Feeds

Computer boffin on NHS Spine: Get out while you can

Summary Care Record summarily slammed

Seven Steps to Software Security

A leading computer scientist has sounded a warning over an NHS data collection plan, urging patients to opt out.

The Summary Care Record (SCR) scheme will make outlines of medical records available to hundreds of thousands of NHS staff in England. The idea is to provide doctors and nurses in England with easier access to information on patients registered with other doctors without having to call or fax their main medics.

But the approach is fraught with privacy pitfalls while offering questionable clinical benefits, according to Professor Ross Anderson of Cambridge University.

Anderson notes that a similar system was abused when it was introduced in Scotland by a rogue medic who snooped into the medical records of health records of prime minister Gordon Brown and SNP leader Alex Salmond. The doctor concerned was spared prosecution for hacking because of his own medical problems.

The SCR scheme is billed as a means for medical staff to have easier access to information on whether patients are allergic to drugs such as penicillin, but even this limited ambition is liable to fail. "It won’t be available abroad (or even in Scotland) so if you are allergic to penicillin you’d better keep on wearing your dogtag," Anderson argues.

The roll-out of summary care record (“The Spine”) in London has been accompanied by efforts to educate patients about opting out of the scheme via posters and leaflets in general surgeries. By default, patients will be enrolled in the scheme.

Anderson welcomed this action by doctors' organisations while criticising Labour plans to talk up the supposed benefits of the scheme, which he views as one move towards the bigger threat of a database state. Both the main opposition parties, Conservatives and LibDem, oppose the scheme.

A Department of Health spokesman sent us the following:

Patients have at least twelve weeks to decide if they want to have a Summary Care Record and, together with GPs, have had several sources of information on how the records work and the opt-out process made available to them. All patients have the right to opt out and they can also change their minds at any time.

To date, over six million patients have been sent standardised public information packs about Summary Care Records through regional Public Information Programmes. GPs can also direct patients with further enquiries to the dedicated NHS Care Records Service Information Line and the NHS Care Records Service website http://www.nhscarerecords.nhs.uk/Standardised information packs for GPs are also available on the Connecting for Health website.

The patient and GP packs are being supplemented with local awareness and engagement activities such as drop-in sessions and local media coverage. Emerging benefits in Out of Hours and End of Life care in early adopter areas are increasingly winning the support of clinicians.

As regards timescales, this will largely depend on PCT readiness. Roll-out of Summary Care Records is gathering pace. As of 19th February 2010, 1,190,418 Summary Care Records had been created and over 6,000,000 patients had been written to as part of a Public Information Programme.

The opt-out rate remains consistently below 1%.

Approximately 80% of GP practices now have a compliant SCR GP system. The NHS Informatics Planning 2010/11 states that PCTs, as commissioners, should agree a timeline with their SHA for the creation of SCRs at all SCR-compliant GP practices in the financial year 2010/11. It should be stressed that Summary Care Records will not be created immediately after the 12-week period in which patients have to make a decision, but over the timeframe outlined above.

®

Mobile application security vulnerability report

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Black Hat anti-Tor talk smashed by lawyers' wrecking ball
Unmasking hidden users is too hot for Carnegie-Mellon
Attackers raid SWISS BANKS with DNS and malware bombs
'Retefe' trojan uses clever spin on old attacks to grant total control of bank accounts
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.