Friday, September 27, 2013

Alas medical confidentiality in the UK, we knew it well...

The UK government's disastrous plan to extract all our personal medical data from GP surgery systems and dump it in a, to say the least, inadequately controlled central database, has hit a speed bump.  It seems that the Information Commissioner's Office has decided to inform NHS England that they have not given GPs enough time to hand over the data legally.

Don't get me wrong. The ICO has no intention of blocking this government induced systemic national kneecapping of the Hippocratic oath and the principle of medical confidentiality. They merely want to give GPs more time to let people know it is happening. The government previously refused to fund a publicity campaign explaining they were collecting all UK electronic medical data into one big pot (or actually in practice several big central pots). NHS England did send GPs some posters and leaflets for display in surgeries though.

I'm being a little hard on the ICO here since, in fairness, his power to actually do anything about all this is limited by the way Part 9 of the 2012 Health and Social Care Act, which came into force in April 2013, has been written and additionally the 'get out of medical confidentiality free card' provided by Section 251 of the National Health Service Act 2006.

There are several aspects of this I've been tempted to rant about here for many months - in particular the misleading, false and/or delusional claims on the part of politicians that the data will be anonymised - but I've just had a terrific email from Terri Dowty at medConfidential who sums the situation up better than I could and I'm sure she won't mind me sharing it with you in full:
"Information that you share with your GP is about to be extracted from surgery records and stored on a centralised NHS system with your identifying details still attached. From there, it will be made available for administrative, research and other purposes. The government has claimed that your records will be ‘anonymised’ before they are handed over to anyone else, but this is not true. There are several circumstances in which data that identifies patients will be made available.

Once your information has been uploaded, neither you nor your GP will have any control over who it is shared with, who has access or what is done with it. You will not be consulted, nor will you be asked for consent. Uploads will take place automatically every month.

When you next visit your GP, you may see a small poster headed ‘how information about you helps us to provide better care’. This is how the NHS is explaining its plans to you and it is very misleading. It does not give you full details of the information that will be collected, and it claims that information will not identify you.

Further down the poster you will see the words ‘you have a choice’. What this actually means is: if you do not want personal and confidential information to be taken from your medical record every month, the onus is on you to opt out of the scheme. If you don’t do so, it will be assumed that you consent to the extraction.

You can download an opt-out letter to complete and send to your GP from the medConfidential website:
You will also find more detailed information about the scheme – known as ‘’ – on the medConfidential website.

Please tell all of your friends, family and colleagues about this scheme, or forward this email to them. It is very important that everyone knows they must take action if they don’t want their information to leave their GP’s surgery."
The government's plan, if you can call it that, is that data will be made available to researchers in universities, hospitals and commercial organisations.  There is now even a Health & Social Care Information Centre (HSCIC) data access and extraction price list. NHS England's chief data officer, Geraint Lewis, has however, reportedly suggested that the cost of access expanded HSCIC data sets should be reduced from from around £30,000 to a nominal £1.

I'd highly recommended you find 20 minutes in the next few days and read Terri Dowty's and Phil Booth's outline at medconfidential of the rather complex story at play here. It's yet another one of those government giant database cure for all ills stories. Another information system disaster in the making. Another careless metaphorical bullet through the head of a crucial societal value, this time medical confidentiality.

No comments: