New systems for the NHS must be so good that staff aren’t tempted to find ‘work arounds’ that jeopardise security, Connecting for Health primary care clinical lead, Professor Mike Pringle says.
He told a conference hosted by Connecting for Health (CfH) and the NHS Alliance that he visited a practice where staff had worked around the need to log on individually each time they used the computers. They put one smartcard in each of the machines and kept the system open!
This meant that the audit trails generated by the cards, which are meant for individual use and should show precisely who did what and when on the system, were invalidated.
The anecdote adds to system administrators’ fund of tales of horror about passwords being shared round departments and scribbled on Post-it notes stuck to screens.
But Professor Pringle told E-Health Insider: “Primary care has always been good at finding work arounds and we have to make sure that the systems they have are so good they are not tempted to do work arounds.
“The real world out there is that people will find ways of getting about their business,” he said.
He added that he felt the issue was not just technical, but an educational. “A lot of people receive their NHS card and don’t appreciate the significance…we haven’t educated everybody about the importance of that smartcard.”
He likened the current situation in the NHS to where we were some years ago when credit cards were first introduced: use was light and no one worried too much about them. Now everyone is aware of their potential for misuse.
CfH could not tackle the issue alone he agreed. “It’s got to be cultural,” he commented.