Why The Time Is Right For An Authentication Revolution To Sweep Through The NHS – Tim Shaw, Channel Sales Manager At VASCO Data Security

Amid the many challenges faced by the NHS – ranging from a chronic funding crisis, a lack of resources for front-line staff, the contentious issue of GPs working weekends, over-stretched A&E departments and an ageing population to contend with – remains the profession’s ongoing determination to put the patient at the centre of care.

While recent initiatives such as QIPP have helped healthcare professionals to address the NHS’s quality and productivity challenge in order to maintain standards of patient care against such a challenging backdrop, looking ahead, the move to a ‘Paperless’ NHS and the deployment of Electronic Patient Records (EPRs) promises further improvements to quality and standard of care patients receive.

Of course, the paperless NHS and EPRs alone are not a panacea for all the NHS’s woes, but they should go some way to achieving both the cost savings and delivering the performance gains Health Secretary Jeremy Hunt highlighted when he announced them, while freeing up medical professions from the admin burdens that currently sink into the time they should be spending with patients.

It is my opinion, though, that while spending more time with patients is a highly valuable and essential way to reinvigorate the doctor patient relationship, patient trust in the NHS as a whole could be elevated to a new level if patients can be assured that their records – particularly in electronic format – are safe and secure. Too often we have heard of healthcare-related IT security breaches that have compromised patient confidentiality, with such events occurring either through poor security process, failure to follow a process or, in worse case scenarios, no process at all. Such incidents serve to undermine the hard work that medical professionals invest in order to create a bond of trust between themselves and their patients. If they continue to occur in the era of EPRs and the paperless NHS, it will be difficult to make patients believe that this new, technology-led NHS, is any better placed to be trusted with their confidential data.

But keeping sensitive patient data protected and accessible only to those authorised to view it, needn’t be so complex as to be prohibitive. Of course, the NHS is a large, complex organisation that across many trusts and departments uses a multitude of products, patient information systems and technologies in order to deliver care. When it comes to IT security then – and especially systems that require medical professionals to authenticate themselves before they can access patient systems, files or internal networks remotely, or on site – it is understandable that there could be some hurdles to overcome when introducing new solutions. First, there is the issue of change management to contend with, convincing users that a) the new solution won’t inconvenience them and b) that it can offer true benefits with respect to patient data security, both in the short and long term. Second, users expect a seamless experience across multiple devices, applications and interfaces. Today, this continuity is both essential and possible, and authentication solutions can offer interoperability with numerous applications to ensure consistency and the desired user acceptance.

At VASCO, we have seen many examples where healthcare providers and health organizations globally have locked down confidential documents and prevented security breaches through implementing authentication solutions. With the NHS on the cusp of one of the most transformative moments in its history, I believe this is an ideal opportunity for the NHS to ensure that two factor authentication becomes the secure gateway between not just electronic patient records, but any clinical information system, device, app or interface that offers access to patient data. And, in doing so, it can effectively address at least one of its challenges while keeping patients at the centre of care.