New NHS medical records database

[boiledeggandsoldiers]

The NHS are planning to put our medical records on a national database. Article

I can see that it could be an advantage to be on an easily accessible database in a medical emergency, but...

medical records are highly personal and government databases do not have a good track record for security. Who remembers the names and addresses of every child benefit recipient in the UK being breached?

Are you aware of this and will you be opting out?

"Databases can easily be designed so that you can't download it to a disk / laptop, automatically logs you off after set period, forces you to change your password regularly etc."

I disagree, as a database designer (who works for the NHS) it is very difficult to allow access to records while ensuring confidentiality. It's not easy at all!

Albrecht I didn't know that you could apply for them to be changed if inaccurate that's very helpful, thanks.
My letter didn't say it would only hold information about medication, it said everything> but said people will have to 'ask you' before accessing it. Are there different pilots running?

my mum was asking me about this letter, not had mine yetr
assume the ask is the consent thing, you have to consent to your data being used for...blah blah

We've had our letter. Tbh I was very surprised that all records were not already fully accessible online and for me advantages outweigh disadvantages.

I had weird experience recently where i took dd to see OOH doc and she had my records up and starting commenting on them as I sat down, asking if x was improving (highly personal injury!)!! It was not at our surgery (and in one about 8 miles away), and I had a friend with me - highly embarrasiing and inappropriate. I quickly told her that we were there re my dd and that should have been clear from the first call as I had never ever said it was for me and the two people I had spoken to both asked for dds details. I decided there and then that I would be opting out of all my details going nationwide as it was embarrasing enough them being local wide!! Too many of my friends or acquantances are GPs, consultants or nurses and I am sure that at least one of them will be looking at things they shouldnt about people they know (especially where their children are visiting - ie. my house). One GP said as much over a drink or two one night (he is a total nutter and a rubbish GP but thats another issue).

And who on the earth is going to know if somebody looks at your records who shouldnt have, as long as they are a nurse, doc or working at the correct level in the NHS then it wouldnt raise suspicion. It would be very hard to control the desire to quickly look up your colleague, mates, MIL or mum at school who always looks like she has everything!!! After all, I bet weve all had a look at google maps and street view at everybodys houses we know to see where they live. Its natural curiosity. Maybe i have no morals, but if I was a nurse and my dd was to stay at somebodys house I knew little about, I would be very tempted to scan their records to see if there was anything I should be worried about.

Initially at least only a summary of your care record will be on the national database, with you medication and any significant conditions and medical events.

Access is by a smartcard, which restricts access according to your role, the process for getting one involves being sponsored and providing ID, even though they are general provided by your employer.

At the moment GPs use a clinical IT system (there are several), and data is stored either within a server on site, or more often now off site at a data warehouse.

I have issues with this too.

I hear all the 'your data is safe' malarky but I thought my child benefit info was safe and that data was lost. And the full security check that my son had done for the armed forces was on a mislaid laptop - that included all mine and my dh's personal data including my passport details and NI number. You'll understand my scepticism.

Also I do worry about what might be shared in the future - insurance companies who want to load your premiums or refuse to cover you at all and work related occupation health - I may not want them to be aware of my previous issues with anxiety and depression.

in scotland we have access to Emergency Care Summary (ECS) outside surgery hours which lists your allergies, medications and any special notes, eg programme of care/special needs, drug addiction, mentla health problems, palliative care notes etc.

we don't however have access to notes regarding recent treatment for random illnesses or anything personal outside a CHI number.

are they proposing that in England all of your notes go onto an electronic system? or is it similar to ECS?

We aren't gathering any new information. We already have everything - and your neighbour could be reading it with their coffee today. They aren't though because keeping information confidential, only accessing what you need for your job is at the very heart of what we do. I can't tell you there isn't the odd stupid or malicious person because there are and if we wrote your notes in magic ink and guarded them with dragons that would still be a problem. This will be no more or any less the case with an electronic record - and at least that will have an audit trail that shows whose been in. Your paper notes have no such protection.

