Editor—Rigby et al make the point that it is difficult to ensure appropriate levels of confidentiality in electronic information systems to the point that the highly exacting requirements being demanded by independent commentators and professional bodies are difficult to satisfy without jeopardising the functioning of core services.1 It is not clear, however, how the TEAC health project has addressed this problem.
Software from a single supplier should provide a totally integrated system, but it may not contain all the elements required to meet the trust's strategy. A core system together with a number of bespoke systems communicating through integration engines may provide all the requirements. Unfortunately, in my experience, integration is never complete, and password protection is a major problem.
Everyone nowadays has to carry around numerous “passports” in the form of identity cards, keys, smart cards, and passwords. Access is denied without the appropriate passport, and we all know how easy and frustrating it is to lose any of these passports. Computer passwords of at least eight elements are changed at frequent intervals to maintain security. The log on name is usually specified by the system and can also vary considerably. For a busy clinician, using a different log on name in multiple systems with different and frequently changing passwords, the problem soon becomes impossible. A clinician unable to gain access to a clinical system from a clinical area has three choices.
(1) Call up the information technology department for assistance.
(2) Ask a colleague to log on or reveal the password(s).
(3) Cope without the information technology system by using paper and enter the data later.
I believe that this is a serious and important problem requiring an urgent solution. Ideally this could be solved through a European accreditation system. The examples of health threatening software errors already reported undoubtedly represents the very thin edge of the wedge. Those who are commissioned to introduce health informatics report the perspective of a strong cultural resistance to the technology. A cultural resistance to change as such cannot be supported but a cultural resistance to poor quality is to be commended. Ready access to clinical information systems by authorised clinical staff is a major quality issue and needs to be addressed urgently. The minimal requirements are integration with a single log on and password and a 24 hour telephone help desk that can remind the clinician of a forgotten password.
References
- 1.Rigby M, Forsström J, Roberts R, Wyatt J. Verifying quality and safety in health informatics services. BMJ. 2001;323:552–556. doi: 10.1136/bmj.323.7312.552. . (9 September.) [DOI] [PMC free article] [PubMed] [Google Scholar]