Securing Patient Data in your Anaesthetic Logbook

How to keep your cases secure...
Home / Trac / Securing Patient Data in your Anaesthetic Logbook

Securing Patient Data in your Anaesthetic Logbook

Another week, another story in the national press about a breach of patient confidentiality. This one may have made the front pages due to the involvement of a controversial political figure, but the majority get considerably less airtime.

Nevertheless, loss of patient data is disruptive to the system, distressing to patients, and can potentially result in disciplinary action for the persons involved.

Your Anaesthetic Logbook

It’s the time of year when thousands of new doctors are on the move once again, of whom around 600 will be taking their first steps into anaesthesia, and thinking about starting a logbook.

Using a mobile app to maintain a logbook has its obvious advantages in terms of portability, usability and connectivity, but raises fresh issues for how we protect patient data in medicine. While most doctors arguably look after their phones a lot better than they would look after a paper-based patient list, it is still important to take precautions to look after the information contained within.

Here are our top tips for keeping a secure anaesthetic logbook:

1

KEEP IT SAFE

This may seem obvious but is often overlooked. Under the GMC confidentiality guidance published in 2009, it is the responsibility of the individual doctor to protect patient data they hold:

You must make sure that any personal information about patients that you hold or control is effectively protected at all times against improper disclosure.

– Confidentiality (2009) GMC

When you install a logbook app on your phone or tablet, it stops being the device on which you check Facebook and play Candy Crush, and becomes a potential store of sensitive data. With this comes a greater level of responsibility:

  • Don’t leave the phone unattended
  • Ensure it is secured with a pin code
  • Act quickly if your device is lost
DID YOU KNOW?
If you do misplace your Android phone or tablet, you can locate it on Google Maps using Android Device Manager. You can even call, lock or erase the device remotely.
Android Device Manager
2

USE A PASSWORD

All good anaesthetic logbook apps should feature password protection. Often it’s optional, so make sure you activate it early on. In most cases, this is unlikely to deter anyone really determined to access your data, but will go a long way towards avoiding prying eyes, should your phone be unattended or stolen.

3

BE CAUTIOUS OF THE CLOUD

In October 2014, hackers threatened to release the account details of 6.9 million Dropbox users in exchange for money. Google Drive has suffered similar compromises in the past. As we store more and more of our personal data online, these services are likely to become even more attractive (and lucrative) targets for malicious types.

The truth is that these services, along with Microsoft OneDrive and Apple iCloud, are probably a lot more secure than the technology media would have us believe, but nevertheless come caution is in order.

It’s strongly advisable to back up your logbook on a regular basis in case your phone dies, but perhaps think twice about storing that backup in the cloud – doing so simply introduces an unknown middle man into the process, over which you have no control.

4

ANONYMISE, ANONYMISE, ANONYMISE

Let’s envisage the worst case scenario: your phone gets stolen. Not just stolen by some guy on the bus who fancied a new smartphone, but someone worse. Someone who’ll use the information contained within to steal patients’ identities, sell the story to the Daily Mail, and get you in hot water with the GMC. Sounds pretty bad, right?

Most anaesthetic logbooks available in the UK follow the Royal College of Anaesthetists format, which includes the ability to record the patient’s MRN number and date of birth. A few even allow you to record the patient’s name.

Our number one tip is therefore this: DON’T.

There is literally no need. It’s even written into the curriculum for CCT in anaesthesia:

9.2.1 Use of patient ID in logbooks
Patients must not be individually identifiable from the patient ID used. The GMC Confidentiality Guidance defines anonymised data as ‘Data from which the patient cannot be identified by the recipient of the information’. The name, address and full postcode must be removed together with any other information which, in conjunction with other data held by or disclosed to the recipient, could identify the patient. The RCoA recommends that trainees only record the age (not date of birth), sex and ASA grade of patients and that no other unique numbers are retained.
Curriculum for a CCT in Anaesthetics (RCOA)

In the event that the worst case scenario does happen to you, the contents of an anonymised logbook with be nothing but a list of dates and times. Nothing can be linked to patients and (provided your logbook is backed-up), the loss will cost you nothing more than your phone…

Trac: The Anaesthetic Logbook

Trac: The Anaesthetic Logbook

Trac is a flexible, attractive and secure way to maintain your anaesthetic logbook from your Android phone or tablet. Download it for free today!

DripFeed Admin
DripFeed Admin
Our editorial team are here to keep you up to date with all the latest news and tips to help you get through the UKCAT and medical applications in general.

Leave a Comment

Contact Us

If you've got feedback, ideas, or just fancy a chat...we want to hear from you!

Not readable? Change text. captcha txt

Start typing and press Enter to search

Trac Logbook Update