Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Patients to be ignored over privacy concerns

2 views
Skip to first unread message

TD

unread,
Dec 5, 2006, 11:49:19 AM12/5/06
to
The Sunday Telegraph (and the Guardian [1]) reports [2] that

'The Government is to reject the objections of any patients who do not
want
their medical records on its new centralised computer system.'
...
'An eight-page letter outlining how patients' opt-out requests are being
rejected was placed on the website of NHS Connecting for Health - the
Government agency responsible for the computer scheme - on Friday night.'

'Earlier in the day, Professor Sir Liam Donaldson, the chief medical
officer, had faced fierce criticism from the British Medical Association for
demanding that GPs should "shop" patients who say no to the database.'

'Yesterday, it became clear that Sir Liam wanted the names and addresses
of
objectors in order to write to them to tell them that their request would
not be granted because their reasons were not "genuine".'

Yes, the chief medical officer wants GPs to report on their patients.

Some commentary from Dr Crippen [3] and his readers, also from William Heath
[4], and some interesting posts from the security expert Professor Ross
Anderson on Light Blue Touchpaper [5].

The DoH letter [6] (43Kb PDF) says,

'[you] raised some specific concerns about your personal health
information
being held electronically in a NHS database. indicating that having your
information held by the NHS in this way may cause you substantial
unwarranted distress.'

Substantial and unwarranted distress is mentioned because it relates to a
'right' granted by the Data Protection Act [7] (the right to prevent
processing likely to cause damage or distress). Patients have attempted to
assert this right (with some following the advice [8] printed in the
Guardian) in order to withhold information from the Spine. The letter is
being sent to these patients.

'You have therefore asked the Secretary of State for Health to stop the
process of adding your information to the new NHS database.'
...
'I am afraid that I am unable to agree with your request. The reasons that
you gave as the basis for claiming substantial and unwarranted distress are
not, as I hope I have made clear in the Annex, based on an accurate
understanding of the summary care record. The Department of Health believes
that the summary care record will benefit both you and the clinicians that
care for you in that it supports them to provide better care. There needs to
be, therefore, a genuine reason linked to substantial and unwarranted
distress, for the NHS not to process your information.'

Well, I have two problems with this: first, that we have to assert such a
right in the first place (i.e. why is consent assumed, instead of
requested?); second, that the 'DoH' can disregard what is in fact a genuine
concern held by many patients. Why can we not simply say "I don't want my
data stored on the Spine and I accept the consequences"?

The answer [9] is that the 'public interest' outweighs your right to
privacy - quite authoritarian.

The Annex attempts to give a "detailed response to the reasons for claiming
distress". But I wonder if the DoH will take patients' words for it when
they respond that they remain genuinely distressed.

[1] <http://society.guardian.co.uk/e-public/story/0,,1962336,00.html>

[2]
<http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2006/12/03/nhs03.xml>

[3] <http://www.haloscan.com/tb/drcrippen/116525188909656231/>

[4] <http://www.idealgovernment.com/index.php/weblog/comments/1136/>

[5]
<http://www.lightbluetouchpaper.org/2006/12/01/health-privacy-breaking-news/>

[6]
<http://www.connectingforhealth.nhs.uk/all_images_and_docs/guardian-letter.pdf>

[7] <http://www.opsi.gov.uk/acts/acts1998/80029--b.htm>

[8] <http://society.guardian.co.uk/health/news/0,,1936192,00.html>

[9] <http://technology.guardian.co.uk/weekly/story/0,,1856392,00.html>

<http://ukliberty.wordpress.com/2006/12/05/patients-to-be-ignored/>

PeteM

unread,
Dec 5, 2006, 1:04:04 PM12/5/06
to
TD <tdef...@hotmail.com> posted

>The Sunday Telegraph (and the Guardian [1]) reports [2] that
>
> 'The Government is to reject the objections of any patients who do not
>want
>their medical records on its new centralised computer system.'
> ...
> 'An eight-page letter outlining how patients' opt-out requests are being
>rejected was placed on the website of NHS Connecting for Health - the
>Government agency responsible for the computer scheme - on Friday night.'
>
> 'Earlier in the day, Professor Sir Liam Donaldson, the chief medical
>officer, had faced fierce criticism from the British Medical Association for
>demanding that GPs should "shop" patients who say no to the database.'
>
> 'Yesterday, it became clear that Sir Liam wanted the names and addresses
>of
>objectors in order to write to them to tell them that their request would
>not be granted because their reasons were not "genuine".'
>
>Yes, the chief medical officer wants GPs to report on their patients.


