Removing Your Electronic Medical Record

posted: 26/05/2009

NHS patients can now delete the electronic summary of their treatment from the new national medical database.

The decision represents a significant concession in data protection policy following talks between health service officials and the Information Commissioners' Office (ICO).

Until recently the Department of Health resisted pressure from sceptical patients and doctors critical of the security risks generated by confidential records being transmitted across the NHS broadband computer network known as the Spine.

Many people with HIV have significant concerns that news of their HIV status could become widespread or that the data could be made public, lost or misused.

Department of Health changes of mind

Only last month, officials described the cost of deleting individual summary care records (SCRs) from the system as prohibitive. The Department of Health had offered instead to "mask" or "suppress" unwanted files, making them difficult to access – a process that would nonetheless leave personal details on the database.

SCRs are being introduced as part of an NHS-wide initiative being rolled out across the country to provide clinical staff with information on those they treat.

Any doctor or nurse will have instant access to a summary of a patient's past medication, adverse drug reactions, allergies and conditions – which could be useful if that patient is unconscious or unable to recall vital details.

SCRs are also being used to record confidential treatment requests including end of life plans, where people ask to be allowed to die at home or enter instructions such as "do not resuscitate".

Bolton and Bury in first wave

Pilot schemes began in Bolton and Bury, and so far more than 280,000 SCRs have been created nationally. The Department of Health says that 98% of people who have had the advantages of SCRs explained to them are in favour.

But Dr Gillian Braunold, a medical director of the programme, acknowledged that "a significant minority" of people "don't want to have a summary care record". The new position, she said, was that "the deletion option is there if [individuals] are not happy … They can choose to have [their SCR] deleted physically."

The only exception would be if the patient's SCR file had already been used, in which case it would be archived for "medico-legal" reasons, she added.

A few rebel GPs have been encouraging patients to opt out en masse. There are worries that an individual other than relevant clinical staff could gain access to such sensitive data.

One Hampshire GP, Neil Bhatia, has asked the ICO whether it considers the SCR policy is consistent with data protection principles.

Opt Out or Delete

Connecting for Health (CfH), the NHS agency developing the records system, had already granted patients the right to opt out of the scheme at an initial stage – resulting in no SCR being created.

The latest complex issue concerned whether those enrolled on to the SCR database should subsequently have a right to have their file thoroughly purged from – rather than merely "masked" within – the system if they withdraw consent.

The dispute was resolved in talks between the Information Commissioners Office and Connecting for Health. The Information Commissioners Office has usually decided that personal information that is no longer required should always be deleted.
 

Source

York Hospital Loses HIV Notes

posted: 07/04/2009

Confidential medical records with details of 19 seriously-ill York Hospital patients were found in the street two miles away.

An investigation has now been launched about how the file, picked up by a passer-by, was lost.

The document revealed their name, age and medical history – with one person having HIV and syphilis.

The people affected were mainly elderly, except one 27-year-old. The hospital has apologised and is now investigating what happened.

HIV, confidentiality and stigma

Paul Ward, deputy chief executive of the Terence Higgins Trust said: "This breach is totally unacceptable. For anyone with HIV who is facing stigma, having personal information about their health being inadvertently made public is very worrying."

It could be difficult for a complex organisation like a hospital to get it right all the time, he added, but people trusted them.

"If there has been a failing we ask York Hospital to redouble its efforts to make sure it is able to ensure full confidentiality in the future."

Other patients had breast cancer, Alzheimer's, Parkinson's and multiple sclerosis. Handwritten notes found in the bundle gave details about their personal nursing care.

Mike Proctor, deputy chief executive of York Hospitals NHS Foundation Trust, said: "We take the protection of all patient information very seriously and we apologise to any of our patients and their families who may have been caused distress by this potential breach of their confidentiality."

The patients concerned would be contacted and reassured, he said. Policies on staff responsibilities for such information were clear. "We are appalled that details of this nature have been found outside the hospital."

He added that the trust was investigating the incident and would take appropriate action.

The papers were found by an unidentified person.

Source

Saved - Medical Data Confidentiality

posted: 09/03/2009

After eight healthcare organisations published a joint letter calling on the Ministry of Justice to rethink its data sharing proposals in the Coroners and Justice Bill, Justice minister Straw has bowed to the pressure over data sharing.

Jack Straw has now said he will scrap his controversial proposals that would have allowed patients' medical and DNA records to be shared with police, foreign governments and other bodies.

