Ways in which these aspects would affect PAS include the necessity for a password, ensuring only the members of staff that are authorised to see the information gain access to the password and a computer connected to the system and with regards to confidentiality and data integrity when and by whom the data is to be updated. This is important because as explained by Ball and Hannah (1985) professionals (e.g. nurses, or the data processor, when taking the Data Protection act (1998) into consideration) should enter the data that they collect onto the system because if this was left to a clerk they would have access to all of the patient information and they are not governed by a 'Code of Ethics', however in my experience word clerks have had a large input in updating patient records and have access to all the patients' notes.
The simple act of inputting patient information onto a computer system can be seen as invasion of privacy if the patient is unaware of the operation of the computer system (Westin 1976). The concept of invasion of privacy can be defined as 'intrusion upon the private and personal life of an individual. It may take the form of collecting and storing unnecessary data, disclosing data to individuals or organisations that don't have a genuine need for it, or putting private information to secondary uses', (Whieldon, 1979 in Ball and Hannah 1985).
When looking at Martin's, (1973), definition of privacy, which states it is the right of individuals and organisations to determine for themselves when, how and to what extent information about them is transmitted to others it can be seen that PAS is floored because all of the patients vital information is in one place, which makes it accessible to all who are able to access the system. This could be a problem because the patient might be happy for the doctors and nurses who are directly caring for them to see the information but not wish technical staff to see all of it, or they might be happy for the doctors to see information about the condition that they are treating but not see any information that is stored for other doctors. An example of this would be a psychiatric patient not wishing the medical doctors or GP to have access to information about their mental illness.
Moving on to confidentiality, which Martin (1973) defines as the trust placed in individuals to whom information is disclosed that the privacy of the information will be respected and the information will be used only for the purpose for which it was collected. This again shows floors in the way that PAS is run because as mentioned before ward clerks often input information to relieve busy nursing staff and they aren't working under a'code of conduct and may inadvertently pass on information about patients in general conversation. Finally when looking at security as the protection of information from accidental or intentional access by unauthorised people, which is mentioned in part 6 of the Data Protection Act (1998). It can be seen that 'a person must not knowingly or recklessly, without the consent of the data controller obtain or disclose personal data or information contained in personal data or procure the disclosure to another person of the information contained in personal data', which is also mentioned by Martin (1973). This could easily be broken as the computer terminals that are used to access the patient information are often on the nurses station where it is easy for anyone to look at the screens and take down information when the member of staff who it using the terminal's back is turned. Also if a visitor particularly wanted to access the computer system it would be relatively easy for them to do so because the password for the system is often noted down next to the terminals so that staff don't forget it or if this wasn't the case with the computer keyboard being in a visible place someone could easily watch the password being typed in than then use it at a later date.
To conclude this assignment steps that could be taken to minimise the possibility of breaches of security and confidentiality are changing passwords at regular intervals and ensuring that only members of staff who need to know the new password are informed. When accessing information be aware of the need to protect privacy and confidentiality and approach anybody whom you might feel are accessing information that they shouldn't. Attempting to make sure that the keyboard of the computer is out of sight from the general public and using flat-screened monitors that can't be read from an angle would also help to prevent the wrong people getting hold of private information. Ways of ensuring integrity of data involve asking patients to inform us of any change to address or personal information and finally by checking that the information is still correct on each admission to hospital.
Reference List
• Ball, M, Hannah, K. (1985) Using Computers in Nursing. Reston Publishing Company, Inc. Virginia.
• Government. (1998). Data Protection Act, Chapter 29. Internet WWW
page at (Accessed
19.08.02)
• Kenworthy, N. Snowley, G. Gilling, C. (1996) Common Foundation Studies in Nursing. 2nd Ed. Churchill Livingstone. London.
• Martin, I, (1973). Design of Man Computer Dialogues. Englewood Cliffs. New Jersey. Cited in Ball, M., Hannah, K. (1985) Using Computers in Nursing. Reston Publishing Company, Inc. Virginia.
• United Kingdom Central Council for Nursing, Midwifery and Health Visiting. (1992) The Code of Professional Conduct for Nurses, Midwives and Health Visitors. UKCC. London.
• Waite, M., (Ed) (1998) Oxford Colour Dictionary. Oxford University Press. Oxford.
• Westin, A. (1976). Computers, Health Records, and Citizen Rights.
Government Printing Office. Washington DC. Cited in Ball, M., Hannah, K.
(1985) Using Computers in Nursing. Reston Publishing Company, Inc. Virginia.
Whieldon, D. (1979). 'How much does privacy cost?' Computer Decisions (August): 54-56. Cited in Ball, M., Hannah, K. (1985) Using Computers in Nursing. Reston Publishing Company, Inc. Virginia.