GPs threaten to block national patient database

Tags: Choice Choose and Book Confidentiality consent Database DH GP GPs NPfIT Rating

21 Nov 2006

One in two GPs have signalled their intention not to upload patients’ clinical details to the NHS Care Records Service (NCRS) without explicit patient consent, in direct opposition to Department of Health (DH) policy.

The position being adopted by doctors in primary care, is revealed in a survey of 1026 doctors’ views about the National Programme for IT (NPfIT) carried out this month and commissioned by EHI Primary Care. The survey is the latest of seven polls on the subject conducted by the healthcare online research organisation Medix and also found doctors are increasingly critical of the cost of NPfIT and how it is being implemented.

The extent of doctors concerns about confidentiality are highlighted by the survey results with 51% of GPs, and 47% of non-GPs, saying they will not or are unlikely to upload a patient’s clinical details to the NCRS without specific consent, just months ahead of DH plans to begin uploading patients’ details as part of a pilot for the Summary Care Record.

Almost four out of five GPs (79%) also think the NCRS will lessen patient record confidentiality.

Dr Andrew Sanderson, a GP in Spennymoor, County Durham, took part in the survey and argues that the NCRS should be based on an opt-in explicit consent model rather than the implied consent model currently being proposed by the DH. GP organisations including the British Medical Association and the Royal College of General Practitioners also back an opt-in model.

Dr Sanderson told EHI Primary Care: “Patients give information to doctors for a specific purpose and when that information becomes more widely available the patient is not in control of where that information goes.”

Dr Sanderson said he would be recommending to his partners that a code is put on all patients' records in the practice indicating that they have refused consent to participate in the NCRS and that the practice then widely advertise the NCRS so that patients can opt in if they wish to do so.

He added: “Proper informed consent is not just saying that if you let us upload your information then you’ll get better treatment if you happen to fall ill while you are on holiday in Torquay.”

Overall support for NPfIT appears to be continuing to fall with only 35% of GPs now rating it an important priority for the NHS compared to 67% four years ago. In the longer term just under one in five GPs (19%) believe NPfIT is likely to lead to a significant improvement in patient care with 39% expecting a slight improvement and 21% believing it will make no difference.

London GP Dr Fiona Underhill is among those who are critical of progress to date. She commented: “Experience so far shows this is an expensive disaster, doesn't work, and is time-consuming and frustrating for doctors and patients.”

Another GP, Dr Andrew Rigby, said he was a keen and committed supporter of IT but feared the NHS could end up saddled with “a huge behemoth” which was not fit for purpose for delivering clinical care.

He added: “The establishment of a huge central database was too ambitious - we should have started with smaller locally managed systems built to common standards with common protocols for communication. That way we would have been able to engage clinicians fully in the choice of system and design for the environment in which they have to function.”

On a slightly more positive note the survey shows support for Choose and Book is growing, up from 17% at the beginning of this year to 26% today. Four out of five GPs now have experience of Choose and Book and about half of those now say they use it for more than 40% of referrals. However, of those using it regularly, more than 90% say that it increases the time in dealing with a referral and more than 70% think it either make no difference to or is detrimental to patient outcomes.

One GP commented: “Choose and Book is a colossal waste of resources which pleases politicians but makes no difference to the vast majority of patients.”

The survey also appears to show continuing concerns among GPs about consultation over the programme with 92% of GPs rating personal consultation important but only 5% saying that they have had adequate consultation, only slightly up on the 2% of doctors who felt they had been adequately consulted in 2002.

Medix survey on NPfIT November 2006

Reader's Comments

A patient's view

21 Nov 06 22:11

As a patient, I would be pleasantly surprised to find, if I was admitted to hospital in an emergency, that my record was available. It might result in being asked fewer silly questions by hospital doctors, and give them more time to diagnose me. And I might have less chance of adding to the thousands who die as a result of "inappropriate treatment".

I might through inertia or clerical error have failed to opt in. There will also be many patients, more gullible than me, who will have been persuaded not to opt in by GPs jealous of their reputations.

To me, "opt in" will cause thousands of unecessary deaths, all sacrificed on the altar of "patient confidentiality".

