IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Are trusts putting NHS data at risk by ignoring need for BYOD policies?

NHS trusts don’t know what staff are using their devices for, reveals FoI request

NHS IT

Two-thirds of NHS trusts are risking data breaches because they lack a policy to manage their employees' personal devices, it is claimed.

Just over one third (34 per cent) of trusts have measures in place to govern what devices staff can bring into work, and what they can do with them, according to a Freedom of Information (FoI) request sent to 35 trusts.

Those without a BYOD policy have sacrificed visibility into what devices are accessing their networks, claimed virtualisation firm Citrix, which submitted the FoI.

More than half the trusts 18 out of 35 were unaware whether personal devices were being used for work purposes.

A Citrix statement read: "This lack of visibility means that NHS trusts could be vulnerable to data breaches if a personal device is being used without adequate protection.

"The ability for employees to securely access trust data on the device of their choice has the potential to improve productivity and potentially contribute to a reduction in IT overhead cost.

"However, the FoI results reveal that many NHS trusts are struggling to seize this opportunity, with the delay in uptake also potentially having a significant effect on ensuring security requirements are met."

The news comes as the issue of data security in the NHS becomes a hotter and hotter topic, with the controversy of the patient data collection scheme, care.data, ongoing.

The initiative is meant to enable GP surgeries and hospitals to share patients' medical records, but has been criticised by data protection advocates.

Care.data was originally due to be rolled out in April 2014, but was delayed by six months due to a poor public consultation.

It's now being trialled in GP surgeries in Leeds North, West, South and East, Somerset, West Hampshire and Blackburn with Darwen.

But sceptics fear patient data will be sold to companies, despite assurances to the contrary, after millions of patients' information was sold off to private sector firms over the last decade, according to a report by the NHS information centre last June.

Tim Kelsey, national director for patients and information at NHS England, believes there is a moral right to collect patient data.

Speaking at a Big Data conference attended by IT Pro in January, he said: ""There are gaps so big, so dangerous, that they just have to be filled from a moral as well as a political perspective. We're going to be doing that this year.

"The NHS is not capable currently of telling you how many patients are treated for chemotherapy, for example. And certainly not capable of telling you that if they are treated, [then] what is their outcome."

IT Pro has approached NHS England for comment, but had not received a response at the time of publication.

Featured Resources

The COO's pocket guide to enterprise-wide intelligent automation

Automating more cross-enterprise and expert work for a better value stream for customers

Free Download

Introducing IBM Security QRadar XDR

A comprehensive open solution in a crowded and confusing space

Free Download

2021 Gartner critical capabilities for data integration tools

How to identify the right tool in support of your data management solutions

Free Download

Unified endpoint management solutions 2021-22

Analysing the UEM landscape

Free Download

Recommended

DHSC sets out ambitious targets for NHS App by 2023, beyond
Business strategy

DHSC sets out ambitious targets for NHS App by 2023, beyond

29 Jun 2022
Ten ways to protect your company from the next big data breach
data breaches

Ten ways to protect your company from the next big data breach

18 Feb 2022
Gumtree site code made personal data of users and sellers publicly accessible
data protection

Gumtree site code made personal data of users and sellers publicly accessible

16 Dec 2021
Pizza chain exposed 100,000 employees' Social Security numbers
data breaches

Pizza chain exposed 100,000 employees' Social Security numbers

19 Nov 2021

Most Popular

Samsung proposes 11 Texas semiconductor plants worth $191 billion
Hardware

Samsung proposes 11 Texas semiconductor plants worth $191 billion

21 Jul 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Should you take your password manager off the internet?
Sponsored

Should you take your password manager off the internet?

28 Jul 2022