Feeds

Care Bears... share: NHS England promises to heal careless data-sharing plans

But outcome of audit will only partially be made public

Website security in corporate America

NHS England is still reeling from accusations that the health service – among other things – allowed a consultancy outfit to pump sensitive patient data onto Google servers.

Critics have argued that the apparently carefree and careless approach to sharing hospital records with private companies simply highlighted that a cautious, transparent and trustworthy approach was needed with NHS England's now six-month delayed GP medical records plan, dubbed care.data.

The Health and Social Care Information Centre - the body responsible for keeping patients' data secure - said this morning that its execs had agreed to conduct an audit of all the data releases made by its predecessor NHS Information Centre.

When quizzed last week by MPs about the NHSIC, which - it was claimed - had been found to have sold hospital records to insurers, the government's health undersecretary of state Dan Poulter batted away questions by declaring that such allegations related to actions taken by the HSCIC's predecessor prior to new legislation being put in place to tighten controls.

He said at the time:

The Health and Social Care Information Centre has much stronger safeguards in place than the NHS Information Centre did, which was the predecessor body, because of the 2012 [Health and Social Care] Act.

In other words, it hadn't happened on the HSCIC's watch. Since then, the organisation has been battling a three-pronged privacy storm.

In an effort to be seen to be doing the right thing, the HSCIC said it was beefing up its board by bringing in three non-exec directors ahead of publishing a report early next month that will make public "all data released under" the 11-month-old body.

The Register sought clarification about exactly what information would be released in that report from the HSCIC.

We asked: Will the HSCIC be publishing details of all data released under the NHSIC? If not, why not? And what will the audit achieve, if it's not transparent with the public about those particular releases?

Initially, the organisation's spokeswoman told us:

The audit will look at all data released by the NHSIC and will be published.

A tricky statement, readers might agree, that was difficult to parse. We asked for a clearer response, to which the HSCIC's spokeswoman replied:

I cannot give more detail on the form that Sir Nick [Partridge]’s audit will take – this is for him to determine. However, if you see his comment on the press release and that of Kingsley [Manning], our chair, you will see that they are making commitments to transparency.

The press release itself states that the report will be published on 2 April and will detail, among other things, "the legal basis on which data was released and the purpose to which the data is being put."

The HSCIC said it intended to release such information on a quarterly basis to allow members of the public to probe its decisions.

The body is also in the process of reminding outfits and researchers who have access to its hospital data about their responsibilities, the HSCIC's right to audit them and the fact that their names will soon be mud made public, it said.

Manning, meanwhile, appeared to make it clear that data released by the NHSIC will only be looked at behind closed doors. He said:

We very much welcome recent announcements by the Secretary of State, including his intention to strengthen the legal basis of the HSCIC, which will increase patients' ability to object to the indirect use of their data and reinforce the requirement for their interests to be at the forefront when decisions to release data are made.

The HSCIC is absolutely committed to improving its own transparency and engagement with the public. In both reviewing the actions of the old NHS Information Centre and publishing our own decisions, we are encouraging public scrutiny. The clear benefits to patients of research and analysis of medical outcomes must drive our lawful release of data. This is why we were created by the Health and Social Care Act 2012.

The planned amendments (PDF) to the bill are tabled for a Parliamentary showdown next week. ®

Internet Security Threat Report 2014

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.