A catalogue
of data loss		 A Database State Our Pledge Your data for sale? An opt-in works just fine
Who is the data controller for my uploaded records? What is "enrichment"? What about my children's records? Can I ever get my uploaded records deleted? How do I get my "visible" records "blanked" ?
How do I find out when my data has been accessed by data and by whom ? "Permission to View" changes nothing What is the PDS ? Don't GPs share information? Won't the NHS Database save my life?
What about "end-of-life" care plans? True or False? Take control of your medical records How do I give my explicit consent and opt in? How can I opt out?
What is the Hampshire Health Record? The damning reports and reviews BMA policies on the NHS Database Useful documents FOI papers from pilot sites
Press articles Other ways to make your information available

The damning reports and reviews:

On the 3rd January 2008 the parliamentary Justice Select Committee produced a damning report into the way that the government mishandles private data in the wake of the HMRC child benefit records scandal. To quote the report:

"The roll call of banks, retailers, Government departments, public bodies and other organisations which have admitted serious security lapses is frankly horrifying."

"We are extremely concerned to hear from the Information Commissioner that there are more cases involving the loss of personal data which have not yet fully come to light. The warning which he issued in the summer about the dangers of mishandling personal data and the extensive security lapses in a wide range of organisations has been proved correct."

"There are, however, substantial risks associated with large databases which contain personal data and which are open to large numbers of licensed users."

"There is evidence of a widespread problem within Government relating to establishing systems for data protection and operating them adequately."

On the 4th March 2008 the parliamentary Joint Committee on Human Rights produced another damning report into the way that the government mishandles private data in the wake of the HMRC child benefit records scandal. To quote the report:

"However, it would be wrong to see these errors and lapses as unfortunate "one-off" events. In our view they are symptomatic of the Government's persistent failure to take data protection safeguards sufficiently seriously by defining data sharing powers more tightly in primary legislation and including detailed safeguards against arbitrary or unjustified disclosure. The rapid increase in the amount of data sharing has not been accompanied by a sufficiently strong commitment to the need for safeguards. The fundamental problem is a cultural one: there is insufficient respect for the right to respect for personal data in the public sector."

"We are surprised, and disappointed, to find that senior public officials need to be reminded of the main principles of the Data Protection Act."

"We regret that it has taken the loss of personal data affecting 25 million people - a "train crash", in the words of the Information Commissioner - for the Government to take data protection seriously. Data protection is a human rights issue and should not be treated as a fringe concern, a matter for rarely-consulted policy documents and procedures which are all too easily ignored."

On the 25th June 2008 the IPCC produced a devastating report into the HMRC data loss.To quote the report:

"(the IPCC investigation) "uncovered failures in institutional practices and procedures concerning the handling of data"

"Our investigation revealed the absence of a coherent strategy for mass data handling"

"there was a complete lack of any meaningful systems"

"a lack of understanding of the importance of data handling"

"a 'muddle through' ethos"

"Corporate data handling was clearly woefully inadequate. Staff found themselves working on a day-to-day basis without adequate support, training or guidance about how to handle sensitive personal data appropriately"

On the 25th June 2008 the Poynter Review produced another highly critical report into the HMRC data loss.To quote the report:

"The loss was entirely avoidable and the fact that it could happen points to serious institutional deficiencies at HMRC"

"There was a general lack of awareness across HMRC Business Units, at least prior to the incident, of the importance of information security"

"The officials involved in this matter had received little or no information security training since their induction into the organisation"

"The fact that no senior HMRC official was involved in the events leading to the data loss raises serious questions of governance and accountability"

On the 25th June 2008 the Burton Review produced a highly critical report into the MoD laptop data loss.To quote the report:

"The Department is not treating information, knowledge and data as key operational and business assets"

"there can be little assurance that information is being effectively protected"

"Outside MOD HQ, with a few notable exceptions, there is very limited understanding of the Department's obligations under the Data Protection Act"

"The standard of reporting of losses laptops, PDAs and USB storage devices is inconsistent and unsatisfactory"

"A serious security event of this nature was inevitable"

And so on the 25th June 2008 The Information Commissioner issued these two central government departments with enforcement notices following their serious and appalling breaches of the Data Protection Act. To quote the ICO:

"The reports that have been published today show deplorable failures at both HMRC and MOD. Whilst these breaches have been highly publicised and involve big numbers, sadly they are not isolated cases. It is deeply worrying that many other incidents have been reported, some involving even more sensitive data."

"It is beyond doubt that both Departments have breached Data Protection requirements and we intend to use the powers currently available to us to serve formal Enforcement Notices on them."

The following are the relevant British Medical Association policies regarding the NHS Database, representing the opinions and wishes of the profession:

That this Meeting strongly supports the principles of clinical confidentiality and:
  • believes the GP role as the data holder of their registered patients' clinical records is fundamental to maintaining confidentiality
  • believes an opt-in approach by the patient (or their appropriate representative) empowers patients to understand the implications of any transfer of patient identifiable clinical information from their record to a third party
  • believes that when releasing information on named patients it is not sufficient to assume implied consent
  • believes patients should be able to ask for a list of the occasions that their Summary Care Record (SCR) has been accessed, and by whom
  • deplores attempts to place obstacles in the path of patients wishing to restrict the distribution of their medical records
Policy group: BMA Annual Representative Meeting, 2009

That this Meeting congratulates the BMA on its successful campaign to remove from the Coroners and Justice Bill the UK government's proposal to breach patient confidentiality by sharing identifiable patient medical records with other government departments and the private sector but:
  • condemns the government for reneging on its undertaking that patient information added to the national care record would never be shared with other departments
  • reasserts its policy that no patient data should be added to the national care record without explicit patient consent (as reference)
Policy group: BMA Annual Representative Meeting, 2009

That this Meeting is aware that as government has demonstrated that it cannot be trusted to maintain secure confidential patient health records, there should be a national publicity campaign to warn patients of the dangers of consenting to their records being held on a national database.