What about accuracy?

mary.hawking@nhs.net

22 Nov 06 06:11

Everyone is rightly concerned about confidentiality - but isn't anyone worried about the *accuracy* of pooled medical records, where there is no-one responsible for its maintenance? Don't forget that the people looking after the individual patient will be using local organisational records, and will have no reason to even look at the summary NCR!

The End of Liberty

preston.demendonca@nhs.net

22 Nov 06 10:11

My name is Preston de Mendonca and I am the GP who proposed the motion at the LMC Conference this year that GPs and their families should consider removing themselves from the PDS spine.

My motion concerned the Patient Demographic System(PDS) only.We were some way from uploading your clinical details onto the spine.

The PDS[and by inference the Data spine] is not like the electoral roll or phone book.It is the most up-to-date address book of just about every person in the land...all of us.. including our children.

The opening up of the PDS to 50-200,000 and possibly more new people including GPs and their staff, should alert everyone about the wisdom or disbenefits and unexpected consequences of holding such access/power.

With massively increased access to the PDS, it is not just the addresses of celebrities and interesting people which are at risk, but anyone of interest to any of the cardholders...and anyone with soft access to a card holder.

It is this massive increase of individuals able to access the whole PDS, which is the security risk - hence my phrase "a lock with 50,000 keys cannot be secure"

Irrespective of professional/ethical principles, staff training and penalties for unauthorised interrogation (if detected) of the PDS,it is naïve to expect to expect cardholders to simply wonder.."..whatever happened to baby Jane?" when the answer is within a few clicks of the National Address book at their fingertips.

If you are merely of interest to any cardholder, anywhere in the country, they can find you. Do we really want/need this for everyone, regardless of whether it is in their interest? The blather about 'stop-noting' has been just that;blather.

In all the arguments about "the greater good" - and "it is all available elsewhere"(it isn't),one needs to consider what John Stuart-Mills called; in his essay on liberty "the tyranny of the majority" when the wellbeing of individuals are sacrificed for the perceived good of the majority. My motion advising GPs to consider removing themselves and their families from the spine reminds the Profession of their liberties and act as an example to the Nation.

As your personal physician, your GP should foremost consider, the information you give him, to be private and confidential and to be applied for your benefit above all others if not, there is no trust to be had and all else is subterfuge. Your details on the PDS will be mainly updated by your GP(staff) who are at the front end of the massive database.

Finally, as a practical exercise: find out if your Caldicott Guardian knows how you can be removed from the PDS and how quickly - now repeat the exercise as an ordinary member of the public. What chance for those who have need to be leaves in a forest, but are not aware of that need?

Patient consent must be obtained

mary.maconachy@nhs.net

22 Nov 06 10:11

As a patient I do not want any of my details automatically uploaded to any system for any reason. I have no confidence in the government safeguarding this information and there is a fear that any information could be used without the individual's knowledge. I want a full discussion with each relevant health professional about any information they wish to upload and I will consent (or not) as appropriate. I will not allow ad hoc uplaoding.

IT Security's View

22 Nov 06 11:11

Working full time in Information Security on government contracts, I cannot trust the government with my information. As one user succintly put it, a lock with 50,000 keys can never be secure - remember that users are the weakest link in any system. Whilst the aims of the CfH system are noble, I do not trust the government to keep my information secure, and do not expect them to be able to provide an audit trail of who has accessed and amended my records on demand (how reliable is this information anyway?) For access to my records, I would much rather trust my GP's discretion than being part of this centralised database.

Opt-out: http://society.guardian.co.uk/health/news/0,,1936192,00.html

Can't remove demographic information

22 Nov 06 12:11

The information seems to be that you cannot remove demographic details from the spine, unless you opt out of the NHS entirely. The medical details will not be on there for some time to come, when hopefully the sealed envelope and opt out will have been build in and fully tested......

There are two different issues - removing demographics, and not allowing medical information at a later stage.

Re Preston de Mendonca - have you ever actually seen the spine?

