The Hospital Authority's patient data protection policies and security systems will be reviewed and a report submitted to its chief executive in three months. This was the message from the authority's Task Force on Patient Data Security & Privacy Chairman Stephen Lau after its first meeting today.

Mr Lau said the practice of frontline healthcare staff using advanced technology must be accompanied by adequate technical and administrative policy and procedures to protect the security and privacy of patients' personal data.

"To elevate their alertness in handling sensitive patient data it is important for Hospital Authority management to exert more educational and promotional efforts in enhancing the culture of all authority staff in the management and protection of patient data," he said.

The task force will advise the authority on appropriate upgrades to avoid data-loss cases.

The task force comprises authority board member Charles Mok, Computer Society President Sunny Lee and the authority's Clinical Data Policy Group Chairman Dr Chong Lap-chuen.

It will review the clinical and operational requirements for exporting clinical data in the authority and assess the mechanisms in place to protect the security and privacy of patient data. Upgrades to these mechanisms will be proposed.