It is anyway not clear that the CMO is the appropriate person to reply
to these letters (which are formally DPA S.10(1) notices). It is the
"data controller" who is obliged to respond to a s.10(1) notice, and as
yet the data controllers are still the GPs, not the DH.


snip


>The DoH letter [6] (43Kb PDF) says,

snip


> 'I am afraid that I am unable to agree with your request. The reasons that
>you gave as the basis for claiming substantial and unwarranted distress are
>not, as I hope I have made clear in the Annex, based on an accurate
>understanding of the summary care record. The Department of Health believes
>that the summary care record will benefit both you and the clinicians that
>care for you in that it supports them to provide better care. There needs to
>be, therefore, a genuine reason linked to substantial and unwarranted
>distress, for the NHS not to process your information.'
>
>Well, I have two problems with this: first, that we have to assert such a
>right in the first place (i.e. why is consent assumed, instead of
>requested?);

There has been a long controversy about it. Essentially, the DH's
position is that obtaining explicit consent from every patient would be
disproportionately expensive. From their point of view, it makes sense.

>second, that the 'DoH' can disregard what is in fact a genuine
>concern held by many patients. Why can we not simply say "I don't want my
>data stored on the Spine and I accept the consequences"?

We can, but we have to say it in court: see below.

>
>The answer [9] is that the 'public interest' outweighs your right to
>privacy - quite authoritarian.
>
>The Annex attempts to give a "detailed response to the reasons for claiming
>distress". But I wonder if the DoH will take patients' words for it when
>they respond that they remain genuinely distressed.

The DH's response is not the last word: it can go to court. S.10(4) of
the DPA states: "If a court is satisfied, on the application of any
person who has given a notice under subsection (1) which appears to the
court to be justified (or to be justified to any extent), that the data
controller in question has failed to comply with the notice, the court
may order him to take such steps for complying with the notice (or for
complying with it to that extent) as the court thinks fit."

So I would guess that the campaign's next step will be to refer the
CMO's letter to a court for a s.10(4) adjudication. Or possibly to
request the GPs on whome the notices were served to respond personally,
rather than pass the buck to the DH. Or perhaps both.

--
PeteM

--
Posted via a free Usenet account from http://www.teranews.com

James Hammerton

unread,
Dec 5, 2006, 4:21:10 PM12/5/06
to
Does anyone know what the situation is in Scotland regarding the NHS
database?

Health is a devolved matter, but I'm under the impression
something similar is going on north of the border.

I've heard that Emergency Care Summaries are already being uploaded, but
I'm not certain about the timing or what opting-out facilities there are
in place (if any).

Cheers,

James

TD

unread,
Dec 5, 2006, 4:52:18 PM12/5/06
to

"James Hammerton" <jamesha...@yahoo.co.uk> wrote in message
news:pan.2006.12.05....@yahoo.co.uk...

I only have this link but it might inspire!

<http://rightforscotland.blogspot.com/2006/06/nao-looking-in-wrong-place-for-nhs.html>


qofda...@googlemail.com

unread,
Dec 6, 2006, 4:24:30 AM12/6/06
to

PeteM wrote:

> We can, but we have to say it in court: see below.
>
> >
> >The answer [9] is that the 'public interest' outweighs your right to
> >privacy - quite authoritarian.
> >
> >The Annex attempts to give a "detailed response to the reasons for claiming
> >distress". But I wonder if the DoH will take patients' words for it when
> >they respond that they remain genuinely distressed.
>
> The DH's response is not the last word: it can go to court. S.10(4) of
> the DPA states: "If a court is satisfied, on the application of any
> person who has given a notice under subsection (1) which appears to the
> court to be justified (or to be justified to any extent), that the data
> controller in question has failed to comply with the notice, the court
> may order him to take such steps for complying with the notice (or for
> complying with it to that extent) as the court thinks fit."
>
> So I would guess that the campaign's next step will be to refer the
> CMO's letter to a court for a s.10(4) adjudication. Or possibly to
> request the GPs on whome the notices were served to respond personally,
> rather than pass the buck to the DH. Or perhaps both.

It would be interesting to know what the 'public interest' actually is.
Most of the arguments in favour of the 'spine' are centred around
personal interest i.e. it will be good for your health. What exactly is
the public interest in having an individuals medical details uploaded,
even if not shared.

The real answer is of course they want to search and generally puddle
around in the data - the public good would be claimed to be medical
research or audit. It is however an argument that they do no seem keen
to make explicitly.

--
Gavin

PeteM

unread,
Dec 6, 2006, 4:39:34 AM12/6/06
to
James Hammerton <jamesha...@yahoo.co.uk> posted

>Does anyone know what the situation is in Scotland regarding the NHS
>database?
>
>Health is a devolved matter, but I'm under the impression
>something similar is going on north of the border.

