Welcome Guest | Login | Register | Why Register? |
Newsletter RSS Twitter
03 September 2010 | 15:56 GMT

E-Health-Insider E-Health Europe E-Health Jobs (UK only) E-Health Insider Events
HOME | CONTACT | NEWS | DOCUMENT LIBRARY | FEATURES | OPINION & ANALYSIS | EVENTS | RESEARCH REPORTS | CASE STUDIES
View reders comments View (9)
comments		 Add a comment Add a
comment		 Send to a friend Send to
a friend		 Print this page Print

Patients view their GP records at home over web

Tags: Confidentiality   EMIS   GP   iSoft   Nursing homes   Security  

24 Mar 2006

Two patients from a Derbyshire practice have viewed their GP records over the internet from home as part of a trial the practice hopes to extend to 1000 patients over the next 18 months.

The trailblazing project is being run at Hadfield Medical Centre in Derbyshire by GP, Dr Richard Fitton, a pioneer of patient access to records.

Dr Fitton, a former member of Connecting for Health’s Care Record Development Board, said two patients who are also staff members at the practice saw and checked their GP record in the surgery, then viewed the record over the practice intranet and finally were able to view their record from home over the internet last week using a secure log-on system.

Dr Fitton told EHI Primary Care: “We are absolutely delighted with it and the patients who have done it think it’s fantastic. They get an excellent view of their whole GP record with extra information so that, for example, if your record includes the word angina, a screen comes up explaining all about what angina means.’

The project is being run together with GP system supplier EMIS and PAERS (Patient access to Electronic Records System), a GP-run company which provides access to electronic patient records via kiosks in the surgery. Dr Fitton said the practice also planned to involve iSoft very soon as Hadfield Medical Centre has merged with a practice using iSoft's Synergy software.

Linzy Hannigan, a receptionist at Hadfield Medical Centre, was one of the first two patients to view her record from home. She told EHI Primary Care: “I found it very informative and really enjoyed it to be honest. It’s good to see, for example, what exactly the consultant has said in a letter and it’s much better to be able to look at it at your leisure at home rather than sitting in the surgery where you might feel under pressure of time.”

Hannigan said she had no worries about the security and confidentiality of her data and felt confident in the password protected system that was in place.

Dr Fitton said he also had no worries about the security aspects and believes that by putting control of the record in patients’ hands many of the existing concerns over who should see the record and when would be overcome. He added: “I think I have a duty of care to share records with my patients if they wish to do it and all the evidence shows that people who get involved with their health care and disease management do much better.”

However he warned that it would be impractical to go through the whole GP record with every patient before making it more widely available since it could take between 30 and 90 minutes per patient. The time involved in ‘opting in’ patients to record sharing is one of the arguments against an opt-in model used by those proposing that the NHS Care Records Service should work on a qualified opt-out system.

The practice is also involved with a project in Tameside and Glossop to trial record sharing for patients who fall into particularly sensitive groups such as those with alcohol problems, in nursing homes and with a terminal illness. Patients who are interested in sharing their record will be invited to see their GP to discuss it first.

Dr Fitton added: “Just like with internet banking a lot of people want to do it and a lot of people don’t but you have to offer it to those who are interested.”

© 2006 E-HEALTH-MEDIA LTD. ALL RIGHTS RESERVED.

Reader's Comments
Add a comment
Reader's Comments

1

Confirm your data from home

dreilly@rfid4u.com

25 Mar 06 11:03

This is one example of a great benefit to everyone by using technology in healthcare! What percentage of patient records are 100% accurate? From my personal experience I would say over 50% are way out! At least now or soon everyone ( with home internet access) can check, confirm or update their records from the comfort of their home PC, thus improving data accuracy and removing administrative costs and future medical error from our great if overworked healthcare service. Technology can deliver so much more also, so let's all pull together, see the big picture and insure success. One day we will depend on it!

2

Interesting, however...

quandary@hushmail.com

26 Mar 06 22:03

This is a good move forwards, but also, one fraught with danger. A bank will invest millions in security, as it is liable, as the GP surgery will be, for any breaches in security. FOIA questions should be asked, has this website and infrastructure been security tested to industry standards? What controls exist to register consent, protect against illegitimate access to PID, how are the logs to the system protected. Whilst this is a brave move forwards, security is more than just purchasing an SSL certificate and SecurID token (one assumes). The backend database and programming logic all have to be secure too. It will be interesting to see how this pans-out, and if it ever is released to a wider audience.

If the Internet facing version of their software is currently exposed to the Internet and all the background noise (such as Malware viruses, and Trojans) is hammering away at the door, I hope non-consenting patient identifiable data isn’t connected to the system, and that the thinking behind the security of the system is more than just network based. A firewall doesn’t protect you from the doors you leave open, such as the systems you hope are secure that you give everyone access to or at least the ability to knock on the door and rattle the windows.

