With the introduction of GDPR (General Data Protection Regulations) hitting the headlines, and our inboxes (many times), NHS organisations have been focusing on the process of managing patient data. Yet, it would appear that critical employee data might be quickly ticked off the GDPR list without truly understanding the importance of long-term safeguards for this information.

Data may be held on a secure server and you probably have procedures in place to update the data, or manage a breech, but can your siloed systems cope with the level of employees in organisations and the number of changes to guarantee GDPR compliance of your personnel data? Only by introducing an automated system can the NHS effectively and compliantly manage staff data.

Data privacy toughens up

Data privacy has gained much attention across all sectors in recent months. How people are communicated to, as well as how their personal data is managed and stored has been prioritised by businesses. For the NHS this focus is critical, as it manages very personal patient data.

Yet, the regulations cover all types of personal data, including employee information, which for the NHS is a significant dataset and is constantly changing.

Central to effective management of staff data is ensuring that you have clear data visibility; identifying where it is stored, that it is easy to process and update, and have appropriate measures for security. The challenge faced by the NHS is that its personnel data is held in a number of systems – NHSmail, ESR and Active Directory.

Automating privacy

Only by creating automated links between these systems, can the NHS be confident that it is compliant to the new GDPR requirements. Automation removes the possibility of human error between the systems and speeds up the process, ensuring that accurate data is held across all systems.

Equally, it enables the NHS to meet its obligations to delete data immediately after a person leaves the organisation, so data is removed efficiently from all systems. For many NHS organisations, this task is still very time-intensive, relying on various people for different systems.

BDS Solutions’ Directory Manager has proven to reduce administration time spent on these tasks, building an efficient approach to managing data. By linking together ESR, Active Directory and NHSmail, the NHS can effectively safeguard itself against GDPR violations for the management of staff data, as well as freeing up valuable time spent on administration.

GDPR has created a significant amount of hype over external personal data, but it is important to remember that the legislation requires better management of your entire data-estate, covering internal personnel too. For employee information, this can only be effectively achieved by automating the interface between the various systems that house the data to ensure efficient and secure data management.

Find out more about BDS’s Directory Manager or get in touch.

Dedicated to continuous improvement in quality management and customer delivery, BDS Solutions has demonstrated an impeccable commitment to achieve ISO 9001:2015 certification.

Having held the ISO 9001 standard for Quality Management since 1999, BDS Solutions undertook a rigorous year-long review of procedures to move from the 2008 standard and ensure compliance to the 2015 requirements.

Audited in July 2017 by an external auditor, BDS Solutions was highly praised: “The auditor was complimentary about the processes we had in place and had no areas for improvement,” said Martin Weaver, BDS Solutions.

The focus of the new standard is on continuous improvement; BDS Solutions was able to showcase how it applies the standard’s ‘Plan-Do-Check-Act’ cycle. With customers, BDS Solutions always requests feedback on its service and delivery, ensuring that it follows up and learns from any feedback less than ‘good’.

Equally, as required, BDS Solutions demonstrated senior management involvement and knowledge in the quality and risk management processes, so that reliance and change is overseen from the leadership-level.

“Continuous change in quality management has been an ongoing commitment for BDS Solutions, so there were no massive changes,” explained Martin. “Our internal review showed that we needed to restructure our quality manual to fit the new ISO high-level structure, but much of the content was already in place,”

“Staff understanding of procedures is very high in the company. Risk management is an inherent part of our company culture, as is the cycle of continuous improvement. The ISO 9001:2015 enabled us to showcase much of the processes we already had in place and fine-tune others to meet new standards,” added Martin.

Finally, BDS Solutions demonstrated how it managed stakeholder and environment risks, so that business continuity is assured. This included both internal and external risks, ranging from the impact of employee, customer, and supplier issues, to changes in legislation.

As a customer-focused business, BDS Solutions ISO 9001:2015 certification demonstrates a dedication to ensuring a consistent and robust service to customers.

The nature of the National Health Service (NHS), with a multitude of applications and devices and an array of ways in which staff interact with technology, adds significant complication to managing and enhancing the vital systems used by the organisation.

However, there is widespread agreement that the NHS must make steps to digitalise and improve technology throughout. The idea of simplifying systems and creating a user-focused approach is an important step.

Complex change
An independent report, ‘Making IT work: harnessing the power of health information technology to improve care in England’, published by the government in September 2016 commented: “Many observers and stakeholders mistakenly believed that implementing health IT would be a simple matter of technical change – a straightforward process of following a recipe or a checklist. In fact, implementing health IT is one of the most complex adaptive changes in the history of healthcare, and perhaps of any industry.”

The level of complexity is huge. The NHS in a single Trust commonly manages multiple locations and vast numbers of applications to meet the needs across all departments. Adding to this, developments in devices and applications t is changing working practices and increasing reliance on technology. This development has resulted in more mobile devices requiring different levels of access. To put this in context, the NHS provisional statistics in September 2016 published the current headcount in the service to be nearing 1.18 million people. The vast majority will be IT users…an enormous task.

Simplifying operations
The solution is to focus on providing access to important systems, no matter the device, and streamlining operations. Complexity is reduced by reducing repetition and building system collaboration. Implementing solutions that bring together existing vital systems enables the NHS to have better control, from a clearer understanding of the operational performance of infrastructure, to visibility of data.

User service is another key benefit. Creating a user-centered design, does not only enhance efficiency, but also encourages better management of the data and improved access to key systems, reducing the possibility of errors. The systems in place must work for both the organisation, without forgetting the people who will be operating the applications.

Optimising systems and reducing complexity across the NHS can be achieved by integration and linking systems and access. This user-focused approach is an important step to ensure more effective staff, working practices and data.

BDS Solutions is a leading IT partner for NHS Trusts and organisations across the UK. BDS Solutions delivers reliable and efficient IT infrastructure that ensures secure access to vital NHS systems across multiple locations and devices for NHS staff.

Find out more by speaking with our expert team.