We had a huge amount of interest in our fringe event held on Tuesday at the Conservative Party Conference on privacy and electronic health records. We are vocal advocates of electronic health records (EHR) and the potential for technology to improve health. However we feel very strongly that it should be each of us who is in control of our personal information, and the public does not have a clue about NHS England’s “care.data” programme that is about to share our medical records with a wide range of organisations. We think this is a threat to trust, confidentiality and accuracy.
The care.data programme will share confidential information from our GP medical records with NHS commissioners, research organisations and private companies in de-identified AND identifiable forms. NHS England wrote to all GP practice in England recently informing them they must make patients aware of the move to share our records, and their right to opt out of having data shared. When I rang my local GP practice the receptionist did not know, without asking, whether this process had started at my surgery. Now of course using aggregated information to ensure services meet the needs of a local population is important. And anonymous information from our records (without identifiers such as name, NHS number, full date of birth) is already shared with researchers. The Health and Social Care Act 2012 gave a ‘right to extract’ patient information but it’s important to note that this is no exemption from the Data Protection Act.
We have two main objections to this new process as it stands. Firstly we have heard reports that GPs ‘making people aware’ of their personal information being harvested (which will include name, date of birth, postcode etc) has simply amounted to a few notices in the GP practice. What about all those people who don’t happen to visit their GP between the time of the notice going up and the ‘extraction’ of their personal data? Engagement of the public has been trifling and the ‘opt-out’ approach is not the right way to treat our confidential information or retain confidence.
Our second objection is that many medical records contain errors, both mistakes consisting of other people’s notes, errors in recording and pejorative remarks, a point well made by Dr Sarah Wollaston MP at our fringe, a former GP, as well as errors in how the records are coded.
Such is the secrecy surrounding our medical records, most of us have never seen them. Only occasionally are we made aware that this means they could have significant errors in them. Stories occasionally come to light in the press of people denied insurance payouts for a condition they didn’t know they had, or for a condition that they didn’t have but their records say they did!
People’s private medical information should not be uploaded to a national database until they are fully informed of process and confident their personal information is correct. At the moment people, if they know this is going to happen, can make a “reasonable objection”. Just who defines ‘reasonable’ we don’t know, but if the story of Mrs Tenneson is anything to go by, then we should be worried. The government has promised that we can all see our medical records on-line by 2015. It seems to us, that until this happens, to retain the confidence of the public and ensure that research and services are not jeopardised, we should have an opt-in system. Most people will be perfectly happy to share information when it can be volunteered; making it mandatory unless ‘reasonably objected’ to is THE way to lose people’s trust and therefore the incredible opportunity that having the NHS gives us for research and medical progress.
You can act now to protect your privacy by sending your GP this letter, produced by MedConfidential. This will then ensure that you have the time to check your medical records for accuracy before then considering whether you are happy for the information to be shared.