IT security in private medical practices: What you need to know 

IT security in private medical practices: What you need to know 

This year has seen some significant IT security breaches in both the public and private sectors. From the WannaCry ransomware attack on the NHS to smaller, but no less distressing, attacks on private medical practices, these stories have received heavy media coverage. As a result, it’s likely that public awareness of these kinds of cyber attacks has increased and that patients will quite rightly expect clinics to have effective IT security systems in place to protect their data. This week, we’ll be taking a look at why hackers target medical information, and what practitioners should be doing to make sure their practices are safe. 


Why is personal medical data so valuable? 


Hackers target healthcare organisations for a number of reasons. For a start, large healthcare organisations – such as the NHS – are considered an easy target due to the sheer number of email accounts associated with it. In addition to this, the type of personal information held by these companies and organisations can be used to demand a hefty ransom. Earlier this year hackers stole over 25,000 photographs, and other personal information such as passport scans and National Insurance numbers, from the database of a Lithuanian cosmetic surgery clinic. The ransom demanded was up to €2,000 (in bitcoin). This information can also command a high price on the black market. “On the black market, medical record information can cost up to 50 times more than credit card information,” says David Schluter, Managing Director at Fluid IT . “Unlike credit card information, it can’t be changed easily and can be key in staging ID fraud,” he continues. “It can be used in a broad range of fraud; fake insurance claims, financial fraud, and cyber criminals can even use it to purchase drugs online and then sell these on the black market.” 


How can practices improve IT security? 


There are many things practices can do to improve IT and data security, and education is a huge part of this. 


“Medical practice staff need to really understand the value of this kind of data,” says Schluter. “It’s important to take data security very seriously as the risks can be enormous, but there are many excellent resources available to help managers support and educate their staff.” There are frameworks and toolkits available through online sources such as the ICO, or Cyber Essentials, all of which can guide the development of company policies and training. These resources can also help prepare staff for the enforcement of new data protection regulations next May (the EU’s General Data Protection Regulation). 


In addition to this, there are other ways to improve IT security: 


  • Communicate regularly with staff regarding potential threats. For example, discuss how to spot suspicious links from unknown sources, explain the impact an attack could have on the practice, and emphasise staff obligations in relation to company equipment. 
  • Cyber liability insurance will provide cover for various scenarios; mandatory data breach notifications, investigating an incident, notifying data subjects, legal costs and regulatory fines.  
  • Work together with law enforcement agencies. This will help to disrupt hackers’ plans, and sharing threats and vulnerabilities means that others can benefit from this information.
  • Encrypting emails and documentation containing personal information. “Devices should also be encrypted,” offers Schulter. “This offers an additional layer of protection, and makes it much harder for criminals to steal information. However, an encryption expert should be consulted before a practice implements this to ensure it has been designed in a way that suits the business.” 


Beyond cyber crime 


Cyber criminals are becoming more effective and more organised, so it’s a good idea to think beyond the capabilities of your IT systems to combat the threat. An all-inclusive approach to IT security is required. Secure systems need to be backed up with policies and procedures, so staff know what their responsibilities are in terms of data protection and security. 


The risk of security breaches does not only come from cyber criminals, as a prestigious US cosmetic clinic found out earlier this year. A member of staff stole as many as 15,000 medical records, including medical photographs. Whilst the team member’s actions are now the subject of a police investigation and it is not clear what became of the information, this case goes to prove that data safety is not just a matter of having the most up-to-date antivirus software in place. 


Cyberattacks are unfortunately not preventable, and it is sadly a threat that all companies – not just those in the healthcare sector – face. They can affect thousands of people (this year’s major WannaCry attack impacted around a quarter of a million computers across the globe) and can disrupt vital services. It’s crucial for anybody working in the healthcare sector to recognise this danger, and working in line with their organisation’s IT policies can help to minimise the risk of being hacked. 








10 tasks you will undertake as a medical secretary 

10 tasks you will undertake as a medical secretary 

Are you thinking of becoming a medical secretary?  


Do you have administrative experience, an interest in medicine, and great communication skills? If so, a career as a medical secretary could be ideal, but what exactly would you be doing? DMED blog takes a look at 10 tasks you will undertake as a medical secretary… 


  1. Audio typing 

    Transcription can be tricky, especially if you aren’t familiar with the specialty, or the clarity of the audio is poor. But chances are that once you settle into a role it’ll be second nature in no time.  

