Password sharing leaves NHS audit trail in tatters

Investigators have been unable to trace a doctor involved a medical blunder that ended in a patient's death because staff in a Devon hospital had been

Investigators have been unable to trace a doctor involved a medical blunder that ended in a patient's death because staff in a Devon hospital had been sharing computer passwords.

The case shows the incompatibility between the way doctors work in practice and the high security needed to protect large databases of confidential patient information under the £12.7bn National Programme for IT (NPfIT).

Password sharing in the NHS is said to be endemic in the NHS partly because space for computer screens in wards is limited, as is time for clinicians to log in and out.

The case centres around the death of Muriel Elliott, who was admitted to Derriford Hospital in Plymouth last year after suffering a stroke following heart by-pass surgery. She died thirteen days after medical staff wrongly inserted feeding tube into her lung instead of her stomach.

A hospital investigation has been unable to identify the doctor responsible for viewing an electronic x-ray image. The doctor allegedly told nursing staff that the nasal gastric tube was in the correct position before Muriel Elliott was transferred to the Acute Stroke Unit.

The doctor who checked the position of the tube had not made a record of it in the patient's notes. And the doctor whose password was used to view the stored x-ray image was not working at the hospital at the time, it has emerged.

The hospital uses a picture archiving and communication system (Pacs) and "Cris" Radiology Information System which were installed in 2006 under the NPfIT. The Pacs system is linked by the N3 broadband network to a remote data store, with access to images through workstations and web-based PCs

The local police's "Major Crime Investigation Team" is now investigating.

Brian Gerrish, Mrs Elliott's son-in-law, told the BBC, "This is absolutely incredible Derriford does not know who the doctor was that made a clinical decision that resulted in a death and it's possible it could have been somebody who just walked in off the street, because they have no idea."

A statement issued by Plymouth Hospitals NHS Trust said, "The trust has stringent policies and guidelines concerning patient confidentiality and the use of its IT systems. We expect all staff to work according to these policies and any breach of security is investigated and appropriate disciplinary action taken whenever necessary.

"This case has been subject to a full investigation within the trust and the results and recommendations of that investigation have been shared with the coroner. The case has recently been referred to Devon and Cornwall police and enquiries are at an early stage. At this time it is not appropriate for the trust to comment further."

NHS Connecting for Health said, "Individual users set their own passcode which may not be shared with anyone else. Password sharing represents a misuse of a system and the Department of Health published a joint statement along with the GMC and the Information Commissioner, which made it clear that from policy, professional and legal perspectives there is zero tolerance on such behaviour."

Officials at NHS Connecting for Health who help run the NPfIT have said many times that national systems are more secure than paper records, in part because audit trials show who has viewed what patient records.

For more detail on this story see Password-sharing hinders probe into serious blunder on Tony Collins' IT Projects blog >>

Read more on IT legislation and regulation