"Better information means better care?" - Don't be fooled.

[nolegion]

If you haven't already had an NHS leaflet entitled "Better information means better care" through your letterbox, you are likely to shortly.

 

In my view, it is a disgraceful document inadequately describing a disgraceful project. Here's an online version of it:-

http://www.england.nhs.uk/wp-content/uploads/2014/01/cd-leaflet-01-14.pdf

 

And here's s a well-written summary of the story so far, courtesy of the Independent,:-

http://www.independent.co.uk/life-style/health-and-families/health-news/your-life-in-their-hands-is-the-caredata-nhs-database-a-healthy-step-or-a-gross-invasion-of-patient-privacy-9042564.html

 

Timetable (according to Pulse, an online magazine for GPs, at 10 01 14):-

 

" Leaflets [without an opt-out form] will be delivered in four waves across different regions, starting with the North this week, followed by the Midlands and East, the South and London in subsequent weeks. Patients will have at least one month to read the leaflet and to register an objection with their practice, if they choose to opt out of sharing their data before the first planned extraction of data beginning in March."

 

The principal, and frankly urgent, point I wish to make is that if you wait to be told more about this by your GPs' practice you may wind up with very little time indeed to try to 'opt out' (so far as possible).

 

Secondly, a mere cursory glance at the leaflet might leave you assuming that the project is about joined-up medical information, potentially to the immediate and direct advantage of your own individual healthcare. It is nothing of the kind. It is about giving third parties, potentially hundreds or even thousands of them, not directly involved in your healthcare at all, access to highly personal information about you, now, frequently (probably monthly) and for ever.

 

And a large part of the project has been designed and will effectively be run by ATOS, the French IT and outsourcing company which has received so much criticism for its handling of benefits claims over recent years. (ref. e.g:

http://uk.atos.net/en-uk/home/your-business/healthcare/business-intelligence/gp-extraction-service.html)

 

Typically, there is also a catch in the apparent 'opt-out'. The newly-created 'Health and Social Care Information Centre' (HSCIC) is already storing personal, identifiable medical information about you – and will go on collecting the same from e.g. hospitals and community services, including mental health out-patient clinics; and there is apparently no way to opt out of that.

 

You can, however, stop the HSCIC giving third parties access to that information – and the way to do this is, oddly, through your GPs.

.

You thus have to tell your GPs:-

 

a) that you don't want any personal confidential details uploaded to HSCIC by the GPs themselves, and

b) that you don't want any personal confidential information shared by the HSCIC with anybody else at all, in any event.

 

When the computerised "data mining" raid ("GP Extraction Service") on your GP records begins, it is supposed to encounter prohibitory 'codes' (entered by your GPs) linked to your NHS number, date of birth, gender and postcode, effecting the required restrictions unless and until you should decide otherwise.

 

You are supposed to be able to give your instructions to your GPs orally – in person or on the phone. I have no faith in this as a route (even assuming you could get to speak to anyone who understood the project in the first place this side of next Christmas) and think it much better to write, preferably recorded delivery.

 

Possible text for such a letter might therefore include:-

 

" Please take whatever steps necessary to ensure my confidential personal information is not uploaded and record my dissent by whatever means possible.

 

This includes adding the ‘Dissent from secondary use of GP patient identifiable data’ code (Read v2: 9Nu0 or CVT3: XaZ89) to my record as well as the ‘Dissent from disclosure of personal confidential data by Health and Social Care Information Centre’ code (Read v2: 9Nu4 or CTV3: XaaVL).

 

I am aware of the implications of this request, understand that it will not affect the care I receive and will notify you should I change my mind. "

 

(Extracted from the very useful and informative:-

http://medconfidential.org/wp-content/uploads/2013/08/Opt_out_letter.pdf.)

 

A standardised opt-out form should, of course, have been included with the NHS leaflet, and also be available at all GP surgeries, right now. But that would have made it easy for patients to opt out, and it is disgraceful that the Department of Health\NHS England should, very deliberately, have made it more difficult and confusing for an entire nation-ful of NHS patients needing to respond within a very tight time-frame.