  2. Proofreading 

    Some practices outsource their dictation. In this case, your role in preparing documents is to ensure their accuracy and make sure they represent your practice. They should look professional, be error-free and include all relevant information. 

  3. Diary management 

    Whether this is for your consultant’s clinic, theatre sessions, or non-clinical engagements; you will soon know your way around your practice’s various booking systems and diaries. 

  4. Patient liaison 

    You are the practice’s first point of contact. The first person a patient speaks to will more often than not be you. A pleasant, approachable manner is key. You should keep in mind, however, that some people may be dealing with complex and upsetting situations. Dealing with queries in a sensitive manner is therefore essential. “It takes good interpersonal skills to be able to deal with patients in these situations, ” says Monique Van Der Berg, a member of the Designated Medical team. “You have to remain calm, listen and offer support.” 

  5. Medical supplies

    Depending on the size of your practice and the set-up of your facility, stock control may be your responsibility. You’ll develop knowledge about medical devices, clinical equipment prices and develop skills in supplier management. 

  6. Managing expectations

    As hard as consultants try, there will undoubtedly be occasions when clinic is running late. This could be because theatre has overrun, or a consultation took longer than expected. Waiting patients can quickly turn into unhappy patients, so make sure you keep them in the loop by being up front about the situation. “I believe if you are honest and up front with patients then they are more likely to understand the situation,” offers  Joanne Packwood, a Designated Medical Secretary. “After all, we are all human and sometimes certain situations cannot be helped.” 

  7. Billing & insurance company liaison

    In private practice, a medical secretary will have regular dealings with insurances companies to obtain authorisation for procedures and to coordinate payments. There will also be self-pay patients to deal with, so it’s important to treat sensitive information such as credit card details confidentially. 

  8. Keeping patient records secure

    Working in a medical space, you will be legally obliged to keep all personal information secure. Access to this kind of data should be restricted only to those who need it. Furthermore, new regulations on data protection will be enforced from May 2018. For more information, read the DMED blog on GDPR and what you need to do to make sure your practice is ready. 

  9. Healthcare information

    Whether this relates to practice information about appointments and prices, or leaflets explaining different medical conditions, you will be dealing with healthcare information in some form or another. You may even be tasked with writing the content yourself. 

  10. Liaising with other healthcare professionals

    It’s rare that a medical practice will be completely self-contained. The chances are that you will be liaising with and working with other facilities. This could include staff from other consultants’ offices, hospital staff, and insurance company staff. Everyone’s needs and requirements might not always align, so having good communication skills is absolutely vital. 


Working as a medical secretary means you have the opportunity to make a real difference in patients’ lives. In addition to this, there are opportunities to develop professionally and great prospects for progression.  


Designated Medical regularly recruits for new team members, and if you are a consultant looking for business support we have an experienced team of medical secretaries available with a wide range of skill sets to suit your practice needs. So, if you’re thinking of taking on a new role, or you’re looking for a highly skilled medical secretary, why not get in touch? 



E for easy learning: top healthcare podcasts

E for easy learning: top healthcare podcasts


Jane Braithwaite shows how to make the most of the world of podcasts at your disposal.

Our busy lives mean that we do not always have the time to sit down and enjoy listening to and watching the things we are interested in. Who among us is not guilty of recording and downloading TV programmes and never getting around to watching them? Perhaps this is the reason why, according to Radio Joint Audience Research (RAJAR), podcasts are now downloaded by more than 4.5m adults in the UK alone.

Podcasts can be neatly described as online radio broadcasts on demand, with the word ‘podcast’ itself being a combination of ‘iPod’ and ‘broadcast’.

Users can subscribe to online channels and have episodes of their favourite podcasts – available as both audio and video broadcasts – automatically down­loaded to their devices, much like a subscription to a journal or magazine.

Of course, for many people, listening to a podcast is not a necessity but a pleasure, and a quick look at iTunes shows the huge number of podcasts classed as comedy or games and hobbies.

Well-known organisations such as the BBC offer a large library of programmes. Whether you are after drama, sport, politics or factual programmes, all tastes are catered for and the online homes of radio stations such as talkRADIO also hold archives of their popular programmes.

However, for a busy private medical practitioner, podcasts can be an opportunity to catch up on developments in their area of expertise or in healthcare in general, and even clock up some valuable hours for continuing professional development (CPD) requirements.

