Fit to practice

The recent unsuccessful bomb attempts in central London and at Glasgow Airport uncovered the worrying fact that many of those involved were doctors and employed by the National Health Service in positions of authority and trust. The subsequent front page stories have led to considerable speculation and discussion about the link between the terror suspects and their employment in the NHS, posing the question: “Is the NHS carrying out sufficient background checking on its staff?”
    
Following the attempted bombings in June this year, Sian Thomas, deputy director of NHS Employers, said she wanted to reassure the public there were “thorough and robust checks” in place before doctors were employed by NHS trusts. Dr Edwin Borman, chairman of the British Medical Association’s International Committee, confirmed that, at present, foreign medical worker checks are carried out in a three stage process with a Home Office check, a General Medical Council ‘fitness to practice’ check and a criminal record check, which is carried out by the individual employer. There is clearly a requirement to ensure that there is a consistent and co-ordinated application of processes in place.

Improved checks
With organised crime causing social and economic costs upwards of £20 billion to the UK each year1, there is evidently the need for more to be done to raise staff awareness of fraud and to improve the level of security checking of potential new employees, existing employees, suppliers, locums, contractors and consultants at all levels, not just for security clearance.
    
UK organisations spend millions investing in secure IT systems and building security, but still remain vulnerable to increasing threats from within their own organisations due to the lack of employee background checks. The NHS is no less likely than any other sector, public or private, to be exposed to these same risks, so precautions clearly need to be taken.

Money invested
In contrast to the amount of money spent on other areas of security, comparatively little is spent on independent staff recruitment procedures. There are far reaching ramifications of employing the wrong or ‘rogue’ staff, which are potentially fatal to the NHS, its patients and its customers. The actual risk in such situations can be extremely costly, both financially and to the reputation of the organisation, as it allows individuals to get behind its security defences, rendering those defences ineffective.
    
Even though the Data Protection Act 1998 clearly states that proper weight should be given to the discretion and integrity of staff when they are being considered for employment, organisations often do not give enough consideration to the potential liability from internal data security violations until it is too late. You only have to look at recent headlines relating to data theft to confirm that it is not a hypothetical problem.

Managing fraud risk
The most recent HM Treasury Report reveals that 26 government bodies reported 780 cases of internal fraud or theft in 2005/06. That’s a worrying statistic for these agencies, particularly since the report also highlights the fact that a high proportion of organisations did not have measures in place to effectively manage fraud risk and respond to fraud when it arose.
    
Unfortunately, many organisations fall in to the trap of burying their heads in the sand or thinking that it is too difficult to assess the trustworthiness of prospective and current employees. In fact, there is much organisations can do to improve their processes and to minimise the risk of employee fraud.
    
Many candidates rely on the senior executives responsible for recruitment not checking up on what they put in CVs or, on applications, or say at an interview, and take this opportunity to embellish or completely re-invent the truth. For candidates, it is much easier to get away with this if the background checking processes are not as comprehensive as they should be. Even if the applicant does not tell an outright lie, unless specific questions relating to the embellishment or re-invention are asked at the application stage, they may omit important information about their background, thus misrepresenting the truth. And this one point could prove critical in the future.

Outsourced checks
The detailed checking of applicants’ CVs has become a specialist outsourced service and is key to minimising the risks of such lies and embellishments and, therefore, crucial to the all-important safety of NHS assets, information, patients and customers. It is important to realise that any such service provider is a professional, independent and trusted organisation - particularly important when considering the nature of the NHS.
    
As the challenges facing all employers continue to mount, use of temporary staff is rising, and collusive and organised crime is on the increase. The solution is simple; the critical need for dynamic and effective background checking must be recognised and reasonable steps taken to ensure that such measures are in place to help protect themselves, patients and customers from the increasing reality – and likelihood – of internal employee fraud or misrepresentation.

How to check
Top ten tips for recruitment into the NHS:

• Do be aware that the best liars are the best interviewees

• Do be aware that 28 per cent of CVs contain serious inaccuracies

• Do check the current validity of qualifications

• Do treat contractors and temps with the same rigour you treat permanent employees

• Do insist that suppliers of personnel adopt your background checking regime

• Do understand your statutory and regulatory requirements

• Do apply consistency in background checking – including internationally

• Do check all levels of staff, not just those requiring security clearance

• Don’t take any documents at face value

    
Overall, don’t keep it to yourself – be overt about background checking; it acts as a deterrent.

Notes
1. Source: HM Treasury Report 2005-2006:
An analysis of reported fraud in Government departments