De-registered patient and medical records

[Pseudonym99]

If I am no longer registered at a GP practice, where would my medical records be kept?

I'm not saying you are and I'm really sorry you feel your trust has been breached.

Watching with sympathy. OP.

Dominthecat upthread you said paper records are stored for 21 years. What happens to records before then? Surely they arent destroyed?

All the records are kept for 21years. Say from being born to the age of 38 you use the NHS regularly, then you disappear (within the NHS structure, not actually disappear) the whole of your records until age 38 are stored. If you then come back and use the NHS, your whole previous record will join the new record, eventually. Although the legal minimum is actually 21 years I have seen longer gaps and somehow the records still got joined up.

As far as I recall, the idea is that if you have not used the NHS in 21 years then you probably have no need. But as said above, I have seen a gap of 30 years before now, on the other hand around 5 years of my own records are missing. Which puts paid to the idea that GPs and HCPs need my full records to make an informed decision. And no I don't know why so much of my record is missing.

I'm not attempting to launder money through my account but Santander were unmoved by my "my body, my choice" argument

Hopefully you can set up a meeting with your practice to do a review of your privacy options. Likewise take advice from your CCG, who commission other health services for you. You might want to join your practice's patient reference group as well, to hold them to account on security and confidential that way.

Record retention schedules are listed <a class="break-all" href="http://webarchive.nationalarchives.gov.uk/20160729133355/systems.hscic.gov.uk/infogov/codes" rel="nofollow" target="_blank">here - page archived I assume because the schedules will be updated now the Caldicott review has happened.

fakenamefornow I would be interested to know why you feel it is safer to buy medication on the internet (where it isn't regulated) than having a GP prescribe it for you thus allowing you to have regular health checks, even if it means allowing him/her access to your medical records.

I don't understand this thread at all. Don't use the NHS nor a bank, email, credit card or mobile phone if you don't want your data shared.
You don't have to use the NHS. It isn't an obligation in the UK.

I agree that there is an element of big brother watching you these days, especially with everything Facebook throws at you. I can't use a lot of apps on my phone unless I agree to allow access to my contacts and location, and I find that very annoying and intrusive.

However, with medical records I don't have a problem.

Unless you have your own private income that provides you with plenty of cash, don't drive, don't pay tax, don't have any money saved in any institution, don't have an email address, didn't go to school or university, don't have an NI card, aren't registered with the NHS, don't have a job, never use any kind of social media or forums etc I can't see how you can avoid being on someone's database somewhere.

You'd have to have never had your birth registered either, Nickname - so no birth certificate. Clearly you must also avoid dying

I don't want junk emails or someone to steal my money or someone to use my identity to commit identity fraud.

But why anyone should ever be worried about their information being passed between NHS organisations?

I just don't want one organisation passing information about me to another organisation without my consent - which they shouldn't be doing anyway

If this is your main concern OP, I think your NHS records should be pretty low on your priorities as you presumably use the GP less often than other services.

Eg you should only ever use cash, not cards of any type.

You should always browse through a secure VPN so your ISP cannot collect data.

You should of course being using incognito browsing.

Make sure you don't drive anywhere because ANPR cameras will be collecting data. And if course make sure you pay for your public transport using cash only....

These are all things that you probably do every day that will be collecting (hopefully anonymised) data about you. I think the NHS may be taking a false prominence in this in your mind...

I'm a lot more concerned about Google and Facebook accessing and linking up info in ways I don't want them to - my accounts on both are pretty well locked down, but it only takes one missed tickbox and you get your private osteopath reading FB posts and all your work contacts on LinkedIn finding out you have friends who are strippers and sex workers, for example.

The NHS's systems are excellent in comparison, though it's a risk of privatising health services.

Well, I'm not attempting to defraud the NHS, I'm just trying to prevent them from breaching my confidentiality, privacy and trust (well, too late for the trust)

Well you have a very simple alternative.
If you don't trust the NHS, don't use it. There are private services available.

You don't go to a GP to launder money, so your argument doesn't make sense.
You need to prove you have the right to access the free service and the GP needs your medical records in order to treat you.
If you aren't prepared to use the NHS on those terms, go private.

OP does have the right to confidentiality, it's in the NHS Constitution. So it shouldn't be necessary to incur the cost of private healthcare to avoid this being breached. The OP has, however, produced no evidence that it has been breached. She can ask each NHS organisation to account for the data they are holding about her if she wishes.

Goggle "Helen Wilkinson" adjournment debate she is the only person who I believe has managed to get her records deleted and apparently it was a huge amount of work and took years. She is on Twitter @medconsent. She is an ex HCP very friendly I sure she would be happy to advise.

Absolutely no legal reason you need to provide ID. GP Surgery's have to register you if you refuse to provide it.

That was what I understood tupsycat, we had to read a copy of the guidelines provided to us by the practice manager.

If you aren't prepared to use the NHS on those terms, go private.

But those aren't the terms you have to agree to when you use the NHS. The only terms you are required to comply with is to be entitled to NHS care. Anything else is over and above what they are entitled to dictate.

I suspect that's why NHS England published a clarification guide, knickers, I link to it above. I think NHS Counter Fraud would like to go further, and when/if visitors are required to pay the immigration health surcharge for primary care as well as secondary, it will be increasingly difficult for practice staff not to be establishing identity in order to meet their other obligations to minimise fraud.

Best advice get in touch with Helen Wilkinson @medconsent she knows this issues backwards and works closely with medics/Professors working/campaigning on this very issue.

If you want to take out health insurance or some types of travel insurance they need to look at your records to check you aren't lying to them about previous medical conditions if you want to claim on them

Also if you are involved in an accident they need to see medical records to check that the "bad back" you say you have as a result of the accident wasn't there beforehand and you try to claim compensation for injuries you have had for years

There was some research NHS fraud is about 0.3%. The other side of the coin is this whole situation can lead to patient withholding information this can be clinically dangerous. This is a bigger risk than fraud.

Much like voter ID fraud, Tipsycat, but along with buzzwords like 'health tourism', it will not deter the government from placing requirements on healthcare providers like general practices, which they may not be able to meet without verifying the identity of their patients.

Okay DMed Helen on Twitter. She is not on Mumsnet. She says I can give you email address if you PM me. She has had a quick scan of the thread. She says she got all her smear records on Open Exeter removed and was given her actually cytology slides. She says the argument she used was she was screened without her informed consent when she registered with an NHS GP she was not told about the national databases when registering with a GP or when having a smear taken. Her argument was if she known about the national databases and data collected under the GP Contract QOF/CQRS she would never have registered with a GP. Her records were deleted on that basis and Patricia Hewitt when she was Secretary of State for Health accepted she would be caused severe distress under Section 10 of the Data Protection Act.