In a victory for civil liberties campaigners, the justice secretary bowed to public pressure over the data-sharing provisions in the coroners' and justice bill, which would have allowed public bodies to exchange data without the knowledge or consent of individuals involved. Doctors and the Bar Council had joined privacy campaigners in warning of the potential risks to public trust.

"Absolutely no part of the purpose of this legislation was to extend a Big Brother society - quite the reverse - but I understand people's anxiety," Straw stated. "I have never had a piece of legislation that was not improved by public debate during its passage through parliament."

He will now launch a fresh public consultation on how to implement more limited proposals from a review chaired by the information commissioner, Richard Thomas, which would allow government bodies to share information where there is clear benefit - for example, to ensure that bereaved families do not have to contact a string of official agencies to tell them someone has died.

The U-turn follows the Scottish government's decision late last week to withdraw support.
 

Medical Confidentiality Threat

posted: 16/02/2009

The confidentiality of medical records is under even more threat from government plans to relax laws on data protection, doctors' leaders have warned.

Dr Hamish Meldrum, chairman of the British Medical Association, said the profession was "extremely concerned" about legislation tabled by Jack Straw, the justice secretary, which would allow the Department of Health to share information on NHS databases with other ministries and private companies.

Health ministers have no immediate plan to make use of the power, which would give all Whitehall departments a fast-track procedure for getting permission to share data without parliamentary debate.

The NHS is years behind its timetable for putting everyone's medical records in England on to a national database known as the Spine. Ministers have given frequent assurances to patients that the information would only be accessed by healthcare staff who need it. However there are many, many examples of computerised medical and other data being lost or misused.

Health details might be shared for benefit claims

But Meldrum, chair of the British Medical Association, said people could not know whether future ministers or a future government would not share our private medical details with other departments. A future government might perhaps decide that it is administratively convenient to share details from your health records with the Department of Work and Pensions when you claim sickness or disability benefits.

According to the BMA, the trust between doctors and patients would be destroyed if Straw's bill, as it stands, became law.

In an interview, Meldrum said: "The bill gives any minister the right to access patient-identifiable information - and give others access to it. There appears to be no limit to what could be done with this information as long as the minister can make a vague ... justification, claiming that sharing the information is in line with government policy at the time.

"The doctor-patient relationship is built primarily on trust that information is given confidentially and will not normally be shared without the patient's consent. Once we go down the road where that principle can be breached, widespread possibilities could flow."

Hidden in Coroners and Justice Bill

The data-sharing power is included in clause 152 of the coroners and justice bill, which is mainly concerned with reform of coroners' courts and death certificates.

It would let any minister sign an "information sharing order" permitting the passing of data to another department, individual or company if it were "necessary to secure a relevant policy objective" and if the order "strikes a fair balance between the public interest and the interests of any person affected by it".

But doctors fear that in future ministers may see a public interest in making medical records available to vet recruits, or check people seeking benefits. Until now public bodies have not been allowed to pass on personal data - or let information collected for one purpose be used for another- without fresh primary legislation.

Only 3 weeks to object

Meldrum said he was not satisfied by the safeguard in the bill. This gives the Information Commissioner three weeks to comment on a data-sharing proposal, giving MPs an opportunity to vote it down. "I have not seen an argument why the [government] need this general power," he said.

Worried Information Commissioner

The Information Commissioner's Office, the independent authority for data protection, called for "much stronger safeguards in the bill to protect sensitive data, such as health records". If the Information Commissioner is worried, we should all be.

The Ministry of Justice said data would be shared only "in circumstances where the sharing of the information is in the public interest and proportionate to the impact on any person adversely affected by it". The Department of Health added it was "important to ensure that patient confidentiality is preserved and that patients consent to how their records are used".

Coroners and Justice Bill hides other surprises

This bill is a hotch-potch. Do not be deceived by the title given it by Jack Straw. It is a supermarket trolley full of bits of legislation that the government and the civil service want passed.

As well as

• allowing a minister to decree that an inquest should be held in secret to protect the state, or its relations with foreign powers,
• it removes exemption for "discussion or criticism" in the new offence of inciting hatred on grounds of sexual orientation;
• it makes changes to legal aid;
• it reforms bail in murder cases;
• it extends the law of child pornography to include non-photographic images; and
• it facilitates the sharing of personal data by all government departments.

As one commentator has pointed out - the strategy is clear. Secret inquests will draw the fire on the bill and then - conveniently - there will be no time to debate the huge issue of uncontrolled sharing of personal information between government departments and agencies.

As the Lords report on surveillance society stated two weeks ago: "The huge rise in surveillance and data collection by the state risks undermining the long-standing traditions of privacy and individual freedom which are vital for democracy."

Source 1

Source 2