 

Finally, here's a selection of links for 'further reading':-

 

http://www.care-data.info/

 

http://bma.org.uk/practical-support-at-work/ethics/confidentiality-and-health-records/care-data

 

http://www.england.nhs.uk/ourwork/tsd/care-data/

 

http://www.england.nhs.uk/wp-content/uploads/2014/01/cd-patient-faqs.pdf

 

http://www.nhs.uk/NHSEngland/thenhs/records/healthrecords/Documents/cd-pati-faqs-06012014%203.pdf

Edited January 11, 2014 by nolegion
Corrected link to Independent artcle

[Conniff]

It's strange how one person dislikes something and another likes it. I think the sharing idea is a smashing one. I was very disappointed when the national computer records system was scrapped. Having my full medical records on line for an hospital maybe many hundreds of miles from where I live could be a life saver and so, in my eyes, can the above.

[nolegion]

The "better information"\'care.data' project has nothing to do with joined-up medical records directly benefiting individual patient care.

 

However, the multi-million pound NHS 'spine' project (i.e. eventually, centralised, total, computerised medical records for all) owed its calamitous failure to a number of factors, some of which will no doubt also apply to the, predictable, multi-million pound fiasco this will turn out to be ( incuding political duplicity, managerial incompetence and professional arrogance). Anyone want to bet that there won't be a serious, extensive breach of patient confidentiality as a result of 'care.data' before this year closes? - and a massive 'cost overrun' revealed thereafter?

 

Meanwhile, the further 'project' – to give patients full and immediate online access to their own medical records, which patients could, at their election, share with others if and to the extent they wished to do so - which, in my view, is where the 'thinking' should have started in the first place and could have been truly valuable - shows all the signs of being edged towards the long grass.

Edited January 12, 2014 by nolegion

[Sali]

I hand delivered my opt out letter to be absolutely sure of safe delivery. I looked on the noticeboards for posters or leaflets explaining this project - in vain. The receptionist said I should have filled out a form, but accepted my letter. The forms were only being given out to newly registering patients. She said that she had no idea who was responsible for informing existing patients, but it was not them. I have yet to receive a leaflet through my door.

[nolegion]

That figures. Clued-up patient meets clueless receptionist – the point, or one of them, being that NHS England is issuing over 20 million leaflets without an 'opt-out' form.

 

Not the receptionist's fault, of course. Inadequately briefed, and a pound to a penny she was confusing the situation with last year's possible 'opt out' from the 'summary care record' where 'forms' were indeed available.

 

Here's a further link which, amongst other things, is very specific as regards when one might expect to receive the leaflet.:-

 

http://www.england.nhs.uk/wp-content/uploads/2014/01/gp-update-note.pdf

[annpow]

It seems to have all been designed in a way to give people as little time as possible to firstly be informed and then to opt out if they wish.

 

A lot of GP's surgeries were given less than six weeks notice regarding this data extraction, some surgeries were given less than fifty leaflets to hand out when they had 5000+ patients. They were allowed to copy and forward to patients but it's a lot of time and resources for busy surgeries to spare, not to mention the financial cost especially when budgets are now so tight.

 

I don't want my private and confidential information being sold, I don't want to be contacted by someone trying to offer me services etc based on my medical history. NHS staff are bound by patient confidentiality, why is the NHS allowed to sell patient identifiable data for profit?

[nolegion]

Exactly so.

 

In addition, I think it is deeply cynical of NHS England to say that it is taking care to offer the opt-out - "You have a choice" the leaflet says - and then to print over 20 million leaflets without an opt-out tear-off strip.

 

Further, what the leaflet carefully doesn't make clear is that if you don't opt out in full and by March, the data mining will go on monthly for ever, and extensive third-party access, including to confidential medcial information personally identifying individual patients, togethr with their postcodes, will thereafter be granted without further reference to the patients concerned.

 

See e.g:-

 

" Supporters of care.data have played down the prospect of identifiable patient data being shared as part of the scheme, and much of the debate to date has focused on the release of data which will be ‘pseudonymised’. NHS England is currently in the process of sending a leaflet to every household in the country which reassures patients that their ‘identity is protected’.

 

But Pulse’s analysis reveals that identifiable patient data is already being regularly approved for release by the NHS.