Yes Sarah Brown etc will be on the same system and with no greater protection than you - they don't need it because you are already getting the very highest standards of confidentiality.

I often see people I know in the hospital. I don't smile at them, nod, make eye contact or speak to them unless they speak to me first. Why they are there is none of my business and by basically pretending i haven't seen them, I am ensuring they keep their privacy. This is quite hard in a corricor six feet wide...I have lots of friends who think I'm blind as a bat! This is how all my colleagues are taught to behave.

I think it's a real shame if people opt out. It doesn't mean your medical records won't be available to many NHS staff - because they already are, but it could mean a delay in your treatment at a time you really need it - that's to be avoided where possible.

There was a thread about this on another health forum I'm on and someone had written that her visits to the GUM clinic, 10 years earlier, which she was told at the time were not reported to her GP unless she gave permission now appeared on her records when she looked at the computer screen during a GP visit which had a summary up of her medications over the years. I found that worrying.

Also, I was sent to A&E recently from the G.P. with a letter that printed out all previous hospital visits, some of those were for gynae related things but nothing to do with the problem at the time and I had to hand that letter over to a receptionist at a busy A&E reception with words like "vaginal dilation" printed in big letters. Luckily I was feeling too ill to care at the time but I wondered about the necessity of listing such a full history.

I would certainly be worried if I was in the public eye.

It would be interesting to know if there is a real need for this ie are there any cases of people who have not received treatment they needed/incorrectly because this info wasn't known? Unlikely I would think as most treatment that needs to happen if you/your family cannot give info is quite last ditch stuff, and there are things like MedicAlert for hidden conditions etc. What I am trying to say is why did this come about, for an evidence-based reason or just because we can?

Eurostar - you'd be surprised about what relates to what! Obviously if you'd a sprained ankle then I can see gynae wasn't a likely factor.... In your case though - I think we have to ask - why did the receptionist need the letter - and if she did why isn't the area designed in such a way to protect your confidentiality? Those are practical problems we should solve but not a reason not to retain and record your info in the first place.

I know people are nervous about mental health information in particular but it is relevant to how you're treated for whatever forthcoming problem you have. Being ill is very stressful and differnt illnesses produce differing mental effects. You may not want to think about it, be reminded of it but can make a difference to your safe treatment. Whilst necessary though, that information should still be held with privacy - same as abortion records etc. We can't just not keep it though. Confidential isn't the same as secret.

Pootle - imagine you come to my local hospital this week because you've got a stomach ache whilst you're here on business. We take an x-ray, do a few blood tests, can't see anything major. You are discharged and the doctor who sees you dictates a discharge summary on to tape which goes in to a pile to be typed and then sent out to your GP (which will take between about three days and three weeks depending on workload) Then you go home to Bristol say and two days later get the pain again and hasten to your local hospital. Your Gp hasn't got the letter yet, the x-ray is still up in York and Bristol do a new one. They can see something on it which could be the start of something bad or it could be something that you've always had....won't it be great if instead of the 'oh no we know nothing response' - Bristol could access what investigations you had and then carry on treating you NOT start all over again? Being able to compare old x-rays and scans with new ones is really, really important and it's something we just can't do well wnough now.

NorthernLurker - it wasn't a sprained ankle but was as relevant to gynae stuff as a sprained ankle. The letter stated my current symptoms and why the G.P. had sent me there. It looked like then it was just a press of a button that had printed out all the other details at the end. I don't know if that always happens or if he was just in a hurry so didn't have time to highlight what was relevant to be printed.

That sounds like the record just contains everything. We get referral letters like that at work and whilst yes there are cases where one thing doesn't relate it would be very unwieldy for GPs always to select the relevant bits. That also bases the decision on only their professional skills and judgement - and that's not always the best idea.

But the leaflet I have been sent seems to say that that is not the kind of info that will be available - it will be a summary of conditions and medications?

