110 likes | 258 Views
NHS Databases – The Big Opt Out. Ross Anderson Cambridge University and Foundation for Information Policy Research. The Story so Far …. 1910 – struggle over who owns medical records led to Lloyd George envelope
E N D
NHS Databases – The Big Opt Out Ross Anderson Cambridge University and Foundation for Information Policy Research
The Story so Far … • 1910 – struggle over who owns medical records led to Lloyd George envelope • 1992 – IM&T strategy ‘a single electronic health record available to all throughout the NHS’ • BMA pointed out safety, privacy problems • John Major sets up the Caldicott Committee (to report back after the 1997 election) • Caldicott documents many illegal information flows; HSCA s60 allows SS to legalise them
The Story so Far (2) • ‘Blair moment’ in 2002 – ‘Tony wants’ • The 1992 vision of the big central database is dusted off – NPfIT, CfH,… • Government really believes this is working and they now plan to roll out the same architecture to childcare, elder care, … • What are the implications for clinical safety and confidentiality?
Issues of Scale • Blair philosophy is that data will be accessible (MISC 31, ‘Information Sharing Vision’) … but … • You can have functionality, or security, or scale. With good engineering you can have any two! • We can live with the risks of a receptionist having access to the 6000 records in a practice – but if 1,000,000 staff have access to 60,000,000 records? • ‘Sealed envelopes’ won’t work (official!) • Secondary Uses Service will run unprotected for years – with a hope of eventual pseudonyms
Helen Wilkinson’s case • Helen is a practice manager in High Wycombe • She was wrongly listed as a patient of an alcohol treatment centre • She demanded the data be corrected or removed – officials wouldn’t / couldn’t • When her MP called an adjournment debate, Caroline Flint told Parliament it had been done • But it took several months after that (and the story continues…)
Extending NPfIT to Kids? • Children Act 2004 provided powers • Information to be shared between schools, police, social workers, probation, doctors… • The Children’s Index points to all services with data on your child • So schoolteachers will know if a child is known to social workers / police • Home Office systems will predict kids likely to offend • IC study by FIPR – this is unsafe and illegal
Opting Out • There are at least three central NHS system projects from which you can opt out • The first is the Population Demographics Service – the NHS master phone book. Get stop-noted if you really want to be ex-directory • The second is the Secondary Uses Services, which collects hospital data. You can tell your hospital you invoke your rights under Section 10 of the Data Protection Act
Opting Out of Uploading • The Government plans to hoover up all GP records early next year • BMA view: consent needed • Medix poll last week: 51% of GPs will refuse to upload data without patient consent • Ministers are dithering! • What do patients think?
The Joseph Rowntree Poll • In an ICM poll of 2,231 adults between 21-30 October 2006, view asked on central records database with no opt out strong support 12% tend to support 15% neither 14% tend to oppose 17% strongly oppose 36% don’t know 6% • Net opposition 53%
Conclusions • It’s not just the ID card database – the government is trying to centralise most data held on citizens by the public sector • This is unsafe and in some cases illegal • But we don’t have to wait for a change of Government or a European law case! • You can opt out of having your medical records uploaded – with the support of many doctors • The first step is to get the code ‘93C3’ on your GP record