 

Under Section 251 of the NHS Act 2006, the health secretary is able to set aside patient confidentiality for ‘defined medical purposes’, but he has to take advice from the independent Confidential Advisory Group (CAG).

 

The CAG is based at the NHS Health Research Authority and assesses requests to see if there is a ‘sufficient justification’ to access confidential patient information.

 

A Pulse analysis of data published on the CAG website shows that in total 31 requests for identifiable patient data have been approved since April 2013.

 

In addition to this, at least 30 requests for identifiable data were ‘conditionally’ or ‘provisionally’ approved, as long as the applicant sought further approvals. Some 15 requests were rejected for lacking sufficient evidence.

 

 

The applications were mainly for commissioning or life science research, with information such as names, dates of birth, postcodes and NHS numbers requested alongside other medical data.

 

 

 

 

Approved applications include:

• A request from the University of Hertfordshire to access patient notes at six GP practices and pharmacies in order to review prescribing errors
  
• A request from the CQC for all the names and addresses of all adults who had one overnight hospital stay from June to August 2013
  
• A request from the Royal College of Anaesthetists for NHS number, hospital number and dates of birth and death for 40,000 patients who had an emergency laparotomy
  
• A request from Cardiff University for name, NHS number, date of birth, postcode and gender of all children presenting with a thermal injury "
  

(from an article in Pulse published online today: http://www.pulsetoday.co.uk/20005572.article)

Edited January 17, 2014 by nolegion

[annpow]

I found this article quite interesting

 

http://www.gponline.com/bulletin/gp_commissioning_bulletin/article/1227222/should-gps-fear-sharing-nhs-data/?DCMP=EMC-ED-GPCommissioningbulletin-1227222

[Sali]

The NHS say they are not selling our data for profit, only to 'cover their costs' (and the band played Believe It If you Like)!

 

I resented a doctor (I heard on the radio) who suggested that if we are willing to accept NHS services, then we should be willing to share our medical records for the greater good.

 

Trying to prove that your data was hacked, sold for profit or otherwise and then misused will be as difficult as getting an NHS Trust to admit responsibility for poor care.

[nolegion]

" The whole process begins to undermine fundamentally the long established principle of patient confidentiality, and is a recipe for confusion," he said. “The NHS just seems to think patronisingly that all it needs to do is to throw in health-speak phrases such as “improve delivery”, “for the benefit of the service” and “in the public interest”, and people will just roll over and allow their data to be taken because it’s for their own good.

 

I have absolutely no faith in assertions by Government that patient data will be coded in such a way as to guarantee anonymity…There is also the Government’s record as a whole on data management or rather, chronic mismanagement and leakages. I believe that patients themselves, not NHS England, should determine when and where their own medical information is used and for what purposes."

 

(Roger Godsiff, MP)

 

http://www.pulsetoday.co.uk/your-practice/practice-topics/it/mp-tables-motion-to-halt-caredata-rollout-as-2400-patients-call-helpline/20005621.article

 

I would like to think there is enough growing hostility to the care,data project to halt it in its tracks – but frankly I doubt it. NHS England has deliberately put grossly inadequate information and too late, to boot.

 

The only safe thing to do is opt out as hard as possible.

Edited January 22, 2014 by nolegion

[nolegion]

"A substantial number of GPs are so uneasy about NHS England’s plans to share patient data that they intend to opt their own records out of the care.data scheme, reveals a Pulse snapshot survey.

 

The survey of nearly 400 GP respondents conducted this week found the profession split over whether to support the care.data scheme, with 41% saying they intend to opt-out, 43% saying they would not opt-out and 16% undecided.

 

The snapshot survey gives the first indication of GP opinion over the scheme, and comes as leaflets with information about the care.data programme are in the process of being sent to every household in England."

 

From:-

 

http://www.pulsetoday.co.uk/20005648.article

[Marianne7]

I'm preparing opt out letters for my family, but just have a couple of questions.

 

1. Should we also send a copy to the Practice Manager? I ask this knowing how much control over practices they seem to have.

 

2. What would happen if we moved and changed our GP at any time? Would our letter (presumably but not necessarily on file) be passed on to any new GP with our notes or would we have to opt out again?

