Health privacy … breaking news …

The Chief Medical Officer, Sir Liam Donaldson, has written a letter to all GPs and hospital medical directors telling them that if patients try to opt out of the central collection of their medical data, the Secretary of State must be told. This follows a campaign that I’ve been helping and that has attracted strong support – in the press, from GPs and from public opinion.

This letter orders GPs to break patient confidentiality – and apparently for the noble purpose of news management. I understand that at least one GP will be reporting Sir Liam to the General Medical Council. It is entirely up to the patient to decide whether to send an opt-out letter to their GP, to Ms Hewitt, or to both. It is not for a civil servant – even a very grand one like Sir Liam – to unilaterally override the wishes of those patients who decide to write to their GP but not to Ms Hewitt. (It’s also somewhat amusing as, only a month ago, officials were telling patients who tried to opt out that their GPs would decide whether to upload data.)

Developing …

28 thoughts on “Health privacy … breaking news …

  1. Donaldson has been fiercely criticised by GPs and others – see story in the Guardian today. There’s also a story in the Daily Mail (p2, not in the online version).

    About 11 last night – after the Guardian and Mail had gone to print – the Department of Health released the letter with which it’s responding to opt-out requests that use the text suggested by the Guardian. This basically tells patients to get lost. The civil servants exploit some minor inaccuracies in the Guardian letter (which I mentioned at the time – see note 1 here but also make a number of material misstatements. This kind of nitpicking is about what we’ve come to expect from the Department of Health, who are clearly rattled.

    If you want to opt out of NHS central data collection I’d suggest you use the properly drafted letter available from and send it to your GP rather than to the Secretary of State.

  2. One question, are the telecommunications lines between the data centres that host our medical records encrypted/decrypted? (including the backup sites?), and how do they share the keys!?, one would guess they don’t, and are therefore our medical information, one conjectures, in the hands of the security services anyway.

  3. This is how the whole story started back in 1995 – the DoH said it would not encrypt the NHS network ‘because there are no experts on encryption in the UK’. The BMA called me in to investigate. It turns out that encryption is the least of your worries. The government controls the data centres in which your records will be kept, so they have no need to do wiretapping. The N2 contractor, BT, says there will be encryption, but this is irrelevant to privacy – if anything it’s harmful, as it’s there in order to confuse the public. If you criticise BT for running insecure health systems in London their response is a list of all the crypto, firewalls and other goodies that they have put on their network. The security issue isn’t outsiders, but insiders; it’s that only the ten people who work in your GP’s surgery should have access to your records, not the 1,000,000 people who work for the NHS

  4. Isn’t RBAC and PKI meant to solve all those issues? 🙂 What about the value of penetration tests?

  5. You probably want to read this speech. It describes essentially the plans Google have for providing a portal to allow an individual to manage their medical data and share it with professionals.

    This stuff is still in development, but Adam Bosworth, the author, has a long track record of successful, ground breaking software development. The questions around privacy and uptake are obvious and intriguing.

  6. Although involving a GP in the cross-fire is the sort of thing you might want to check with them informally first, one thought does occur to me. What would happen if you wrote a letter to your GP, stating that you believe that uploading your records to central government is against your wishs, and marking the letter itself as part of your medical records? Where would Liam Donaldson stand then.

  7. I wrote to Patricia Hewitt and sent a copy to my GP early in July 2006. I had the ‘I’m fobbing you off’ latter from Lord Warner at the end of October.
    I saw my GP last week. He is delighted – I am to be his guinea-pig.
    Keep up the good work!
    Margaret Mar

  8. My GP – who has always been top notch – has not only added the appropriate Read code to my record, but has responded with a copy of Sir Liam Donaldson’s letter with the words “I DIDN’T!” written next to the CMO’s instruction to inform him of the request. At least there are still some thinkers out there… 🙂

  9. Here is the BCS report. Many juicy bits including ‘The NPfIT is ultimately intended to provide vastly increased amounts of patient data for secondary purposes, including NHS management, planning and research. So although the associated confidentiality issues have been with us as long as electronic patient data has been available in significant quantities, the requirement to tackle them is now more urgent than ever. People using patient data for secondary purposes should obtain patient consent to use personally identifiable data or should only be able to use anonymised/pseudo-anonymized data’

  10. I fully support those GPs who are concerned at the breach of patient confidentiality that is latent in the government’s request to upload patient data.
    I would like The BMA to stand fast against the government and consider piloting their own alternative medical data portal site for holding essential UK patient data with Google. Essential data being allergies, penicillin resistance, GP’s contact details accessible only by medical professionals. Requests for more detailed information have to be made to a patient’s GP, Thus ensuring the GP remains the gatekeeper to more sensitive medical data.

    Yours sincerely
    Tom Griffin

  11. My main reason for objecting isn’t actually the security issue since I don’t have much of a medical record anyway. But I do object to this nanny state telling me that my records should be uploaded because it would be useful for a doctor who NEEDS to treat me. Don’t I own my own body anymore?

  12. The prob with not having much in the record just now is that it might not stay that way.
    Chances are the doctor will not have the time to read your medical records to get the info.
    As for owning your own body. There are people such as Tam Fry, the chairman of the Child Growth Foundation that think children should be forced to be weighed for research. In his words:
    “The Social Care Act says that when there is an urgent need for medical information it can override an individual’s right to refuse.”
    If they can force children to d this so they can get their stats, do you think they will care about your data? CfH will have all the info they need.

  13. behind you 100%. Glad to see Christopher Booker also backs you on p23 Sunday Telegraph May 18th. He directs us to http://www.TheBigOptOut but got an error message when I tried to do so. Where else can I get copy of the letter (updated or not)? Last year I notified my GP, who agreed with me but this was before your letter and I want to send that in addition now. Please advise or copy letter to my e-mail address. Thanks.
    P.S. I know Joanna Lumley is anti ID & probably would support this too. Try & get a copy to her if you have a contact address.

  14. In view of the Government’s lamentable
    {and wasteful record in I.T.attempts} I would not agree to like proposals if
    offered to my Veterinary Surgeon.

Leave a Reply

Your email address will not be published. Required fields are marked *