Saturday, 8 February 2014

The pros and cons of sharing medical information

There is currently quite a debate going on about the sharing of medical records, 
both locally and nationally...

The NHS is currently informing its patients about its plans:

Sharing NHS medical records will be vital for improving healthcare

Research using anonymised medical records will help ensure the safety and efficacy of drugs, vaccines and medical devices

This month every household in England will receive a leaflet from the NHS. The leaflet – Better Information Means Better Care – explains the benefits of sharing your medical records and information about the outcome of NHS treatments you receive. The information will be anonymised and you can choose to opt out, but the more people's data is included the bigger the potential medical benefits to us all.

Sharing NHS medical records will be vital for improving healthcare | Dr John Parkinson | Science | theguardian.com

The website Patient UK [seen by the Times as the number one health website in a list of 50 Websites You Can't Live Without] has details:

Care.data - Sharing Your Information

Care.data is a new programme where information on GP records will be shared with the Health and Social Care Information Centre (HSCIC). This is to help the NHS plan and improve patient care for the whole country. GP surgeries by law have to allow this transfer of information (data). However, if you choose not to allow information about you to be shared, you can opt out. If you opt out, your GP can put a code on your records so they can’t be shared.

Care.data - Sharing Your Information | Health | Patient.co.uk

NHS Choices, the UK's biggest health website and online 'front door' to the NHS, has more:

Better information means better care

Using information about the care you have received, enables those involved in providing care and health services to improve the quality of care and health services for all. The role of the Health and Social Care Information Centre (HSCIC) is to ensure that high quality information is used appropriately to improve patient care.

NHS England has therefore commissioned a programme of work on behalf of the NHS, public health and social care services to address gaps in information. Our aim is to ensure that the best possible evidence is available to improve the quality of care for all.

It is important that the NHS can use this information to get a complete picture of what is happening across health and social care and to plan services according to what works best. The new system will provide joined-up information about the care received from all of the different parts of the health service, including hospitals and GP practices.

Your date of birth, full postcode, NHS Number and gender rather than your name will be used to link your records in a secure system, managed by the HSCIC. Once this information has been linked, a new record will be created. This new record will not contain information that identifies you. The type of information shared, and how it is shared, is controlled by law and strict confidentiality rules.

Sharing your data with the NHS - Health records - NHS Choices

Several medical charities are backing this project:

Health records of every NHS patient to be shared in vast database

The health records of everyone in the NHS will be pooled in a vast database which can be accessed by researchers and pharmaceutical companies. But campaigners warn it could breach privacy.

Today leading charities including Cancer Research UK, Diabetes UK and the British Heart Foundation launch a campaign to highlight the importance of allowing the notes to be accessed for the advancement of medical science.They say the database will help them understand the causes of disease, spot side-effects to new drugs and detect outbreaks of infectious diseases. Doctors have promised that patients will remain anonymous. But data protection campaigners have warned that individuals risk being identified and that the notes may be inaccurate.

Health records of every NHS patient to be shared in vast database - Telegraph

There are warnings that to opt-out of the information-sharing project would be counter-productive:

You’re selfish if you don’t share medical records, says top GP

Patients opting out of a scheme to share medical data for research are being selfish, according to a leading GP, who compared them to parents who refuse to give their children the MMR jab.

Dr Clare Gerada said that the “amazing and transformational” plan would save lives and could have headed off the thalidomide scandal. The former chairwoman of the Royal College of GPs says that it is scaremongering to think confidential medical records will be sold to insurance companies.

You’re selfish if you don’t share medical records, says top GP | The Times

Nevertheless, doctors are required to treat confidential information carefully:

Confidentiality and disclosure of health information tool kit

Shredded paperAs a doctor you face increasingly complex dilemmas arising from your duty to protect patient confidentiality.
The list of demands on you to give information to third parties is ever-growing - from insurers, the police, social workers, the DVLA and the relatives of deceased patients.
And there is growing concern at the implications of increased access to electronic patient information and the use of patient information for secondary uses such as audit, commissioning, payment by results, research and teaching.
Our tool kit is your starting point to find out the key issues to take into account when making decisions on confidentiality.
BMA - Confidentiality and health records

However, there is considerable disquiet about how this information will actually be handled:

Why your health secrets may no longer be safe with your GP

The NHS wants to share patient information on a huge database. Has government learned nothing from the privacy debate?

A few days ago, I dropped into my GP's surgery to pick up a prescription and was confronted by one of those large, floor-mounted pop-up displays that one finds in exhibitions, trade fairs and circuses. It informed me of an exciting new scheme by which the "quality of care and health services" would be "improved" by "sharing" information about the care I receive with those who plan health and social care services, as well as with "approved researchers and organisations outside the NHS".

Why your health secrets may no longer be safe with your GP | Society | The Observer

The former shadow home secretary David Davis MP has just raised fresh concerns. 
News from yesterday:

How safe will your medical record be online? 

David Davis raises spectre of Wikileaks over plan to put NHS data on web

But MPs, patient groups and doctors have lined up to warn that the scheme could put records at risk. Senior Tory David Davis said of the decision: ‘How many WikiLeaks lessons does this government need?’

Critics say an online system would be vulnerable to hackers, and sensitive medical information – such as life-threatening illnesses, mental health problems and sexual health issues – could be made public by accident.