Continuing professional development

The GMC considers CPD to be any learning outside of undergraduate or postgraduate courses that supports doctors in improving and maintaining their performance, which includes both formal and informal learning.

So as well as being a way to update yourself on industry developments, podcasts can also be a valuable tool when it comes to education and CPD.

Many of the royal colleges recognise the importance of e-learning and also recognise the benefits of podcasts.

Several of these institutions publish regular free content for their members.

Some sources are also freely available to non-members – the Royal College of General Pract­itioners, the Royal College of Emer­gency Medicine, and the Royal College of Psychiatrists, for example.

Their online libraries are extensive and of high quality. RCPsych, for instance, has an online library of over 100 peer-reviewed podcasts to support CPD on the go, providing a great source of information to help members improve their knowledge, hone new skills and keep up to date with new research.

Another example is the RCGP, which runs a programme that contributes to CPD: the Essential Knowledge Update programme.

Ideal for the busy GP, this programme’s podcast provides practitioners with a biannual update that focuses on the very latest updates in terms of regulations and information and provides GPs with support in terms of how to apply new knowledge in the clinical setting.

These podcasts usually feature the authors of the programmes modules, whose knowledge of the subject helps to provide a deeper level of expertise.

As well as being a great way to address the learning and development needs of a medical practitioner, these podcasts are a cost-effective source of learning.There are, of course, costs associated with society membership, so why not take advantage of all the sources these prestigious organisations have to offer?

Top talent

When the topic at hand is developments in healthcare and the podcast is being listened to with a view to being educated, it is imperative that the content is of high standard.

In addition to royal colleges, there are many high-profile organisations that produce podcasts; The Lancet, TED Talks, British Medical Association, the British Medical Journal and the New England Journal Medicine to name but a few.

These organisations can attract top talent and field experts, and can be an invaluable source of information for anyone in the healthcare industry, from medical students revising for exams to consultants looking to maintain their level of knowledge.

Utility, versatility, accessibility

So we have established that the information is available and the standard is high, but what other factors can be taken into account? Why are podcasts so popular and why are they particularly useful to medical professionals?

Research carried out in 2010 by Schreiber et al has suggested that although there does not seem to be a real difference in terms of information retention, face-to-face learning is preferred in relation to engaging with the expert/teacher. But podcasts have an undeniable benefit in terms of reinforcing learning and accessibility.

Other studies, such as Ruiz et al’s 2006 examination of e-learning in medical education, support this.Their findings indicate that satisfaction rates are higher for e-learning in comparison to traditional learning, with factors such as ease of access and use being a major factor.

In addition to this, research conducted by the investment intelligence firm Edison gives weight to the idea of ease of access being a key factor in utilising audio technologies. It suggests that a third of all podcasts are listened to while on the go when travelling or commuting, or when carrying out other activities.

So commuting is suddenly an opportunity to catch up on the latest developments in healthcare. Taking the dog for a walk can now double up as prime time to listen to that documentary on rare diseases that you missed last week.

Of course, for today’s busy private practitioner, this is where the true value of listening to educational podcasts lies. Whether it is a bite-sized update on data governance regulations or a lengthy debate on topical healthcare issues, taking in the information can easily be done at the same time as making dinner or a gym session.

And this is the beauty of the podcast: the fact that it can be accessed anytime and anywhere. And when this is considered alongside high-quality content, there really is no better way to maintain one’s knowledge in the context of a hectic and busy schedule.

