Feeds

Patients gain right to scrub e-records from NHS database

Forceps, scalpel, data deletion tool...

Secure remote control for conventional and virtual desktops

NHS patients will be given the ability to scrub electronic records of their treatments and medical conditions from a proposed national medical database.

The concession to patient privacy and data protection follows negotiations between health service officials and data protection watchdogs at the Information Commissioner's Office (ICO), The Guardian reports. Patients - who already had the right to opt out of the scheme - now have the right to have their medical records deleted instead of simply masked once they are put onto the system.

Health officials have previously fended off security concerns about data transmitted over the NHS extranet, which is called the Spine. They also claimed as recently as last month that the cost of running a system for deleting individual summary care records (SCRs) would be too expensive, instead offering to put in place a system to hide records from general access while still retaining them on the database.

The summary care records are designed to provide NHS doctors and nurses with ready access to care records irrespective of whether a patient has visited a particular hospital or facility before. Details will include past treatments, notes of possible allergies, drugs being taken and medical conditions already being treated. The information would be particularly useful in cases where a patient is in no state to answer questions, or is responsive but unable to recall details of their medical history.

The same SCRs could be used to indicate a dying patient's preference not be be resuscitated in cases where they experience a heart attack, for example. Tens of thousands of these summary records have already been established during pilot schemes in Bolton and Bury.

Dr Gillian Braunold, a medical director of the programme, told The Guardian that although most people see the benefits of the scheme, a "significant minority" want no part in it. The change in deletion policy means that "the deletion option is there if [individuals] are not happy they can choose to have [their SCR] deleted physically".

One important exception remains, however. In cases where a patient's SCR file has already been used, then it would be archived rather than deleted for legal reasons, Dr Braunold explained.

Some GPs, as well as privacy activists, oppose the scheme. One of the main concerns is that data held on the system will be accessible to all authorised users instead of only clinical staff treating a particular patient.

The records system is run by NHS agency Connecting for Health (CfH), who people would need to contact with a request to have their medical records deleted. However its unclear what forms and red tape might be involved. Suspicion also remains that the simple act of a GP accessing the records, for example, might be used as a bureaucratic excuse to refuse deletion.

An ICO spokeswoman confirmed that deletion of medical records would now be possible following talks between the watchdog and managers from the CfH.

In a statement, the ICO explained the thinking behind the procedure:

People want the assurance that they can restrict who can access their personal details in NHS electronic records.

We met recently with Connecting for Health (CfH) to discuss the permanent deletion of summary care records once a patient requests their summary record no longer appears on the database.

We are pleased that as a result of these discussions CfH have found a way to ensure that these records are permanently removed from the database when appropriate and we are continuing to talk to them about how this is put into practice.

Information can be removed by contacting CfH and making a request, the ICO spokeswoman added. ®

The essential guide to IT transformation

More from The Register

next story
Hello, police, El Reg here. Are we a bunch of terrorists now?
Do Brits risk arrest for watching beheading video nasty? We asked the fuzz
UK fuzz want PINCODES on ALL mobile phones
Met Police calls for mandatory passwords on all new mobes
Munich considers dumping Linux for ... GULP ... Windows!
Give a penguinista a hug, the Outlook's not good for open source's poster child
EU justice chief blasts Google on 'right to be forgotten'
Don't pretend it's a freedom of speech issue – interim commish
Detroit losing MILLIONS because it buys CHEAP BATTERIES – report
Man at hardware store was right: name brands DO last longer
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
UK government accused of hiding TRUTH about Universal Credit fiasco
'Reset rating keeps secrets on one-dole-to-rule-them-all plan', say MPs
Caught red-handed: UK cops, PCSOs, specials behaving badly… on social media
No Mr Fuzz, don't ask a crime victim to be your pal on Facebook
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Yes, but what are your plans if a DRAGON attacks?
Local UK gov outs most ridiculous FoI requests...
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.