computer to check out daughter’s boyfriend. (real example)
8
Security Breaches: Security Breaches: examples (2)examples (2)
• A database corrupted by a virus• A patient in a waiting room at a doctor’s surgery
overhearing information about another patient’s ailments.• A patient at a GP surgery viewing the personal data of a
previous patient on a PC screen.• A passenger on a train was sitting next to someone who
was reading a solicitor’s brief about a person who had been charged with murder – he happened to be a relative of the passenger.
Case Study 1Case Study 1
An employee of the Child Support Agency, having read what he believed to be an inaccurate press article derogatory of the CSA and concerning a CSA client known to him, decided to set the record straight by faxing the true story to the newspaper concerned. Whilst the fax was sent anonymously, an investigation identified him as the author. He was dismissed from his employment and convicted of unlawful disclosure of personal data.
Case Study 2Case Study 2
The complainant who was employed by a hospital was summoned to the office of his Personnel Manager to discuss his sickness record. The Personnel Manager had accessed the hospital’s clinical computer information system in order to challenge certain aspects of the employee’s account of events. As a result of this complaint the hospital revised its security arrangements and the Personnel Manager incurred disciplinary action as a result of the inappropriate use of confidential clinical information for non-medical purposes.
Case Study 3Case Study 3
The complainant visited his local hospital for a course of physiotherapy. Some months after the therapy was complete the complainant received a letter from the physiotherapist who had since set up her own business. The physiotherapist had used the complainant’s information that had originally been given in confidence to the hospitals for the earlier treatment.
12
The Impact of the ThreatsThe Impact of the Threats
• Personal privacy• Personal health
and safety • Financial • Commercial
confidentiality
• Legal damages and penalties
• Disruption• Political
embarrassment
13
Ethical ConsiderationsEthical Considerations
• Promote patient/client well-being• Avoid detrimental acts/omissions• Open and co-operative manner• Recognise patient/client dignity• No abuse of position• Protect confidential information• Common Law Duty of Confidence
14
Overview of LegislationOverview of Legislation• Data Protection Act 1984 & 1998• Computer Misuse Act 1990
15
The Computer Misuse Act The Computer Misuse Act 19901990
Introduced three new offences• Unauthorised access to computers• Unauthorised access with intent• Unauthorised modification
16
Main Provisions DPA 1998Main Provisions DPA 1998
• Covers all HPSS records including electronic records
• Defines ‘processing’ as obtaining, holding and disclosing data
• Permits subject access to all records• Imposes considerable penalties
17
Data Protection ’98 Data Protection ’98 The PrinciplesThe Principles
1. Personal data shall be processed fairly and lawfully
2. Personal data shall be obtained only for one or more specified and lawful purpose
3. Personal data shall be adequate, necessary and not excessive in relation to the purpose for which it was provided
18
4. Personal data shall be accurate and up to date
5. Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for those purposes
6. Personal data shall be processed in accordance with the rights of the subject under the Act
Data Protection ’98 Data Protection ’98 The Principles The Principles continued...continued...
19
Data Protection ’98 Data Protection ’98 The Principles The Principles continued...continued...
7. Technical & organizational measures shall be taken against unauthorized or unlawful processing of personal data and against accidental loss or damage to personal data
8. Personal data shall not be transferred to a country outside the European Economic Area.
20
Personal DataPersonal Data• data which relates to a living individual who
can be identified from those data,or from those data and other information which is in, or likely to come into the possession of the data controller- includes expression of opinion and intention and is– system processed or intended to be processed
automatically,or – recorded as part of a relevant filing,or part of an
accessible record.– There is no requirement that this be done by reference
to the data subject
21
Scope of Data Protection Scope of Data Protection LegislationLegislation
• Automated Data (1984 & 1998)
• Relevant filing systems (Manual data) :1998)
• Accessible Records (1998)
22
Automated Data (1998)Automated Data (1998)
• On computer• Document image processing• Audio/Video• Digitized images• CCTV images
23
Relevant Filing System Relevant Filing System (1998)(1998)
• Non-automated systems structured by reference to individuals– Standard manual files
• Organised to allow ready access to specific information about individuals
24
Accessible RecordsAccessible Records
• Covers all Health and Social Care records
• Structured to allow access to individuals
25
StorageStorage
• Diaries• message books• appointments register• disks• address books• Complaints register• Incident/accident forms
26
Data Protection: DefinitionsData Protection: Definitions
• Processing - includes obtaining,holding and carrying out any operation on the information and data.