How to get the best out of podcasts

    • Set achievable goals. What do you hope to achieve? If you are listening to educational podcasts with a view to building up CPD hours, make sure you document your learning in some way. You could try collecting evidence of your learning by producing written reflections, for example.
    • Stay motivated. Consider putting together a schedule; set aside a certain number of hours per week to help you achieve your goal.
    • Consider materials published by journals. Do you subscribe to any scientific magazines or journals? If so, check out their websites for any downloadable podcast content. In fact, these are often available free of charge to non-subscribers too
    • Choose your app. There are many apps available to download that help you manage your podcasts. Take a few minutes to browse through your device’s app store and see what is on offer
    • Seek out peer-reviewed content. If you are a member of a royal college, take advantage of their online libraries. The content, including podcasts, is usually peer-reviewed and free of charge to members
    • Download your programme ahead of schedule. Who needs technical difficulties when time is of the essence? Avoid the issues associated with unreliable internet connectivity by download­ing your favoured podcast ahead of time. You are then at liberty to listen without buffering, glitches or even a sudden change in your own schedule
    • Consolidate your learning. Take advantage of other materials and sources that help to consolidate your learning. Some sources offer other online materials that allow you to test your knowledge retention; an ideal way to self-assess. You could also discuss your findings with colleagues, either offline or in online discussion forums
    • Put your learning into practice. Think about how can you apply your new-found knowledge to your everyday work
    • Be proactive. Try to stay attentive, asking yourself questions as you listen. If you are listening to a live podcast, you might have the opportunity to engage directly with the host, but if you are listening offline, try making notes – even if it is a mental one
    • Enjoy! With so many podcasts out there to choose from, you really are spoilt for choice. If you find you are not engaged with a programme, seek out something new

Jane Braithwaite is Managing Director at Designated Medical and regularly contributes to the Independent Practitioner Today publication.

[plsc_button url=”” target=”_self” color=”black” style=”flat” radius=”square” size=”st”]Download full article[/plsc_button]

Be a smart talker with patients

Be a smart talker with patients


Communications between many practices and their patients in this digital age need improving. Be a smart talker with patients.  Jane Braithwaite (right) says it is important for all of us to learn about the options now available and to take a view on which system might best suit our practice and our patients.

Communication with patients is key to all medical practices and there is an abundance of technology available to assist.NZIn a previous article about how to get more patients (‘Be more attractive’), we considered ways to use technology to communicate from a marketing perspective.This month, I discuss how we communicate with our existing patients to increase loyalty and improve their level of satisfaction with our service.Before we think about technologies to improve communication, we need to start by focusing on what our patients want, then we can have a sensible discussion about the right technology to fulfil those needs.

Let’s start by asking ‘What do patients want?’

We know what patients want when they visit their doctor. They want good eye contact, undivided attention and time to have a full discussion about their concerns and worries.

Patients also demand privacy and to be treated with respect. In the private medical world, these face-to-face interactions are critical, but we need to think carefully about the other aspects of the service we provide.

How does a patient want to book an appointment?

Is phoning the medical secretary the best option for them? If a patient has read an article in the press, how can they check out their concerns with their doctor?

Arranging follow-up treatment, getting a repeat prescription and dealing with the demands of the insurance companies are aspects that patients consider part of the service you provide as a doctor, so your team’s performance in these matters affects your reputation.

As a doctor, your reputation will be built on the overall service you provide and not just the treatment you give.

In their personal lives, our patients are using apps to do their banking, email to ask questions of their children’s school-teachers and online booking systems to schedule yoga classes.

In business, conference calls and Skype are used daily to communicate and avoid travel. It follows that these same people want and expect to have these options when communicating with their doctor as a patient.

What do doctors want?

Doctors want to maximise the time they have available to attend to patients. Most doctors do not want to spend time booking appointments, dealing with random questions and the ongoing demands of insurance companies.

These tasks are delegated to the medical secretary, who is a key member of the team and is building a good reputation with patients by delivering the services the practice’s patients need.

We also want to run our practices on a cost-effective basis. To do this, we need to ensure that practices are resourced well, but we need to take care that the resources are employed wisely.

Most practices still consider the phone to be the key method of patients communicating with them.

But handling large volumes of calls is difficult and some practices regularly have a voicemail message stating that the phones are so busy that patients should leave a message which will be replied to by the end of the day.

Many practice emails also return an automatic ‘out of office’ message to patients’ emails asking them to call, as the email may not be answered promptly. So the problem is exacerbated.

Research shows that most patients aged 50 and above prefer to use the phone to call their doctor, but younger patients would prefer to use email or book online. We should aim to meet both demands and at the same time reduce the administrative burden on our teams.

The benefits of using digital communications to communicate can be summarised as:

➀ To deliver the high-quality service our patients demand;
➁ To enable us to achieve number 1 in a cost-effective manner.

So we start by deciding which aspects of our service need to be improved and then consider how to achieve this.

Day-to-day communications

Many patients prefer email communications to phone and we should embrace this.

Email is convenient to patients, as they can write a quick note while on the Tube or in the evening when they have spare time. It is also more private than making a phone call.

