Concern about USB sticks used for handovers

Posted on by

‘Concern about USB sticks used for handovers‘ article from E-Health Insider.

And as importantly the comments themselves, so you can make up your own mind:

COMMENTS!!

26 Jul 07 20:16 (mary.hawking@nhs.net)

Risks in handover times

Dr Daunt is to be congratulated – and so are the Trust and the junior doctor whose USB stick was stolen for facing the problem. This is bound to be a universal problem: handover – when the care of a patient is transfered from one individual or team to another (handover in hospitals: discharges – and admissions – between secondary and primary care) is recognised as a time when mistakes are particularly likely to occur. That being so, it is inevitable – and desirable – that any new method of making the handover process more efficient will be used. I haven’t heard this particular risk – authorised or unauthorised use of removal media such as USB sticks or floppy discs to facilitate handover in Trusts – discussed before. Do any Trusts have policies on this? If not, why not? “Don’t do it” is not a policy..

26 Jul 07 22:40

And on hospital PC is worse?

Last Saturday I walked onto a ward in my hospital. The first PC was logged on as “Ward X” – there were about 25 desktop items, which were Word, Excel and Notepad files of Junior Doctors “handover sheets” – full info – name, number, diagnoses, to do lists etc. Two clicks and “print” and it would all have been in anyone’s hands – or plug in the USB stick and there it all is in portable format. Yet all the Juniors believe in patient confidentiality, and our hospital has a password protected PAS that allows storing and printing of this data. So why do they not use it? Why do they compromise patient data?

I think we need to use some disciplinary muscle to stamp this out.

27 Jul 07 03:54 (mikehitchens25@btinternet.com)

Secure Biometric USB Reader

The LME Bio biometric fingerprint reader allows for secure storage of patient identifiable data for a number of registered users and optional secure remote access to a work-based clinical system from anywhere.

(post edited by EHI)

27 Jul 07 05:26 (swilson@lockstep.com.au)

Why is anyone using USB sticks to CARRY data?

I would have thought that using USB sticks to convey patient data between healthcare workers at changeover would be deprecated on a number of grounds, not just the risk of losing unencrypted information.

Why isn’t this data available to all staff concerned on a central EHR/EMR? What needs to be copied to a stick that isn’t already available online through a terminal? If data is replicated in an uncontrolled way, the biggest risk isn’t that it could fall into the wrong hands; rather, it is that the portable data is modified and comes to diverge from the ‘original’. It is supremely important that at no time is there any doubt about the primacy of a given piece of health data.

At changeover, carers should be using a secure key (ideally a smartcard) to access definitive data online, not swapping data on an ad hoc basis through portable media.

Cheers,

Stephen Wilson Managing Director Lockstep

www.lockstep.com.au

27 Jul 07 10:04

Thats the whole point

Quote: Why isn’t this data available to all staff concerned on a central EHR/EMR?

Because the currebt solution is so awaful, too slow and does not provide the information needed in this manner.

The use is common, best plan would be to offer a FREE encrypted sotware utility and insist on its usage.

Because of the size and manner of usb drives, its impossible to ban them, so pointless. better to secure them.

Of course this is a totally irrelevant arguement when I see the consultant orthpaedic surgeon staggering to his car with 15 kilos of patients written notes, locking them in his unsecure car boot and driving to the private hospital to update patients who have opted out.

It’s a regular occurence and thiefs can open that car model in 6 seconds

27 Jul 07 10:43

Only the medium has changed

Thirty years ago – when I was a house officer – I kept a small notebook with to-do lists for patients identified through attaching to the page one of the stickers for putting on lab request forms. So did nearly all my colleagues.

This was neither more, nor less, secure that the use of USB sticks.

27 Jul 07 13:08

good point about the paper note book

The ex-house officer makes a good point about the historic use of written notes for hand over, but I expect his hand writing was so illegible that only another doctor could read it.