BAILII is celebrating 24 years of free online access to the law! Would you consider making a contribution?

No donation is too small. If every visitor before 31 December gives just £1, it will have a significant impact on BAILII's ability to continue providing free access to the law.
Thank you very much for your support!



BAILII [Home] [Databases] [World Law] [Multidatabase Search] [Help] [Feedback]

United Kingdom Journals


You are here: BAILII >> Databases >> United Kingdom Journals >> Misunderstanding IT: Hospital cybersecurity and IT problems reach the courts
URL: http://www.bailii.org/uk/other/journals/DEESLR/15_4891.html
Cite as: Misunderstanding IT: Hospital cybersecurity and IT problems reach the courts

[New search] [Printable PDF version] [Help]


Misunderstanding IT: Hospital cybersecurity and IT problems reach the courts

Harold Thimbleby

DOI: http://dx.doi.org/10.14296/deeslr.v15i0.4891

Abstract


The corruption of patient data in a hospital prompted a criminal investigation, resulting in approximately 70 nurses being disciplined, with some charged with wilful neglect contrary to the Mental Capacity Act 2005. Some nurses received custodial sentences. This paper explains the background. The paper demonstrates the inability of hospital information technology (IT) systems and management to provide reliable evidence and highlights broad problems with poor IT culture affecting manufacturers, hospitals, police, lawyers, and advisors - all the way through to regulators and legislators. Widespread misunderstandings of IT and data compromises both the provision of effective care and legal processes.

This paper includes recommendations, the most urgent being that hospitals (the UK National Health System ('NHS') and other national healthcare systems more generally) should acknowledge that IT is unreliable, and that they should procure and actively manage IT equipment with this in mind. Keeping up-to-date with legal issues relating to IT generally, as well as keeping up-to-date with cybersecurity measures should be routine.

The NHS needs to improve its IT maturity, management and policies. The police, the legal system and regulators also need a more mature approach to IT. Manufacturers are not currently providing dependable systems that are fit for purpose to operate safely and reliably in normal, complex hospital environments. All parties should engage qualified external oversight.

Index words: National Health Service, United Kingdom, State Medicine, cybersecurity, information technology, medical ethics



BAILII: Copyright Policy | Disclaimers | Privacy Policy | Feedback | Donate to BAILII
URL: http://www.bailii.org/uk/other/journals/DEESLR/15_4891.html