Managing emails is much easier and cost-effective than managing phone calls, which are real time and intrusive. We should stop seeing emails as annoying and embrace this communication method. Written communications also have the benefit of providing a documented trail of the conversation.

So, I would advise you to cancel the ‘out of office’ encouraging patients to call you and replace it with one stating that a response will be provided within a certain time-frame so that expectations are set.

Then develop an email strategy with your team. Perhaps agree a process with your medical secretary so that all emails are responded to within four hours to ensure a timely response and avoid a follow-up call.

Online appointment booking

Tips on communicationMany patients are familiar with using online booking systems. For example, The Mind Body Connect app is used by 35m active consumers in 130 countries to book wellness services from fitness classes, beauty treatments to physiotherapy. Users can book an appointment, which is then automatically updated into their online calendar with address details and other information.

It is only natural that these same patients will expect this technology from their doctors in the very near future.

Most practice management systems offer an online booking system, and Doctify is continuing to develop this as a key benefit of its system.

You can, of course, develop your own facility on your website, but it is worth considering the pros and cons of this approach, especially the costs involved.

Dealing with ad-hoc questions

Between appointments, many patients ask question relating to their symptoms, medication and treatment plans. These can be time-consuming and often very repetitive for doctors to answer.

If you have embraced email, you have already made this more manageable and these queries can be answered in a standardised manner.

Patient guides can be prepared to answer the more frequently asked questions relating to medication and treatment plans.

These can be emailed out to patients to answer their question more fully. These same guides could also be used as blog articles or factsheets on your website.

Patient portals

There is much discussion about patient-centric care: patients taking more control over their own health information. Patient portals are a great way to enable this and there are various systems available.

It is important for all of us to learn about the options available and to take a view on which system might suit our practice and our patients best.

Jane Braithwaite is Managing Director at Designated Medical and regularly contributes to the Independent Practitioner Today publication.

[plsc_button url=”” target=”_self” color=”black” style=”flat” radius=”square” size=”st”]Download full article[/plsc_button]

Top tips for a medical secretary

Top tips for a medical secretary

Designated Medical’s Liliana Scott reflects on the skills a medical secretary needs, and gives tips on how to realise your potential.

When I started writing this blog I asked myself, what tips could I give to the fellow colleagues that might read this article to make their everyday work easier? I reflected on all the work we do and found myself surprised of all our talents…

Medical terminology, IT and administration

Not only we need to have excellent administrative and organisational skills, we need to possess good knowledge of medical terminology and be familiar with medical procedures. In addition to this, we also need to have an in-depth knowledge of a doctor’s diary and workload, medical practice management software and business practices.

Discretion, sensitivity and integrity

As well as hard skills, we need to have certain soft skills. A high level of discretion to maintain confidentiality in relation to sensitive information is key. A friendly attitude and the ability to work with minimal supervision is also crucial. Add to this the ability to handle pressure and meet deadlines, have people skills to handle patients, colleagues and other members of the public. We also need to understand the habits and personality of the doctors we work for and help them have confidence that any problem that arises during the day will be fully dealt with.

Top tips

Based on the above I have 3 tips to share to make your day go smoother:

  1. LOOK AFTER YOURSELF – For eight hours a day you focus on looking after other people. Regular self-care keeps us going. Most of us spend the majority of our day at our desks, so make sure you take a proper break from your workspace and take a breather. Taking breaks is extremely beneficial, both physically and mentally.
  2. REMEMBER THAT YOU CAN MAKE THE DIFFERENCE – There’s no doubt of the impact you make on patients’ lives every time you get to the office. People might not say how much you do for them but without you the place will be chaotic.
  3. MAKE AN HONEST ASSESSMENT OF YOUR STRENGTHS AND WEAKNESSES – Remind yourself of your own talents. The idea that secretaries are there to type letters suggests a lack of awareness of what medical secretaries really do. We do a lot! However, we can become complacent and do things in autopilot forgetting the importance of working to high standards. For example, soft skills are a big factor in the success of medical secretaries especially because of the frequent communication with members of the public. If you try to improve your interpersonal and listening skills at work, there’s a good chance it will pay off in advancement opportunities for you.

Our team here at Designated Medical are all highly experienced in the private medical sector, and can bring all these skills and more to your medical practice. For more information contact us on 020 7952 1008, or visit our website at

Author – Liliana Scott – Medical Secretary

January Stay Connected

Subscribe To "Stay Connected" our Monthly Medical Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!