Feeds

Computer boffin on NHS Spine: Get out while you can

Summary Care Record summarily slammed

Internet Security Threat Report 2014

A leading computer scientist has sounded a warning over an NHS data collection plan, urging patients to opt out.

The Summary Care Record (SCR) scheme will make outlines of medical records available to hundreds of thousands of NHS staff in England. The idea is to provide doctors and nurses in England with easier access to information on patients registered with other doctors without having to call or fax their main medics.

But the approach is fraught with privacy pitfalls while offering questionable clinical benefits, according to Professor Ross Anderson of Cambridge University.

Anderson notes that a similar system was abused when it was introduced in Scotland by a rogue medic who snooped into the medical records of health records of prime minister Gordon Brown and SNP leader Alex Salmond. The doctor concerned was spared prosecution for hacking because of his own medical problems.

The SCR scheme is billed as a means for medical staff to have easier access to information on whether patients are allergic to drugs such as penicillin, but even this limited ambition is liable to fail. "It won’t be available abroad (or even in Scotland) so if you are allergic to penicillin you’d better keep on wearing your dogtag," Anderson argues.

The roll-out of summary care record (“The Spine”) in London has been accompanied by efforts to educate patients about opting out of the scheme via posters and leaflets in general surgeries. By default, patients will be enrolled in the scheme.

Anderson welcomed this action by doctors' organisations while criticising Labour plans to talk up the supposed benefits of the scheme, which he views as one move towards the bigger threat of a database state. Both the main opposition parties, Conservatives and LibDem, oppose the scheme.

A Department of Health spokesman sent us the following:

Patients have at least twelve weeks to decide if they want to have a Summary Care Record and, together with GPs, have had several sources of information on how the records work and the opt-out process made available to them. All patients have the right to opt out and they can also change their minds at any time.

To date, over six million patients have been sent standardised public information packs about Summary Care Records through regional Public Information Programmes. GPs can also direct patients with further enquiries to the dedicated NHS Care Records Service Information Line and the NHS Care Records Service website http://www.nhscarerecords.nhs.uk/Standardised information packs for GPs are also available on the Connecting for Health website.

The patient and GP packs are being supplemented with local awareness and engagement activities such as drop-in sessions and local media coverage. Emerging benefits in Out of Hours and End of Life care in early adopter areas are increasingly winning the support of clinicians.

As regards timescales, this will largely depend on PCT readiness. Roll-out of Summary Care Records is gathering pace. As of 19th February 2010, 1,190,418 Summary Care Records had been created and over 6,000,000 patients had been written to as part of a Public Information Programme.

The opt-out rate remains consistently below 1%.

Approximately 80% of GP practices now have a compliant SCR GP system. The NHS Informatics Planning 2010/11 states that PCTs, as commissioners, should agree a timeline with their SHA for the creation of SCRs at all SCR-compliant GP practices in the financial year 2010/11. It should be stressed that Summary Care Records will not be created immediately after the 12-week period in which patients have to make a decision, but over the timeframe outlined above.

®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.