The Conservatives pledged before the election to give patients the right to check and edit their NHS records online, and Chancellor George Osborne unveiled the 2015 deadline last month in his autumn statement. Patients will not be able to overwrite notes made by a doctor but will be able to point out mistakes or ask for a second opinion from their GP. The doctor could then change the records accordingly.

Yesterday the NHS Future Forum, a group of senior doctors who influence government health policy, backed the scheme.

The Department of Health estimates there will be significant financial benefits, because patients will make fewer visits to their GPs for consultations and for repeat prescriptions that can be obtained over the web.

But last night former Tory home affairs spokesman and leadership contender Mr Davis said the risks of the scheme outweighed the benefits.

He said previous IT failings, such as the loss by HMRC of the tax details of 20million people on an unencrypted disk and the secret U.S. cables obtained by WikiLeaks, had highlighted the danger of relying on computer systems. ‘This medical records policy is dependent on the security that surrounds it, but it is probably unwise,’ he said.

Indeed, these fears of easy access to centralised, computerised records are not new.
News from October last year:

Hackers target patient records

HACKERS are stealing medical records from NHS databases and using confidential information to blackmail patients, warned a cyber crime expert last night. They frequently target the rich and powerful who they see as having most to lose, according to Professor Carsten Maple, a member of the Information Assurance Advisory Council.

His warning came as the Sunday Express reveals that on average one patient a day has their medical records and personal data either lost or stolen. Figures from the Information Commissioner for the second quarter of 2013 reveal 91 data health sector security breaches.

Prof Maple said patients secretly battling “stigma”, diseases such as HIV and other sexual problems are vulnerable to blackmail.

The academic, who works with the Government and police forces to safeguard Britain’s IT systems, said hackers have also been selling patients’ names, phone numbers and addresses to cold-calling companies.

He said: “Cyber crime is rife at the moment, particularly online blackmail, which has rocketed. Hackers are breaking into hospital computer systems to steal valuable information held in confidential files. The gangs look for sensitive data and target wealthy businessmen or celebrities. Very few cases will be reported because victims do not want such sensitive information getting out.”

The biggest number of leaks are from the health sector. Local government is in second place with 57 data leaks in three months.

There are fears a new system of sharing NHS data with commissioners, research organisations and private companies will make patient records even more vulnerable.

Tory MP David Davis branded the new system “an enormous threat to privacy and patient trust”.

The Department of Health said: “We take the security of patient data extremely seriously.

There are specific steps to follow should you want to opt out:

How to opt out

*BREAKING NEWS 7 Feb 2014*

GP magazine Pulse reported on 7/2/14, “Patients who have opted out of the scheme will still have their records sent to the HSCIC stripped of identifiers” (see 4th paragraph from bottom of this article). This confirms something buried on page 9 of NHS England’s recently-published care.data Privacy Impact Assessment [PDF], which states:

Where patients have objected to the flow of their personal confidential data from the general practice record, the HSCIC will receive clinical data without any identifiers attached (i.e. anonymised data).

i.e. the intention is to still to extract information from the medical records of people who had opted out, just not with their NHS number, postcode, date of birth and gender attached.

This is not what any reasonable person would understand by opt out – if you opt out, noinformation from your medical record should leave your GP practice. We are working hard to resolve this and will let you know as soon as we can what is going on. If you want to be kept informed of latest updates, please:

Join our mailing list

Our newsletter is sent using MailChimp.
We will not share your details with anyone else.

If you haven’t done so already, our advice continues to be to opt out now. The codes applied to your medical record are the only mechanism by which your information can be blocked from extraction. Our job now is simple: we have to make NHS England and the HSCIC make the codes work the way they should and and do what millions of us have been told they would do.

As well as opting out, you may want to write to your MP about this.

While you are composing your thoughts, you might also want to watch this short film, ‘Keep My Secrets‘ that we think NHS England could learn from.

As of January 2014, NHS England is sending out a leaflet entitled Better information means better care (2MB PDF) via junk mail. It is not addressed directly to you as a patient and it deliberately doesn’t include an opt-out form. The leaflet says you should “speak to your GP practice” if you want to opt out. This is misleading and could waste your time and potentially waste valuable GP appointments.

All you need do is write a letter or download a simple form (link below) instructing your doctor to opt you out, which you can fill in and post or drop into your surgery reception for their attention.

Dr Neil Bhatia, a Hampshire GP, has written a leaflet with a tear-off form that you can use for yourself, your children and anyone for whom you hold enduring power of attorney:


Anonymous said...
This comment has been removed by a blog administrator.
Unknown said...

Is there any further reading you would recommend on this?

nhs patient

Jeremy Woodward said...

Thanks, Amela,
I've put another piece together, which looks at a) the FT worrying about how people's concern about sharing medical info will affect 'medical research', and b) the Info Commissioner demanding access to patient records to ensure 'data protection': http://futuresforumvgs.blogspot.co.uk/2015/02/nhs-caredata-how-much-data-should-be.html
Hope that's of interest.
Thanks again,

Molan Parker said...

This is a nice post. I would also like some other recommendation for readings related to it. If someone needs assistance with appraisal and revalidation LTP is the place to visit.