Main

F. S. Ryan, M. K. Cedro, S. Pabari, L. Davenport-Jones and J. H. Noar British Dental Journal 2009; 206: E4

Editor's summary

Data protection is a phrase that we are all aware of at some level; all dentists will know that they have a responsibility to protect their patients' data, for example. But how many of us are familiar with the nitty gritty of data protection legislation?

This paper had two aims: to review the current data protection legislation and guidance, and investigate the knowledge of this guidance among clinicians in a teaching hospital. The review was illuminating: the authors discovered many areas where a combination of policy and clinical judgement needed to be exercised by clinicians, as absolute guidance could not be given. Some guidance documents were found to be lengthy and complicated and they often contained conflicting information. In addition they found that many guidance documents referred to 'locally agreed policy' that did not exist or was unpublished, and that exemptions and exceptions apply to many principles but were not specified.

Given the confusing and complicated state of existing guidelines, it would be unsurprising if clinicians' knowledge of data protection was basic at best. However, the overall correct response rate for the questionnaire in this study was 73%, which is encouraging, although below the 90% correct response rate the authors had set as the audit standard. As the authors point out, this seems to be mainly down to good clinical judgement rather than knowledge of the guidelines and there is room for improvement. It is vital that dentists keep up to date with legislation and policy on data protection, as their duty of confidence to their patients is both a legal obligation and an ethical requirement, and may also be included as a specific requirement in NHS contracts.

As a result of this study, concise, locally agreed guidelines are being drawn up for the authors' department and it will be interesting to see the results when this audit is repeated after the finalised guidelines are distributed. It is to be hoped that this paper will provide a stimulus to all readers to familiarise themselves with the published policy and guidelines on data protection; while clinical judgement can go a long way, it cannot substitute for a thorough knowledge of dentists' responsibilities in this area.

The full paper can be accessed from the BDJ website ( http://www.bdj.co.uk ), under 'Research' in the table of contents for Volume 206 issue 2.

Rowena Milan, Journal Editor

Author questions and answers

1. Why did you undertake this research?

While carrying out day-to-day clinical work, administration or research, the issue of confidential patient data management crops up time and again. Keeping patient identifiable information confidential is a legal, ethical and often contractual obligation for all members of the dental team. However, current legislation and guidance is often vague, wordy and difficult to interpret, with many exceptions which are not actually listed. This study was carried out to assess clinician's knowledge of this important and ever-changing area and to increase awareness of information governance issues.

2. What would you like to do next in this area to follow on from this work?

Following on from this study, local guidelines have been produced for and distributed in the department in which this research was carried out. The results of the audit have been presented and seminars on correct and current legislation and procedure will be conducted to increase knowledge and understanding of information governance and local policy within the unit studied. It is planned to re-audit the same clinicians six months following publication of local guidelines to assess if practice has improved since the initial study.

Comment

The correct management of confidential patient information is an important principle of clinical governance that all dentists, whether working in primary or secondary care, must understand and adhere too. The aim of this hospital-based study was to audit clinicians' knowledge of the management of confidential patient information and of published guidelines. A useful review of some of the issues surrounding information governance is also provided.

A multiple choice questionnaire was designed, piloted and administered to 37 dental staff, covering all hospital grades, within the orthodontic department of a large central London teaching hospital. A response rate of 100% was achieved. The results of the study showed that overall the clinicians' knowledge of information governance was good, with an overall correct response to questions of 73%. However, areas of deficiency in knowledge were highlighted that maybe common to all dentists:

  1. 1

    Generally, knowledge of data protection of information stored on computers appeared to be poor. For example, 55% of respondents were unaware that patient data should be stored on a computer no longer than necessary according to the Data Protection Act, 1998. Sixty-three percent of respondents were not aware that anonymised research data is exempt from the Data Protection Act.

  2. 2

    When questioned about postal correspondence, a large number of respondents (63%) were unaware that all letters should be marked strictly private and confidential and any NHS/practice logos and addresses must not be visible.

Although this study found that clinicians' knowledge and practices of information governance principles was good, there are several areas where knowledge was deficient. It is important that all practitioners are aware of their ethical, legal, and contractual obligations towards the protection of patient information.