skip to main content
Close Icon We use cookies to improve your website experience.  To learn about our use of cookies and how you can manage your cookie settings, please see our Cookie Policy.  By continuing to use the website, you consent to our use of cookies.
Global Search Configuration

Ovum view


During my mother-in-law's recent stay in a UK hospital, it was business as it always has been as the hospital breached the new General Data Protection Regulation (GDPR) by placing patient medical records at the end of the beds where they could be viewed by all visitors to the ward and by other patients.

Hospitals must adapt in order to comply with GDPR or face fines

GDPR is not just relevant to enterprises that handle personal information; it also applies to public sector bodies, including hospitals. Any information that identifies individuals must be kept secure, but in the case of hospitals, that information also includes details of medical conditions and treatments. In the past, medical records were stored on the ends of the beds of patients so the medical staff had easy access to them. Although this is changing as hospitals modernize, the pace of change is slow in some hospitals and needs to accelerate. Patients have the same rights to data privacy as any other person conducting business with a company or service provider. Once patients are discharged, their records must be removed immediately. That is not always the case, however, and records can remain at the end of an empty bed for some hours after a patient has been discharged.

If medical records need to be stored at the foot of beds to allow staff easy access, then they must be stored in a way that members of the public are not able to view them, perhaps in lockable folders that only staff can open. Hospitals, like any organization, should be reducing paper volumes by moving to electronic methods of recording information, but the cost of providing sufficient electronic devices on which to store patient data may be too high. Any initiative to keep medical records secure will undoubtedly cost money at a time when the National Health Service in the UK is under pressure, but the protection of patient data and compliance with GDPR is paramount. Cultural change is needed to ensure that hospitals manage patient records in an appropriate fashion.


Further reading

"Failing to capture paper documents increases risks for enterprises," INT002-000075 (February 2018)


Sue Clarke, Senior Analyst, Data and Enterprise Intelligence

Recommended Articles

  • Consumer & Entertainment Services

    US pay TV: Is it facing an existential threat?

    By Adam Thomas 28 Mar 2018

    With US pay TV having endured the worst year in its history, thoughts have inevitably turned to the future. The likelihood remains that the immediate future will remain highly uncomfortable for everyone except the scaled multinational digital platforms.

  • Enterprise Decision Maker, Enterprise IT Strategy and Select...

    2017 Trends to Watch: Big Data

    By Tony Baer 21 Nov 2016

    The breakout use case for big data will be fast data. The Internet of Things (IoT) is increasing the urgency for enterprises to embrace real-time streaming analytics, as use cases from mobile devices and sensors become compelling to a wide range of industry sectors.

    Topics Big data and analytics IoT

  • Enterprise Services

    5G: Another technology in search of enterprise use cases

    By Evan Kirchheimer 26 Apr 2018

    Service provider interest in justifying 5G investment through its potential to open new revenue streams from the enterprise segment is growing ever greater.


Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700

Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

Email us at

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 788 597 5160 or email us at

Contact marketing -

Already an Ovum client? Login to the Knowledge Center now