Privacy in clinical information systems in secondary careCommentary: Let's discuss wider social and professional issuesCommentary: Organisational and cultural aspects are also important

Privacy in clinical information systems in secondary care {#article-title-2} Two years ago Sunday Times reporters were able to gain access to the private medical records of Dr Sandy Macara by paying a small fee to a commercial agency. As computerised clinical information systems that are capable of holding large amounts of high quality information become more widespread in NHS trusts, the privacy of patient information is becoming an increasingly important issue. Lack of privacy can be damaging to both the patient and the organisation concerned. For example, Barber cites the following problems1: In the BMA consultation document Security in Clinical Information Systems Anderson identifies nine principles governing the design of a clinical information system meeting the requirements for patient privacy.2 Doubts have been raised about the feasibility of adopting the code for governing access to patients' electronic records in secondary care. Our experience is that the principles are achievable. This article is based on our experience of a large scale clinical information system in use in three British hospitals—Conquest Hospital, Hastings; Aintree Hospital, Liverpool; and Royal Devon and Exeter Hospital, Exeter. We describe the approach taken to ensuring control over access to confidential patient information on the basis of expected relationships between staff and patients. ### Summary points