An important change is happening to the data protection of your medical records at the beginning of March. The NHS has sent a leaflet entitled “Better Information Means Better Care” to every household in England. It’s important you read it. If you have not received your copy, click here for a pdf, direct from the NHS.
The leaflet announces changes to the way that health officials will handle confidential medical records. It’s also known as “care.data”. Many people have not received it.
From March, medical information about you that was previously only kept to help understand you as an individual – information from consultations, notes on prescriptions – will be uploaded to a central database to become one of the world’s most complete health databases. Our records are being connected to make them stronger.
This is, in many ways, awesome. Many medical researchers are excited at the prospect of all this data (eg work on superbugs like MRSA). And they should be. Analysis of NHS patient records first revealed the dangers of thalidomide and helped track the impact of the smoking ban. There’s so much more it can do under care.data. This new era of socialised big NHS data could be very powerful indeed. We should enjoy the ideas idea that our medical treatment will, in the future, be more robustly based on such a large evidence base. The data base could even help researchers find new ways of finding vaccines for HIV one day.
However, there are reasons to be sceptical.
Since the inception of the NHS, GPs have been the trusted guardians of their patients’ most private medical information. But in just a few weeks, all that will change.
Next month, the NHS will begin extracting and storing huge amounts of patient data from GP records for the first time under the care.data programme, and then linking it to data from secondary care.
The move marks a seismic shift in the way the NHS in England uses patients’ data. The database will become a huge mine of information for commissioners and, in time, for researchers too. But care.data has caused consternation among GPs, many of whom are alarmed at the threat to confidentiality and all of whom still have a statutory obligation as data controllers to ensure patients know about the scheme, which will operate on an opt-out basis.
‘Pseudonymised’ data once processed by the HSCIC, (ATOS) the data may be shared both within the NHS and beyond. Most shared data will be anonymised or ‘pseudonymised’, which means identifiers are stripped out.
However, patients could still potentially be identifiable from pseudonymised data, for instance if a patient in one area has a rare disease or other rare characteristics or if the data is combined with other datasets – a so-called ‘jigsaw attack’ (this would be illegal).
Initially, pseudonymised data will be available only for commissioning use, although NHS England intends to extend access to researchers and private companies in due course. Data can also be released in fully identifiable form to researchers and potentially private companies if that is judged by a scrutiny panel of independent experts – the NHS Confidential Advisory Group (CAG) – to be in the public interest or for the purpose of improving patient care.
However, NHS England has pledged that ‘in order to establish trust in care.data’, it will ‘initially’ only disclose identifiable information if there is an overriding public interest. It also insists any future releases of identifiable data will be ‘exceptional’. But a Pulse investigation has found the CAG is currently approving similar requests for other identifiable NHS data – not care.data – at a rate of almost one a week.
GP practices are legally required by the Health and Social Care Act to participate in the care.data scheme. But patients are able to opt out of their confidential data being extracted at two stages – either when data is shared by the HSCIC, or when it is first uploaded from practices to the HSCIC.
‘Sharing information about the care you have received helps us understand the health needs of everyone and the quality of the treatment and care being provided, and our work to improve data collection and usage is supported by both the RCGP and the BMA,’ a spokesperson says.
But privacy campaigners have criticised the publicity drive as ‘confusing’ and even GPs in favour of more data sharing have expressed concern. Dr John Lockley, clinical lead for informatics at NHS Bedfordshire CCG, says it is ‘extraordinarily remiss’ to extract private information without obtaining explicit consent.
Dr Lockley says: ‘I do like the idea of using data like this, for research and for organising the NHS, but I strongly believe it needs to be done ethically. It could be done and should be done in a different way.’
Many GPs on the ground share Dr Lockley’s concerns. A survey last month asked 424 GPs to estimate what proportion of GPs, practice staff and patients understood the scheme. The responses indicated that only half (51%) of GPs and practice staff have got to grips with how care.data works, while GPs believe only 15% of patients understand it.
The survey also showed that 40% of GPs intend to opt themselves out, with a further 17% undecided.
It is important that you read the leaflet (Here’s the link again) so that you understand how information in medical records can be used to improve the way that healthcare is delivered.
If you are happy for your information to be used then you do not need to do anything. But if you have concerns or if you do not want information that identifies you from being shared outside your GP practice, as described here, inform a member of staff at your GP practice. They will make a note of this in your medical record. This will prevent your information being used other than where necessary by law, such as in case of a public health emergency.
You will also be able to restrict the use of information held by other places you receive care from. However, this will not affect the care you receive.
You can change your mind at any time and as many times as you wish. Just inform your GP practice and ask them to record your wishes.
Information from GP practices will begin to be extracted and sent to the HSCIC (Health and Social Care Information Centre) in the spring 2014. The HSCIC contract was award to ATOS Health care, the organisation which conducts assessments on behalf of the Department for Work and Pensions.
The information your GP surgery has, your ‘data’ will be linked with your hospital data (which is already held by the ATOS/HSCIC) and this will be uploaded online to HSCIC in March. It will affect every man, woman and child in England and their confidential medical records.
- This new system is not about sharing your medical information with doctors, nurses and other health professionals outside of your GP surgery.
- It’s not about the ways in which your GP shares information about you as part of providing your essential medical care.
- It’s not about ensuring that hospital specialists have the information that they need when you are referred to see them.
- It’s not about submitting information so that GP surgeries and hospitals are paid appropriately for the care that they provide.
Your information is not going to “the NHS” – it’s going to a private single organisation, the HSCIC, a part of ATOS.
Detailed information about care.data
If you are happy with the changes described here, you need do nothing, your information will automatically be transferred to the HSCIC. However, if you need time to understand how these changes may impact you, you should visit http://care-data.info/
You will learn a lot more about care.data after reading this site than you did after just reading the leaflet. And you’ll be in a much better position to make a decision on whether you are happy to be included, or if you wish to opt out. (Once your data is uploaded you can never get it removed from the HSCIC database). If you do decide to opt-out, http://care-data.info/ will tell you how to do so and the opt-out options that you have. (You can always opt in, at any time if you choose).
(UPDATE: A follow up post about this debate is available in which, we collate audio from BBC Radio 4, (An Eddie Mair interview) and Danny Pike, who interviews Dr Neil Bhatia. A YouTube video featuring MP David Davis who attended a Westminster Hall debate regarding care.data. And a talk by Professor Mary Dixon-Woods of Leicester University on the history of safety measurement when working with Data. Please visit: Care.Data – What’s it all about? (Audio & Video) posted to blog.lass.org.uk on 18/02/14)
If you are confused with this information, this flowchart may help.
for well-being news and info or