Feeds

Patients gain right to scrub e-records from NHS database

Forceps, scalpel, data deletion tool...

Gartner critical capabilities for enterprise endpoint backup

NHS patients will be given the ability to scrub electronic records of their treatments and medical conditions from a proposed national medical database.

The concession to patient privacy and data protection follows negotiations between health service officials and data protection watchdogs at the Information Commissioner's Office (ICO), The Guardian reports. Patients - who already had the right to opt out of the scheme - now have the right to have their medical records deleted instead of simply masked once they are put onto the system.

Health officials have previously fended off security concerns about data transmitted over the NHS extranet, which is called the Spine. They also claimed as recently as last month that the cost of running a system for deleting individual summary care records (SCRs) would be too expensive, instead offering to put in place a system to hide records from general access while still retaining them on the database.

The summary care records are designed to provide NHS doctors and nurses with ready access to care records irrespective of whether a patient has visited a particular hospital or facility before. Details will include past treatments, notes of possible allergies, drugs being taken and medical conditions already being treated. The information would be particularly useful in cases where a patient is in no state to answer questions, or is responsive but unable to recall details of their medical history.

The same SCRs could be used to indicate a dying patient's preference not be be resuscitated in cases where they experience a heart attack, for example. Tens of thousands of these summary records have already been established during pilot schemes in Bolton and Bury.

Dr Gillian Braunold, a medical director of the programme, told The Guardian that although most people see the benefits of the scheme, a "significant minority" want no part in it. The change in deletion policy means that "the deletion option is there if [individuals] are not happy they can choose to have [their SCR] deleted physically".

One important exception remains, however. In cases where a patient's SCR file has already been used, then it would be archived rather than deleted for legal reasons, Dr Braunold explained.

Some GPs, as well as privacy activists, oppose the scheme. One of the main concerns is that data held on the system will be accessible to all authorised users instead of only clinical staff treating a particular patient.

The records system is run by NHS agency Connecting for Health (CfH), who people would need to contact with a request to have their medical records deleted. However its unclear what forms and red tape might be involved. Suspicion also remains that the simple act of a GP accessing the records, for example, might be used as a bureaucratic excuse to refuse deletion.

An ICO spokeswoman confirmed that deletion of medical records would now be possible following talks between the watchdog and managers from the CfH.

In a statement, the ICO explained the thinking behind the procedure:

People want the assurance that they can restrict who can access their personal details in NHS electronic records.

We met recently with Connecting for Health (CfH) to discuss the permanent deletion of summary care records once a patient requests their summary record no longer appears on the database.

We are pleased that as a result of these discussions CfH have found a way to ensure that these records are permanently removed from the database when appropriate and we are continuing to talk to them about how this is put into practice.

Information can be removed by contacting CfH and making a request, the ICO spokeswoman added. ®

Gartner critical capabilities for enterprise endpoint backup

More from The Register

next story
'Stop dissing Google or quit': OK, I quit, says Code Club co-founder
And now a message from our sponsors: 'STFU or else'
Ex US cybersecurity czar guilty in child sex abuse website case
Health and Human Services IT security chief headed online to share vile images
Don't even THINK about copyright violation, says Indian state
Pre-emptive arrest for pirates in Karnataka
The police are WRONG: Watching YouTube videos is NOT illegal
And our man Corfield is pretty bloody cross about it
Felony charges? Harsh! Alleged Anon hackers plead guilty to misdemeanours
US judge questions harsh sentence sought by prosecutors
Oz biz regulator discovers shared servers in EPIC FACEPALM
'Not aware' that one IP can hold more than one Website
Apple tried to get a ban on Galaxy, judge said: NO, NO, NO
Judge Koh refuses Samsung ban for the third time
prev story

Whitepapers

Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up distributed data
Eliminating the redundant use of bandwidth and storage capacity and application consolidation in the modern data center.
The essential guide to IT transformation
ServiceNow discusses three IT transformations that can help CIOs automate IT services to transform IT and the enterprise
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.