What can the NHS learn from the Talk Talk breach?
The NHS does not have a great track record, when it comes to data sharing. The big technology projects to enable data sharing have been bigger political and financial icebergs than first appeared and often leading to wrecks.
For all the information governance structures, we still see regular data breaches from the NHS. You fear that if the recent Talk Talk hackers had a real go at health data, it would lead to many more breaches.
So, is less data sharing and more security the answer? Yes perhaps, to greater security, but certainly no to less sharing. Put simply, if we are going to integrate services to improve basic care and the patient experience we have to accept data sharing. No one, even in the commercial organisations badly affected by data breaches, is really saying "let’s go back to paper records".
The real clincher for me, however, is the fact that health cannot remain behind with the rest of our everyday life led on the assumption of near universal data sharing with appropriate security. The way most businesses operate effectively today is absolutely based on shared data. Younger generations who have grown up knowing nothing else assume their data will be shared not kept in silos. They recognise that to exist online they have to share data. This may be uncomfortable for us, but our children will be the ones consuming and delivering health services. Increasingly we need to accept they will operate on a fundamentally different set of assumptions about the use and sharing of data.