• There is no requirement that this be done by reference to the data subject
27
Legitimacy of Processing Legitimacy of Processing (1998)(1998)
• Personal data shall be processed fairly and lawfully and,in particular,shall not be processed unless:
– (a) at least one of the conditions in Schedule 2
is met, and
– ( b)in the case of sensitive personal data,at least one of the conditions in Schedule 3 is met”
28
Schedule 2 conditions Schedule 2 conditions (1998)(1998)
1. Data Subject has given consent2. Performance of a contract.
3. Compliance with legal obligation.4. Protection of subject’s vital interest.5. Crown/public functions 6. Legitimate interests of controller or
third party.
29
Sensitive DataSensitive Data
• Racial or ethnic origin• political opinion• religious beliefs (or similar beliefs)• membership of trade union• physical or mental health or condition• sexual life• any offence or alleged offence• any proceedings or sentence
30
Sensitive Data - Schedule 3Sensitive Data - Schedule 31. Data subject has given explicit consent2. Performance of legal duty in relation to employment
3. Protection of subject’s or third party’s vital interests
4. Legitimate activities of some non-profit organisations 5. The information has been made public deliberately by the
data subject 6. In connection with legal proceedings 7. Administration of justice, statutory obligations or
crown/public functions
8. Medical purposes9. For equal opportunities monitoring
31
Schedule 3 cont’dSchedule 3 cont’d
• Substantial public interest + prevention /detection of any unlawful act
• SPI + protection against dishonesty,malpractice,mismanagement etc
• Necessary for reviewing equality re: religion,disability and to promote /maintain
equality
32
Subject Access RequestsSubject Access Requests• Right of access to personal data in
computer or manual form• Entitled to:
– Be informed whether personal data is processed– A description of the data held, the purposes for
which it is processed and to whom the data may be disclosed;
– A copy of the data; and – Information as to the source of the data
• There are limited exemptions
33
Subject Access Requests Subject Access Requests cont’dcont’d
•Responding:– request should be in writing to relevant
director, – Data should never be read over phone, faxed
or emailed to data subject,– Must be given in 40 days.
Case StudyCase Study
ExerciseExercise
Can you describe a breach of IT security that occurred within your work area?
Describe: What happened?Why it happened?What the impact was?How you recovered (if you
did)Steps taken to prevent a
repetition.
36
Trust Example: Office FireTrust Example: Office Fire
• What Happened?– Recent fire destroyed 8 PCs, printer and PC based
data
• Why it happened?– Accidental fire
• What was the impact?– Minimal as there was central backup of files. Would
have catastrophic otherwise.
• How we recovered?– Data reloaded onto contingency PC’s in another
Office.
37
Securing automated dataSecuring automated data
Key areas:• Faxing
– Avoid the use of fax for sending personal data - if there is no alternative use secure protocols;
• Passwords– Good password management will help protect
personal data and staff
38
Securing automated data Securing automated data (2)(2)
• Email– Personal data should not be transmitted by email
• Data can be accessed by data subjects• Email can be insecure
• Portables/laptops– Do not leave unattended; when leaving ensure that it
is locked away; be aware of others being able to see your computer screen,
– PDA’s and Memory sticks must not contain personal information
– See Trusts IT Security Policy
39
Securing manual dataSecuring manual data
• Do not allow sensitive conversations to be overheard
• Guard against people seeking information by deception
• Message books– Accessible to staff only; sensitive data should
not be recorded in message books
• Lock filing cabinets
40
Securing manual data (2)Securing manual data (2)
• Diaries– Patient/client data, which is held in diaries
should be given the same security as any other record
• Telephone conversations– Staff should be careful about those within
earshot when discussing sensitive information; check the authenticity of any caller before divulging any information
41
Securing manual data (3)Securing manual data (3)• Minutes of meetings
– Minutes which render the subject identifiable should be marked confidential; stored in a secure area; available only to the personnel concerned.
• Staff Supervision records/Staff Appraisal• Sick leave records
• Such information is classified as sensitive data. Care should be taken when transferring information from medical certificates to notification form i.e abbreviations can lead to misinterpretation
42
Summary of key points.Summary of key points.
• Duty to PROTECT information• Duty to OBTAIN information fairly• Duty to ensure information is SECURE• Duty to JUSTIFY use and storage of
personal data• DON’T PASS ON information unless you
are sure• Remember Subject Access
43
BE CAREFUL WHEN YOU’RE BE CAREFUL WHEN YOU’RE ASKED FOR PERSONAL DETAILS ASKED FOR PERSONAL DETAILS
YOU NEVER KNOW WHERE YOU NEVER KNOW WHERE THEY’LL END UP THEY’LL END UP
**************************************************************************
EVERY TIME YOU’RE ASKED FOR PERSONAL EVERY TIME YOU’RE ASKED FOR PERSONAL INFORMATION THINK BEFORE YOU GIVE IT AWAY INFORMATION THINK BEFORE YOU GIVE IT AWAY
**************************************************************************
Thank you for attendingThank you for attending