As the NHS starts uploading patient records,
Michael Laffan asks if our medical notes are still safe
Confidentiality
takes on a whole new meaning when you are living with HIV.
When I was diagnosed I confided in a mate. Some mate! He told the world and
his wife. Suddenly I was paranoid about who knew, and terrified about anyone
else finding out. It felt horrible: it’s hard enough dealing with an
HIV diagnosis without it ending up as gossip.
If I’d been a teacher or a nurse life could have been really uncomfortable.
PN often hears from people who lose jobs or are forced to move home when their
HIV status is made public.
In an ideal world our privacy would be respected, and we would be in control
of who knew our status. But it’s far from an ideal world and people,
being people, like to gossip.
How many of us are truly open about our HIV status? It’s one thing to
tell a close friend, but would you really want workmates or your kids’
teachers finding out?
Those of us living in the anonymity of a big city might not worry too much
about people on our street finding out, but for those in small towns or rural
areas, places where people know each other’s business, this is a real
fear. Ignorance and prejudice are still alive and well, and living in the
UK.
Legal precedent
In 1988 a health care worker passed on confidential information about the
HIV status of two doctors to a newspaper. The newspaper planned to run a story
identifying the pair and disclosing the fact they were positive.
Fortunately the courts slapped on an injunction preventing publication of
this sensitive material, recognising that medical records, especially of HIV
patients, should remain confidential.
Special case
The 1974 Venereal Disease Act means GU clinics are treated as a special case
when it comes to confidentiality. Information must be treated as strictly
confidential under the law. This is what enables people to register and receive
care under false names.
However, a man in Bournemouth was recently convicted of reckless transmission
of HIV after a health care worker contacted police.
In several other prosecutions for reckless transmission, medical information
was disclosed to the police. In some cases the police did not even have to
obtain a court order. In one case, police trawled through a person’s
address book advising ex-partners to have a HIV test and to press charges.
This is a long way from us being in control of our own information.
NHS Spine
In the next couple of months, the NHS will start uploading the first patient
records onto a new central database, known as the Natonal Spine, in two pilot
PCTs.
This multi-billion pound NHS project will eventually hold medical records
for the entire population. Potentially there are huge benefits. If I’m
stranded away from home and urgently need a prescription, a doctor can access
my records and sort it out. If I’m involved in an accident and end up
unconscious, the team treating me will know about my meds, avoiding any clinical
cock-ups.
We will also be able to access our own medical records through a website called
Healthspace that will eventually allow us to book hospital appointments and
see information such as test results online.
At the moment no information from HIV clinics will be put on the database,
as it is all going to be drawn from GP and hospital records, but eventually
it is expected to include all medical records.
But does this mean my medical information will be available to anyone who
works in the NHS? All 1.2 million of them?
After considerable pressure the Government last month conceded patients should
be allowed to veto information about their medical history being passed by
their GP to a national database. Under proposals put forward by Patients Tsar
Harry Cayton, GPs would ask every patient to give explicit consent for a summary
of their records to be put on the national database, allowing time for amendments
or corrections.
Security
Connecting for Health, who manage the Department of Health project, propose
a higher level of security than internet banking and limited access on a need-to-know
basis.
A receptionist only needs to see very basic details to make an appointment,
whereas a consultant will need more in-depth access. Sensitive information
will be placed in electronic ‘sealed envelopes’ that can only
be opened with your consent or in the event of an emergency. It will also
leave a track detailing the person who accessed your medical record.
However, Professor Ross Anderson, an expert in security technology at Cambridge
University, has grave concerns about the database. Writing for The Guardian
he said:
“At present the law allows police access to health records that contain
evidence of a crime. But once the records of millions of people are on one
system to which a court will give access without GPs’ knowledge, the
police will be sorely tempted.”
Whose in control?
We’ve already seen one case where police have embarked on fishing expeditions
for information to prosecute a person living with HIV. While the law itself
has not changed, in practical terms it will make it much easier for the police
to trawl through medical records.
Professor Anderson also points out it will be “civil servants, rather
than doctors who set the trade-offs between medical privacy and other goals”.
Dr Chris Pounder, data protection expert with law firm Pinsent Masons, echoes
these concerns: “This could play into the hands of critics who argue
that once the NHS system is up and running, then the Department of Health
would be in a position to exploit the medical records for different purposes
in future.”
There is much talk of us sleepwalking into a surveillance society, where all
privacy will be sacrificed. This sounds like another crackpot conspiracy theory,
except it’s people like the UK’s Information Commissioner, Richard
Thomas, who are worried:
“It is pointless to talk about a surveillance society in the future
tense. We already live in a surveillance society,” he said.