 

Many thanks for any views.

Edited January 29, 2014 by Marianne7
Mistake

[silverfox1961]

I'm preparing opt out letters for my family, but just have a couple of questions.

 

1. Should we also send a copy to the Practice Manager? I ask this knowing how much control over practices they seem to have.

 

If you were to physically hand over the document to the receptionist, it should get to where it is needed

2. What would happen if we moved and changed our GP at any time? Would our letter (presumably but not necessarily on file) be passed on to any new GP with our notes or would we have to opt out again?

 

As most patient records are now on computer, the doctor should be placing a note on those records that data is not to be shared under this scheme. I would imagine (but cannot say for certain) that when a patient changes GP those notes should automatically transfer but to be sure, ask the new GPs receptionist and have copies just in case.

Many thanks for any views.

 

I hand delivered a letter the other week. There was a notice on the board about the scheme but I had to ask he receptionist if they had the dissent letter available. they did but it was behind the scenes rather than being available to just pick up.

[nolegion]

The literature on this indicates that once the relevant 'codes' are entered into the record that opts the patient out forever.

 

Like the previous poster, though, I would certainly double-check this if I were to change practice any time soon, to avoid any possible 'misunderstanding '- and because this project has 'teething problems' written all over it.

 

Handing dcouments in at reception ought to work fine. I go for the bore and expense of recorded delivery postage solely on the off chance that the practice might one day wish to deny receipt. A hospital once did that to me with a hand-delivered subject acceess request under the Data Protection Act, and once bitten...

[Sali]

Oh, your experience of denying receipt of a hand delivered letter makes me a little nervous.

 

Reading the leaflet (received on the 31st) also made me question whether I have made myself quite clear in my letter to the GP. The leaflet says you must make your GP aware if you do not want data that identifies you being shared outside the practice. The next paragraph refers to personal data from other places that you receive care and says "You should also let your GP practice know if you want to prevent the information from those places being shared." This suggests that a note has to be placed in TWO areas.

[nolegion]

Yes, Sali. that's how I understand it. One needs to instruct one's GPs both that you wish them not themselves to upload any personal medical details to the" health and social care information centre", AND that you don't want that centre to 'share' any details about you that they have already obtained or will obtain from other sources either.

 

When the data mining starts, progressively round the country from this March, the 'raiding program' run by Atos is then supposed to encounter two different codes linked to your personal details one of which will stop the upload of more than name, national health number d.o.b gender, and postcode from the GPs. The other, if entered by the GPs, will be linked to your outline data, and (in theory, at least) will then operate to instruct the HSCIC from further promulgation of your highly confidential medical details in the future.

 

If 'the raid' only enounters the first code, then the GP-based medical records will , supposedly, not be uploaded; but one will have failed to prevent the HSCIC from doing what he hell it likes with any other data it gets hold of about you - including on a totally 'un-anonymised' basis

 

This could all have been addressed by including a two-tick-box opt-out form with the 'information, leaflet'. NHS England is relying on people not understanding what is really required in order to declare the project a 'nationwide success' and 'supported by the vast majority of patients', no doubt . And that is a cynical, deceitful, bullying disgrace.

 

Of course, probably sooner rather than later, the IT side of the project will fall over, catastrophically and repeatedly, in any event - so no-one will know how much highly confidential information is where or how well 'protected', forever thereafter. And milions, even billions, of NHS money will have been poured down the drain.

[nolegion]

On second thoughts, it would be better to say the entire matter could have been addressed by a One-tick opt-out form. For who, deciding that they didn't want their GP records uploaded, would be likely to want to allow confidential medical details from other sources to be viewed by those not directly involved their medical care, anyway?

 

The 'dual opt- out' requirement is just another aspect of the confusion designed into the project to obstruct dissenting patients.

[nolegion]

Dr Gordon Gancz is clearly someone who has the courage of his convictions. Good man.

 

" A GP faces possible termination of his contract over his plan to opt all his patients out of NHS England’s flagship data-sharing scheme, Pulse can reveal.

 

Managers from Thames Valley area team have sent Oxford GP Dr Gordon Gancz a ‘notice of remediation’ to force him to remove any opt-out codes for care.data he had added without explicit patient consent, saying that he was in breach of his contract.