22 Nov 06 14:11

In response to the comments from Preston, I am a little baffled - I work with both GPs and an acute trust who access the PDS via their clinical systems (GP systems and PAS systems) and they cannot simply just find somebody's details in this way. The software doesnt work like that - as there is no interface to the PDS. There is simply a link that then asks you to verify which set of data is correct between systems.

I feel, therefore, that your assumption that this information is suddenly open access to all NHS users is completely flawed.

To access this information, you must have a smart card (and have your name, address and identified by presenting 2 sets of ID), a password known only to you and access to equipment that a) is configured to access PDS and b) access to the NHS N3 network. Therefore, the level of security is pretty good.

The person's details must already be within their local systems, and then gets verified to the national spine/PDS - it doesnt allow you to simply search to find any random person at all. For example, at practice level you can't find anybody unless they are a registered patient with your practice or a temporary registered patient.

In addition, there is a complete audit trail of who has accessed PDS records and when, so any infringement of access can be ascertained and dealt with properly.

However, currently information about patients is sent from place to place by paper, picked up by porters who are contracted out from companies external to the NHS, sent via snail mail to other hospitals where postal workers could open envelopes or couriers open post. There is no audit trail or way to assess how much infringement of private data currently already happens, yet you can be assured that it does.

This is not new - how many government and other agencies already hold basic demographic (or more private) information about you on their systems - Inland Revenue, Council Tax offices, Electoral Role, Phone operators. These organisations treat your information confidentially and fairly, as will the NHS. In the same way that the PDS will not be open access to anybody and everybody, it isnt open access within other government organisations.

So I'm not exactly sure what you are are scared of or what exactly you think will happen - its not as if this information is being published on the internet for everybody to access it. It has clear controls and protocols that are much safer than current processes.

As I said, I remain baffled as this information is not 'simply a few clicks' away for anybody.

All too easy

helenwilkinsonmakey@fastmail.fm

22 Nov 06 15:11

As a former Practice Manager I know it is all too easy to register a temporary patient as a One off FP32 Emergency Patient, One off Immediate and Necessary FP 106 never mind a 3 month Temporary Patient. All a member of staff has to say is sorry I registered the wrong patient! That member of staff will then have what they want the patients current address and ex directory phone number.

Indeed I have been able to ask a doctor friend of mine to check on PDS (he is another totally different Strategic Health Authority/ Cluster area to where I live) that I have been totally removed from PDS as per my Adjournment Debate. He was able to do this without difficult or any questions asked. I personally wanted this checked by someone I trusted. It just proves how easy it is!

I also asked a leading London Hospital Teaching Trust for a copy of my PAS Audit Trial they refused to send it to me on the grounds that it would breach the privacy of their employees! Never mind the fact that I not only had been a patient but was an ex member of their staff too!

In my view PDS is open to serious abuse by both permanent and temporary NHS Staff at all levels.

The only way one can opt out is to withdrew completely from the NHS as a patient which is the drastic action I have had to take to protect my privacy.

Helen Wilkinson-Makey

re:have you actually seen the spine?

preston.demendonca@nhs.net

22 Nov 06 23:11

Yes I have; and along with at least 200,000 other NHS personnel,I have a smart card and access to suitably configured equipment and the NHS network[You need it for choose and book]. With minimal data or preferably the increasingly used NHS number of anyone[the preferred and widely circulated identifier] I can [and so can 200,000others]find anyone registered for NHS services..not just my Practice's registered population.Astonishingly all C&B people have known this for years and all say that this is not their problem to solve. As I tongue -in-cheek suggested,'where is Rita Chakrabarti when you need her....I can find out!' Seriously folks with a smart card out there,I give you consent to find me...you have my name Preston de Mendonca..dob 160554..how long to find my address?For this exercise please use the PDS only.

Can we really trust the government?

ernst.nieschmidt@chorley-pct.nhs.uk

23 Nov 06 21:11

I feel that the comment concerning government and other agencies treating information confidentially and fairly is rather naive. Look at the way the DVLA sold name and adress details with minimal restrictions. And this is only one reported by the media, how many more instances? Do we really know who will have access to this information? The government has a vested interest in convincing us that the information is secure. Does anyone really trust the government with any confidential information anymore?