Interestingly, I was considering a house/area move when pg and asked the MW how it would work. She said that if anyone moves into our area in pg they repeat all investigations and tests, even if the patient has their hand-held records and blood test print outs. This kind of lack of trust for other areas investigations/results etc will probably still go on, no?

Ultimately digital imaging should be available as part of the whole care record. Repeating tests may be as much to do with the way we're paid by your PCT as it is to do with not trusting other organisations.

My dh works on this, got him to write the following;

Obviously some of the above is related to the Summary Care Record (the 'database') however many of the problems described above exist totally independently of the system. Unfortunately a huge amount of Fear Uncertainty and Doubt has been injected by the misinformed, sensationalist media that make it very difficult to sort the wheat from the chaff on this issue.

It's currently possible to gain access to a medical record via significantly more trivial means than 'hacking a database' - for example simply impersonating an individual at a GP practice requires relatively little skill. With traditional paper-based medical records even receptionists can take a peek at your personal information and you would never know about it.

The care records themselves are stored in secure datacentres, available only via a private NHS network (N3). No system is foolproof of course however there are several other key security mechanisms that have been implemented by central systems.

The system itself has been designed to adhere to the guidelines set out in the Care Record Guarantee which makes a number of pledges to the public regarding treatment of personal data including the provision of the capability for patients to block access to certain personal data if they choose.

www.connectingforhealth.nhs.uk/newsroom/news-stories/crdb_guarantee

All users of the care record service must provide proof of identity (passport or drivers license) and evidence of activity in the community.

Access to all medical records is authenticated with a smartcard - this is fully audited. Unlike other systems it can tell you who has accessed your record with a high degree of certainty.

Only people who have a declared legitimate relationship are able to view a persons care record. Violations of this (in the case where access is required for example, A&E) are notified to the local caldicott guardian (www.dh.gov.uk/en/Managingyourorganisation/Informationpolicy/Patientconfidentialityandcaldico ttguardians/DH_4100563).

Aside from this, there really isn't a viable alternative. Paper-based medical records are prone to loss or theft, unauthorised access and are only available in one location at any time. Further, you will never be able to control who has access to what parts of your personal data with existing systems.

In short, the central systems are significantly more secure than those provided by local NHS organisations including GP practices. I'm not saying it's the answer to everything, and the NHS has a huge amount of other challenges, but I believe it is a step in the right direction.

hmmSleep - thanks for posting that.

I suppose one way of helping protect security is if people are allowed to see the list of who has accessed their records. Otherwise, even thought it is all audited, presumably only a minority of records will be picked out for random audit.

hmmSleep, with the greatest of respect to your dh, his assertion that "central systems are significantly more secure" does not convince me. Not in the slightest, I'm afraid.

Ok, this is me posting now, not as IT literate and knowledgeable as dh I'm afraid!

Eurostar The idea is that you will be able to request who has accessed your records at any time, particularly if something has occured to make you feel you need to, currently it is impossible to say exactly who has seen your paper records.

totallydifferent Out of interest, previous to this system being introduced were you worried about the confidentiality of your records?

Going back to the op

"Who remembers the names and addresses of every child benefit recipient in the UK being breached?"

As Albrecht already pointed out, this was some idiot losing 2 discs containing the information. With the new nhs system there will not be any need to copy things to disc, print information out etc. as that's the whole point, to be able to retrieve needed information from any location securely. Could someone hack in and copy the information? Yes, but not easily, and it would be far easier to steal information as it is currently being stored.

Where I am we already have an electronic health record, and as said before its a hell of a lot more secure than a load of paper records floating about.

I'd be interested to know how it will work if people opt out - will NHS have to run multiple systems side by side? If you are the only person in your GP practice who opts out will there be one solitary paper record held?

I am a health care professional
and so is my DH
We shall be opting out, this is yet another corrosion of civil liberty, and no I don't trust the government to keep my records secure
I suspect the next stop will be accessible records for many different agencies, including social services etc

I opted out for various reasons.