 

The notice - sent last week -also says that he must ‘remedy this breach’ by removing notices on his practicewebsite about his plan to opt all his patients out of the scheme.

 

Managers said that his actions were in breach of NHS England’s requirement that ‘patients will automaticallybe included unless they indicate to their practice that they wish to opt out’.

 

Dr Gancz now faces either taking the action specified in the letter, or potentially having his contract terminated."

 

From: Pulse:-

 

http://www.pulsetoday.co.uk/your-practice/practice-topics/it/gp-threatened-with-contract-notice-over-plan-to-opt-all-patients-out-of-caredata/20005749.article

 

The whole of the article is worth a quick read (and the comments appended).

[nolegion]

' One of the problems with the mailshot was that it didn't come with a simple opt out form for patients to fill in and hand to their GP practices to allow them to easily object to their medical records being shared within the NHS …

 

NHS data chief Tim Kelsey admitted today that the health service had failed to adequately inform patients about how they can opt out of having their GP medical records shared throughout England.

 

A leaflet carelessly posted out in among junk mail to 26.5 million households across the country was not "clear enough on the website or in the information that's been sent out [about] exactly what data is going to go and what is not going to go", the Information Commissioner Office's Dawn Monaghan told BBC Radio 4's Today programme this morning.

 

Kelsey said in response: "I think that maybe we haven't been clear enough about the opt-out, I agree with that." '

 

From:

 

http://www.theregister.co.uk/2014/02/04/care_data_medical_records_optout_not_clear_enough_admits_nhs_info_boss/

[Sali]

Well, I have to say I thought it a little odd that I would have to opt out twice! As you say, why on earth would I choose for my GP not to make personal medical information available to all and sundry, but be happy for data from other sources to be uploaded? It's devious!

 

I was listening to Radio 4 the other morning. What I find quite exasperating is the obfuscation. People should be told absolutely clearly that their personal information WILL be identifiable (by NHS number and postcode) and made available to other parties. I felt neither the 'for' or 'against' contributor made that absolutely plain.

 

The NHS are relying on people's apathy or a lack of understanding (because they have failed to explain) to make this project a 'success.'

 

I, too, think it will be only a matter of time before there is some security breach or, more likely, the data is 'accidently' sold off to a dubious source. They will have an enquiry that will cost a bundle, but nobody will ever be made accountable. Such is the way on our right little, tight little island.

 

I'm with Dr Gancz - it should have been an opt in and not a opt out. He should have kept quiet. Now he's got the heavies on him and he doesn't stand a chance.

[honeybee13]

I'm very grateful for this discussion, guys, it has confirmed what I suspected.

 

Like Sali, OH and I thought we had already opted out of having our data shared, but having read recent comments, we have done new letters based on what nolegion wrote yesterday.

 

And what isn't addressed in my view is the security of your data. I've said in the past that the government's record on keeping our information confidential isn't too smart, and now they want to send it to other agencies.

 

Thank you.

[nolegion]

It gets worse, HB.

 

Before starting this thread I telephoned the care.data "dedicated patient information line" (number in the "Better care" leaflet: 0300 456 3531), to ask, in particular, for more precise information about the 'opt-out(s)'.

 

It was quite a struggle to get the person I dealt with to acknowledge that there were, indeed, two components to the opting out. As discussed earlier, the first is about the uploading of information from the GPsrecords, the second about the sharing of information garnered by the HSCIC fromother sources, such as hospitals.

 

I was firmly assured that if opt-out 'part 1' was achieved, then NO data about me would be uploaded by my GPs. As regards 'part 2', yes, there would be a further 'code' entered into my records by the GPs in response to my specific instructions in this further regard - and I was equally firmly assured that that would operate to instruct the HSCIC not to share with third parties any other identifiable medical data it held about me.

 

Now, I'm sure you can see the problem there, even if it took a bit of time and patience , to get the 'dedicated helper' to see it. If part 1of my instructions worked to prevent ANY part of my medical record being uploaded to the HSCIC by GPs, how would the HSCIC ever know about 'part 2' of my instructions (lodged in my GP medical records)?