3

Let patients check and share their data

amir.hannan@nhs.net

28 Mar 06 21:03

Whilst security and confidentiality are very important, so is ensuring the information stored on computer systems are correct. Increasingly patients and clinicians are wanting this information to be available "just in time" at the point of "delivery of care" whereever this may be. Imagine patients being able to share their GP-held record with the OOH doctor / nurse or their outpatient consultant to show what has been happening in terms of their care received to date including blood results, letters from multiple different hospitals, routine opticians reports etc. We now need to start a debate / discussion with the public as well as the medical profession on the relative merits of a closed but "secure" system that does not allow anyone to have any information about the patient compared with one that is more accessible and hence can be shared with others without having to go through the GP each time during normal working hours when it is convenient for the GP to respond. Many GP surgeries now record most health transactions on their computer systems as well as what has been happening to their patients in other care settings either in the community or in secondary care. Surely the patient should be allowed to decide to share their data with whom they want, when they want - afterall it is data about them.

4

Initiative to be applauded, but............

andrew@garcarz.net

29 Mar 06 10:03

I agree with the principle that patients should have access to their data in a secure and controlled way and the analogy with electronic banking is a persuasive argument, however, one only has to look at recent computing publications to realise that banks are losing millions due to online/internet fraud. Only one bank so far has implemented secure two-factor authentication to crack down on fraudulent activity.

The same threats exist to any on-line system. Security is paramount, but with well-meaning GPs, even with the support of their equally well-meaning and commercially minded suppliers, providing what is essentially insecure access to personal, confidential medical data, it will be when rather than if, this Heath-Robinson solution is breached. Please, if you are going to do this, and I think you should, get professional security advice; insist on token-based two-factor, "industrial strength" authentication. After all information is far more valuable than money.

5

Steps in the right direction

29 Mar 06 11:03

Richard Fitton is to be applauded for taking the initiative on online patient access to their records. Yes, there are serious issues around privacy and security, but we need people that are prepared to stick their toe in the water and try it out.

Arguably it's much easier for an individual like Dr Fitton (albeit backed by system suppliers) to take the lead in this way than it is for NHS organisations. In my experience, the need to be seen to be making the maximum effort to guarantee security is usually quite effective at stifling progress.

Although I think the assumption (in the above posting) that the security arrangements are Heath Robinson is a bit presumptuous, I'd would like to see somebody try out industry-strength, token-based, two-factor authentication with the general public as I suspect it would prove to be too onerous and impractical for the majority.

6

One step at a time

andrew@garcarz.net

29 Mar 06 17:03

A previous correspondent stated, "I'd would like to see somebody try out industry-strength, token-based, two-factor authentication with the general public as I suspect it would prove to be too onerous and impractical for the majority"

In my defence I would like to point out that the Alliance & Leicester recently (15th March 2006) issued two-factor authentication devices (a key-ring token) to ALL one million of its on-line banking customers in a bid to cut out fraud and identity theft. This technology is already being used by 15 million Bank of America customers in conjunction with traditional password and user id. So no I don't think that industrial strength security is either too onerous or too impractical. It might be inconvenient to have to remember to carry your token, but I’d prefer guaranteed security to the alternative. I would also be keen to harden the Operating System of the server/s involved, ensure that activity logs are run as a matter of course and archived securely.

My extensive experience of GP clinical systems and the people that manage them is that they are diligent and contentious, but at the end of the day they are GP's not IT professionals. I'm not saying don't do on-line access, I'm saying "great", but lets make sure remote access security conforms to the standards the NHS have spent several years achieving and maintaining.

7

Turn it the other way round

gerard@careprovider.com

29 Mar 06 21:03

Medical records should belong to the patient in the first place, and certainly not the State, which one day will no doubt find it efficient to link it to our ID cards. The medical record should be set like a currency: owned by the indidual but could not be defaced. The G.P. as the banker.

8

A fist full of dongles

30 Mar 06 10:03

I'll be waiting to see the long-term outcome of the Alliance and Leicester system and how many other banks follow suit. Of course, it's all progress towards a robust and sustainable system of verifying identity, but I still think it likely that methods of authentication will need to be made simpler to achieve widespread acceptance in the long term. Just the requirement for separate tokens for each secure account should provide some impetus to find a more practical solution!

9

Check Out Renal patient View

20 Feb 07 18:02

This is already up and running for Renal patients and I understand most patients are very keen on the system.

http://www.renal.org/rixg/patientview.html or https://www.renalpatientview.org/

Search
News Features Jobs Newsletters
EHI Primary Care Tweets
EHI Primary Care Tweets

Past: 24 hrs|7 days|Month

Featured_recruiters
Featured_recruiters
About Us | Advertise | Privacy Policy | Terms & Conditions | RSS Feed
E-Health Insider Primary Care is managed and maintained by E-Health-Media.com ©2010 E-Health-Media Limited.