It is a similar but separate system - the ECSS as you evidently know.

>
>I've heard that Emergency Care Summaries are already being uploaded, but
>I'm not certain about the timing or what opting-out facilities there are
>in place (if any).

The ECSs have been uploaded without consent. The official line is no-one
is allowed to access them without getting explicit opt-in consent from
the patient.

TD

unread,
Dec 6, 2006, 8:45:57 AM12/6/06
to

<qofda...@googlemail.com> wrote in message
news:1165397070.2...@j44g2000cwa.googlegroups.com...
>
<snip>

> It would be interesting to know what the 'public interest' actually is.
> Most of the arguments in favour of the 'spine' are centred around
> personal interest i.e. it will be good for your health. What exactly is
> the public interest in having an individuals medical details uploaded,
> even if not shared.
>
> The real answer is of course they want to search and generally puddle
> around in the data - the public good would be claimed to be medical
> research or audit. It is however an argument that they do no seem keen
> to make explicitly.

IIUC, one aspect of this is the Secondary Uses Service: "to capture process
and enable access and reporting on all data relating to NHS-commissioned
activity". One such secondary use being an 'epidemiological database
covering the whole of England'.

Other uses include 'Payment by Results', 'Standards and Performance
Monitoring', screening and surveillance of public health, and research and
development.

ISTM these are in the 'public interest', but I don't believe such things
outweigh an individual's right to privacy. Surely they could all be
achieved through the use of the Alternative Sealed Envelope method and
anonymised data.

TD

unread,
Dec 6, 2006, 8:53:14 AM12/6/06
to

"PeteM" <Bo...@embankment.org> wrote in message
news:ZN3iyLAU...@none.com...

> TD <tdef...@hotmail.com> posted
>>The Sunday Telegraph (and the Guardian [1]) reports [2] that
>>
>> 'The Government is to reject the objections of any patients who do not
>>want
>>their medical records on its new centralised computer system.'
>> ...
>> 'An eight-page letter outlining how patients' opt-out requests are being
>>rejected was placed on the website of NHS Connecting for Health - the
>>Government agency responsible for the computer scheme - on Friday night.'
>>
>> 'Earlier in the day, Professor Sir Liam Donaldson, the chief medical
>>officer, had faced fierce criticism from the British Medical Association
>>for
>>demanding that GPs should "shop" patients who say no to the database.'
>>
>> 'Yesterday, it became clear that Sir Liam wanted the names and addresses
>>of
>>objectors in order to write to them to tell them that their request would
>>not be granted because their reasons were not "genuine".'
>>
>>Yes, the chief medical officer wants GPs to report on their patients.
>
>
> It is anyway not clear that the CMO is the appropriate person to reply
> to these letters (which are formally DPA S.10(1) notices). It is the
> "data controller" who is obliged to respond to a s.10(1) notice, and as
> yet the data controllers are still the GPs, not the DH.
>
<snip>
>>
>>The answer [9] is that the 'public interest' outweighs your right to
>>privacy - quite authoritarian.
>>
>>The Annex attempts to give a "detailed response to the reasons for
>>claiming
>>distress". But I wonder if the DoH will take patients' words for it when
>>they respond that they remain genuinely distressed.
>
> The DH's response is not the last word: it can go to court. S.10(4) of
> the DPA states: "If a court is satisfied, on the application of any
> person who has given a notice under subsection (1) which appears to the
> court to be justified (or to be justified to any extent), that the data
> controller in question has failed to comply with the notice, the court
> may order him to take such steps for complying with the notice (or for
> complying with it to that extent) as the court thinks fit."
>
> So I would guess that the campaign's next step will be to refer the
> CMO's letter to a court for a s.10(4) adjudication. Or possibly to
> request the GPs on whome the notices were served to respond personally,
> rather than pass the buck to the DH. Or perhaps both.

Many thanks for your response. I should have done a bit more reading before
posting.

It seems utterly wrong that the patient must go to court rather than the
Department of Health simply agreeing with the patient’s request.


PeteM

unread,
Dec 6, 2006, 12:25:27 PM12/6/06
to
TD <tdef...@hotmail.com> posted

>
>IIUC, one aspect of this is the Secondary Uses Service: "to capture process
>and enable access and reporting on all data relating to NHS-commissioned
>activity". One such secondary use being an 'epidemiological database
>covering the whole of England'.
>
>Other uses include 'Payment by Results', 'Standards and Performance
>Monitoring', screening and surveillance of public health, and research and
>development.

