December 12, 2019 -- Electronic systems make it quick and easy to transfer patient data and images, but it's vital to ensure sensitive information remains secure. In a new report about patient confidentiality, the U.K. Royal College of Radiologists (RCR) gives 10 simple email rules to follow.
These are the rules:
Duties and obligations
Overall, radiologists must be mindful of the duties of confidentiality placed on them by law, in particular the European Union's General Data Protection Regulation (GDPR) 2016 and national legislation such as the U.K. Data Protection Act (DPA) 2018, explained the authors of the 24-page RCR report called "Guidance on maintaining patient confidentiality when using radiology department information systems."
Radiologists are also bound by the professional obligations imposed by relevant medical councils, as well as local information governance and contractual requirements, and this is no different to the way other doctors are required to maintain patient confidentiality on hospital ward rounds, in clinics, in general practice surgeries, etc., they added.
The report aims to provide information on what to do in commonly encountered data sharing situations.
"With this knowledge, and the application of common sense, radiologists should be in a better position to comply with the law and provide the level of confidentiality that patients expect," the authors point out. "A note of caution however; data confidentiality and the legislature surrounding it are complex and constantly evolving. You are strongly advised to seek the guidance of your local data protection officer before commencing any new patient data handling processes."
They acknowledged the contribution of members of the RCR Radiology Informatics Committee and Mark Scallan, head of information governance at Royal Cornwall Hospital.
You can download a copy of the document free of charge from the RCR website.