This database will hold information that would be incredibly valuable to a
lot of people and organisations, such as drug or insurance companies, or tabloid
journalists. Such information needs serious protection.
And its not just technology experts like Professor Anderson who have concerns.
Even the British Medical Association (BMA) who supported the project are worried.
Many people concerned about the database have decided they would like to opt-out.
After all it’s our information. Or is it?
Big
opt out
PN reader Trevor was one of thousands of patients who protested to the Department
of Health about his medical information being transferred away from his GP
practice.
“I’m not against electronic patient records as such, but I was
very concerned that once my information left the GPs surgery, I’d have
no way back,” he said.
Trevor wrote to his GP asking for an opt-out back in October last year expecting
it to be straight-forward.
“I thought they would not be able to share my personal data without
my consent.”
But he was disappointed. More letters followed: to his MP and to the Department
of Health and even the House of Lords. The Department maintained Trevor had
no right to opt-out of the database.
“I was flabbergasted,” says Trevor. “I really thought I
could have a choice over where something as sensitive and personal as my medical
record was stored.”
Dr Hamish Meldrum, chair of the BMA’s GPs committee, fully supports
a patient’s right to opt-out:
“Patient’s must be able to retain the right not to have their
data uploaded in the first place. We want patients to have confidence in the
system but denying patients this right will only undermine that process and
is totally unacceptable.”
This issue came to head last month, when the BMA’s negotiator on IT
issues Dr Richard Vautry questioned the legality of the department’s
position:
“If they [the Department of Health] insist on this position, which we
think is untenable... we would advise GP practices not to get involved in
uploading any information to the summary care record, and I’m quite
sure practices would be unwilling to do so, because they would feel it would
put them in a legally indefensible position.”
Under this pressure, the government grudgingly backed down in December and
granted patients the right to opt-out.
“I’m glad this issue has finally been resolved,” says Trevor,
“but it shouldn’t take such a palaver for a patient’s wishes
to be respected. If it had not been for the involvement of the BMA, my wishes
would have been ignored.”
Maybe this what we can expect when civil servants, not doctors control access
to medical records.
Privacy; a thing of the past?
In today’s society we hand over all sorts of personal information that
is then stored on databases. We should have every right to know that our information
is secure.
But in America there have been over 100 million recorded breaches of data
security in the last two years. This has included medical and social security
records, credit card information, and even records from the US nuclear weapons
programme.
Large corporations have captured huge amounts of data and use it to analyse
our spending habits, and to categorise us as potential customers or credit
risks.
The government has realised that cradle to grave health and welfare is increasingly
unaffordable. So it is planning to use personal data to direct resources to
where they are most needed. An example of this would be the planned children’s
database, where children at risk could be identified.
The real power of databases is they allow information to be joined up. Information
from mobile phone networks can be joined up with police information to catch
criminals. CCTV can be linked to the driving licence database to monitor traffic.
How can we be sure our medical records won’t be joined up with other
information at some point in the future?
Eyeing Big Brother
It would be a mistake to think of this project as a being an example of malevolent
or intrusive state interference in our lives.
Electronic patient records (EPR) will potentially allow doctors to have a
complete overview of our health care needs. For the first time we will be
able to examine our records from the comfort of our desktop, and to see exactly
who is accessing them.
In medical terms this can only mean progress. But progress can be a mixed
blessing and it is important we watch out for any downsides that may come
with the EPR.
The ability of technology to process data is far outstripping any agreement
or law on how our info should be handled. The UKC, in its submission to the
department’s recent consultation of confidentiality, demanded a new
law to protect patients against abuse of their medical information.
Misue of our medical information should carry severe penalties, including
prison sentences.
Many HIV patients would have a lot to lose if their confidentiality was compromised,
and the government should not expect us to place blind faith in new technology.
These systems should earn our trust, and as patients our choices should be
respected.
What’s planned for the spine?
Summary Care Record will contain basic info and be accessible to practically
anyone in the NHS. It will hold your personal details, such as name address
etc and information on allergies, and medication. You can opt out of the Summary
Care Record, and you can ask for details such as your medication to be withheld
from the record.
Patient Care Record
This contains in-depth info about your medical treatment and should only be
accessible to medical staff involved in your treatment. It should contain
‘sealed envelopes’ containing sensitive information, such as your
HIV status, available on a need-to-know basis. As things stand, you can’t
opt out of the Patient Care Record
Useful websites
www.cl.cam.ac.uk/~rja14/
www.connectingforhealth.nhs.uk
www.healthspace.nhs.uk
www.ico.gov.uk
www.nhsconfidentiality.org
www.out-law.com
www.ukcoalition.org/law/eps/confidentialityresponse