 

 

My 'helper' then said it must be the case that sufficient information to identify me as a patient would be uploaded from the GPs anyway, along with the opt out codes – but I needn't worry about that 'identification information' being linked by the HSCIC to my GP records because those records wouldn't be uploaded by virtue of my 'part 1' instructions. (An understanding I have reflected in e.g. post #16 above.)

 

I'm beginning to have even more serious doubts about the realities of the opt-out(s) - and the candour of the 'helpline' - but, in case it was me who had got the wrong end of the stick I rang it again this evening (they work out of hours I'm glad to say). I got exactly the same reluctance to acknowledge the opt-out complexities but exactly the same answer as regards GP records: opt-out ( part 1) prevents upload of your medical data by GPs. I was given vehement assurance on this point plus reference to the Data Protection Act, and confidentiality etc.

 

What made me think again is this extraordinary written answer to a parliamentary question which appeared in yesterday's Hansard:-

 

http://www.theyworkforyou.com/wrans/?id=2014-02-04a.185516.h&s=department%3AHealth

 

The question was carefully phrased but is met with a 'holding' (i.e self-confessedly incomplete) response which blatantly evades the question actually asked, and contains its own glaring self-contradiction in its first paragraph:-

 

"In terms of information which identifies a patient, NHS England's “Better information means better care” leaflet sets out how people can ask their GP practice to note their objections, which will prevent confidential, identifiable data about them being used by the care.data programme, other than in a very limited number of exceptional circumstances."

 

I see. And how exactly, in such exceptional circumstance, could the care.data programme 'use' GP-based confidential identifiable data about a patient which, because of the patients previously-registered objections, the care.data programme shouldn't possess in the first place?

 

I thought I might 'do a Columbo' and ring the helpline, yet again, with a 'just one more thing that puzzles me…' but I am a bit too tired, tonight.

 

Anyone else care to get some sense out of them? What exactly will be uploaded from GPs computerised records starting next month, even if you have registered all possible objections? It seems to me that neither the party line nor the help-line is being honest about this.

 

I think one could, to say the least, 'smell a rat' from the appallingly unclear text of the information leaflet and its failure to provide an opt-out form. It's now abundantly clear that MPs don't understand what is going on either. This project should be completely stopped in its tracks unless and until everyone is properly informed as to what is actually intended.

[nolegion]

Here's a pretty 'infographic' usefully published by Pulse.

 

http://cms.pulsetoday.co.uk/Uploads/2014/02/03/t/e/v/HowCareDataWorks-2.pdf

 

It shows the need for the two opt-outs. If you don't secure the 'purple blob' on the right (as well as the orange one on the left) then, down the line, completely identifiable personal medical information about you could be being viewed by whomsoever the government of the day wants to allow to see it.

 

From a different edition of the same magazine:-

 

"The information due to be extracted from GP systems in England for care.data includes family history, vaccinations,diagnoses, referrals, NHS prescriptions and biological values such as blood pressure and BMI. Identifiable information – NHS number, gender, postcode anddate of birth – is also included, to enable the Health and Social CareInformation Centre (HSCIC), which will initially hold the data, to match GPrecords to those from hospitals and elsewhere. Free text will not be included."

It is important to take on board the fact that, unless you are opted out on the GP side, the identifiable data raiding only starts over the next few weeks. It is planned that "the GP extraction service" (Atos) will go on conducting such raids every month, thereafter.

[Sali]

So, in essence, I can prevent my data from being uploaded from the GP practice, (orange blob on flow chart) but I cannot prevent my personal data from other sources from whom I might receive care being made available to god knows who? Because even if I select opt out 2 (purple blob) on the flow chart my identifiable data, as I read it, will still pass from the hospital to the HSCIC. The only thing opt out 2 prevents is the HSCIC passing on my data to the Confidential Advisory Group. The flow chart suggests my identifiable data will still be passed on to Commercial Companies, Rearch Bodies and NHS organisations. Which is what I wanted to prevent.

 

So effectively there is no opt out 2?

[annpow]

This a link to a petition regarding this, I've signed

 

http://action.sumofus.org/a/nhs-patient-corporations/2/3/?sub=mtl