None of these need rely for their operation on uploading of personal
medical records to the National Care Records Service. In fact, the
existence of the CRS summary record doesn't help them in the slightest.

All that is needed for accounting, auditing and epidemiology is that,
whenever a treatment event takes place, an anonymised description of it
is sent to the appropriate processing centre. Much as has been done for
several years with hospital episode statistics and the NHS-wide Clearing
Service. That has security risks too, but nothing like the same as
having one's personal medical information deliberately placed on-line
for web access.

>
>ISTM these are in the 'public interest', but I don't believe such things
>outweigh an individual's right to privacy. Surely they could all be
>achieved through the use of the Alternative Sealed Envelope method and
>anonymised data.

SUS will use 'pseudonymised' rather than anonymised records. That is,
the records it processes will carry unique identifiers, but these will
be encrypted versions of the actual identity, so that the data subject
cannot be immediately recognised. However, there will be a mechanism
whereby the "code can be broken" so that a record can be traced back to
its subject if desired.

PeteM

unread,
Dec 6, 2006, 12:38:31 PM12/6/06
to
TD <tdef...@hotmail.com> posted

>
>It seems utterly wrong that the patient must go to court rather than the
>Department of Health simply agreeing with the patient’s request.

DH would doubtless reply that, if Parliament had intended people to have
an *absolute* right to prevent processing of their records on demand,
the DPA would have given it to them. But instead, DPA merely gives
people the right to go to court.

Even if a court *does* agree with the s.10(1) notice, the DH still has
two more shots in its locker. One is to use s.10(2)(a) by claiming that
uploading "is necessary in order to protect the vital interests of the
data subject"; this would satisfy the condition in Schedule 2 para 4,
and would thus invalidate the s.10(1) notice.

If that fails, the DH can simply apply a ministerial diktat. S.10(2)(b)
states that a s.10(1) request is invalid in "cases as may be prescribed
by the Secretary of State by order", which doesn't give much room for
negotiation. But they probably wouldn't want to do that; it's the
nuclear option.

James Hammerton

unread,
Dec 6, 2006, 4:09:11 PM12/6/06
to
On Wed, 06 Dec 2006 09:39:34 +0000, PeteM wrote:

> James Hammerton <jamesha...@yahoo.co.uk> posted
>>Does anyone know what the situation is in Scotland regarding the NHS
>>database?
>>
>>Health is a devolved matter, but I'm under the impression
>>something similar is going on north of the border.
>
> It is a similar but separate system - the ECSS as you evidently know.

My knowledge on the matter is vague (ECSS is a new acronym but one I
guessed in context), I didn't realise things had progressed as far as
you've suggested here!

>>
>>I've heard that Emergency Care Summaries are already being uploaded, but
>>I'm not certain about the timing or what opting-out facilities there are
>>in place (if any).
>
> The ECSs have been uploaded without consent.

Do I have any right to get mine removed?

> The official line is no-one
> is allowed to access them without getting explicit opt-in consent from
> the patient.

How is that policy enforced?

When did the ECSs get uploaded? What publicity was there? Could we have
objected?

Cheers

James


James Hammerton

unread,
Dec 6, 2006, 4:10:48 PM12/6/06
to

Thanks. It does help...

James


PeteM

unread,
Dec 8, 2006, 4:44:56 AM12/8/06
to
James Hammerton <jamesha...@yahoo.co.uk> posted

>On Wed, 06 Dec 2006 09:39:34 +0000, PeteM wrote:
>>
>> The ECSs have been uploaded without consent.
>
>Do I have any right to get mine removed?

You can speak to your GP, but there are people who claim that they were
kicked off their GP's list for asking.

Of course, now that the summaries have been uploaded to the Scottish
Executive Health Department's data centre, it's not within the GP's
control any more.

>
>> The official line is no-one
>> is allowed to access them without getting explicit opt-in consent from
>> the patient.
>
>How is that policy enforced?

Guidelines have been issued to the people who use ECSS. At the moment (I
believe) it is used only by out-of-hours GP services, and nurses at NHS-
24 (Scotland's version of the NHS Direct telephone helpline service).

>
>When did the ECSs get uploaded?

The ECSs were extracted automatically from GPs' computer systems during
the first half of this year. The uploading was completed in June.

>What publicity was there?

I don't know, I don't live in Scotland.

>Could we have
>objected?

I doubt it. The original intent *was* strict opt-in, with GPs having to
ask patients for permission to create an ECS for them at all. That
practice was followed in the regional pilot projects in early 2005, but
it was dropped when the project was adopted nationally. The Scottish
Executive Health Department's view was that people who were not prepared
to share their summary records could not safely be treated by the NHS.

0 new messages