Policy group: BMA Annual Representative Meeting, 2008

That conference deplores the steady erosion of patient confidentiality and requests that the GPC hardens its stance on this issue and promotes a return to the principle of absolute confidentiality that patients have a right to expect from their NHS GP.

Policy group: BMA General Practitioners, 2008

That conference, in view of the government's unparalleled reputation for not being able to store records safely, has no confidence in the government's integrity and calls on the GPC to:
  • promote a national publicity campaign to warn patients of the risks arising from their records being held on a national database
  • reaffirm existing policy that no patient medical data should be added to the national database without the patient's expressed (explicit) consent
  • encourage GPs to support patients should they wish to have their details withheld from the Spine
Policy group: BMA General Practitioners, 2008

That conference is gravely concerned with the implementation of the National Care Records Service (NCRS) and:
  • expects the government to highlight the implications to patients to allow them to choose whether to opt in
  • deplores any potential restriction of access to services for patients who refuse permission for their data to be placed on the spine
  • insists that lessons are learned from the early NCRS adopter sites and requests GPC to urgently clarify whether accepting implied consent when uploading patient medical data to the National Care Record Service breaches the Data Protection Act, GMC guidance on patient confidentiality or otherwise places a GP in jeopardy
Policy group: BMA General Practitioners, 2008

That this Meeting believes that:
  • patient information and data uploaded into the proposed NHS clinical care record is not secure and confidential
  • the BMA should advise all its members not to co-operate with the proposed centralised storage of all medical records as this seriously endangers patient confidentiality
  • any potential restriction of access to services for patients who refuse permission for their data to be placed on the Spine is to be deplored
Policy group: BMA Annual Representative Meeting, 2007

That conference demands that given the large sum of public funding which has been spent on the National Care Records Service to date it is incumbent upon the government to ensure that:
  • the National Care Records Service is fit for purpose
  • only authorised NHS staff who are caring for a patient at a particular time are able to request and access information about that patient on the spine
  • the public is fully informed about the exact nature of the information that is held on the central Spine
  • all patients should be given the autonomy to opt in to having their records held centrally and conference advises GPs and their families to consider withdrawing themselves from the Spine as an example to the Nation
  • all matters of confidentiality are assured, before further progress is agreed with the GPC in connection with the implementation of connecting for health
Policy group: BMA General Practitioners, 2006

Useful documents relevant to the NHS Database:

Relevant documents from the Information Commissioner's Office:

The implementation, cost, progress, problems, risks and issues faced by the Summary Care Records pilot sites are overwhelmly in the public interest.

Highlight Reports and Project Board minutes from five of the Summary Care Records pilot sites can be found here. Please note that these papers were released under the Freedom of Information Act and, if appropriate, remain copyright © of the respective PCTs. All of these documents and files are available to anyone from the respective PCTs by means of the FOI Act.

Latest papers:

Information from SWEssex PCT from August 2008 onwards can be found here:

Current status, Highlight Reports and Project Board minutes from other 'Fast Follower' Summary Care Record sites can be found via the following links:

Agendas, minutes and items from the meetings of the Summary Care Record Advisory Group (SCRAG) can be found here.



Campaign for FOI




WhatDoTheyKnow?

Read the independent evaluation of the Summary Care Record early adopter programme by UCL
and what was left out of the UCL report....

Press articles regarding the NHS Database, with particular emphasis on the GP Summary Care Record:

Press articles regarding data-sharing, SUS, access to medical records etc.:

The NHS has experienced its own data loss catastrophies and security breaches as well:

The Open Rights Group have an excellent page on the NHS Database, with links to numerous press articles. They also have a comprehensive page on UK privacy debacles.

 ORG

NHS IT is another excellent site with a dossier of information relating to concerns over the current progress and direction of NPfIT.

 NHS IT

The top 10 public sector data losses – so far.

 Computing article

The Oaklands Practice does NOT hold any medical records on laptops, USB sticks or other portable devices.

The Oaklands Practice has signed up to the
Information Commissioner's Personal Information Promise.

 PIP pledge

The Oaklands Practice will NOT upload our patients' medical details to the Hampshire Health Record database without their active and explicit consent.

If you feel that people should be able to completely delete their NHS Database/Summary Care Record if wished, please consider signing this e-petition.

 The Big Opt Out

For further information regarding the NHS Care Records Scheme, and about opting out, please visit the following sites:

The Big Opt Out

 The Big Opt Out

NHS Care Records

 NHS Care Records

This non-commercial website represents the personal views of Dr Neil Bhatia, GP and Caldicott Guardian for the Oaklands Practice

Next page: Other ways to make your information available, Comment on this site