IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Are trusts putting NHS data at risk by ignoring need for BYOD policies?

NHS trusts don’t know what staff are using their devices for, reveals FoI request

NHS IT

Two-thirds of NHS trusts are risking data breaches because they lack a policy to manage their employees' personal devices, it is claimed.

Just over one third (34 per cent) of trusts have measures in place to govern what devices staff can bring into work, and what they can do with them, according to a Freedom of Information (FoI) request sent to 35 trusts.

Those without a BYOD policy have sacrificed visibility into what devices are accessing their networks, claimed virtualisation firm Citrix, which submitted the FoI.

More than half the trusts 18 out of 35 were unaware whether personal devices were being used for work purposes.

A Citrix statement read: "This lack of visibility means that NHS trusts could be vulnerable to data breaches if a personal device is being used without adequate protection.

"The ability for employees to securely access trust data on the device of their choice has the potential to improve productivity and potentially contribute to a reduction in IT overhead cost.

"However, the FoI results reveal that many NHS trusts are struggling to seize this opportunity, with the delay in uptake also potentially having a significant effect on ensuring security requirements are met."

The news comes as the issue of data security in the NHS becomes a hotter and hotter topic, with the controversy of the patient data collection scheme, care.data, ongoing.

The initiative is meant to enable GP surgeries and hospitals to share patients' medical records, but has been criticised by data protection advocates.

Care.data was originally due to be rolled out in April 2014, but was delayed by six months due to a poor public consultation.

It's now being trialled in GP surgeries in Leeds North, West, South and East, Somerset, West Hampshire and Blackburn with Darwen.

But sceptics fear patient data will be sold to companies, despite assurances to the contrary, after millions of patients' information was sold off to private sector firms over the last decade, according to a report by the NHS information centre last June.

Tim Kelsey, national director for patients and information at NHS England, believes there is a moral right to collect patient data.

Speaking at a Big Data conference attended by IT Pro in January, he said: ""There are gaps so big, so dangerous, that they just have to be filled from a moral as well as a political perspective. We're going to be doing that this year.

"The NHS is not capable currently of telling you how many patients are treated for chemotherapy, for example. And certainly not capable of telling you that if they are treated, [then] what is their outcome."

IT Pro has approached NHS England for comment, but had not received a response at the time of publication.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Ten ways to protect your company from the next big data breach
data breaches

Ten ways to protect your company from the next big data breach

18 Feb 2022
Gumtree site code made personal data of users and sellers publicly accessible
data protection

Gumtree site code made personal data of users and sellers publicly accessible

16 Dec 2021
Secretary of State retires NHS Digital and NHSX
public sector

Secretary of State retires NHS Digital and NHSX

23 Nov 2021
Pizza chain exposed 100,000 employees' Social Security numbers
data breaches

Pizza chain exposed 100,000 employees' Social Security numbers

19 Nov 2021

Most Popular

Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
How full-stack observability can accelerate IT innovation
Sponsored

How full-stack observability can accelerate IT innovation

3 May 2022