back to article Here we go again: New NHS patient database plan sets off alarm bells

A paperless NHS that stores patient records in the cloud will be floated by Health Secretary Jeremy Hunt today. His plan to get medical files into a giant database by 2018 is already stoking fears given the public sector's poor record of protecting sensitive information. Hunt will claim in a speech to right-wing think tank …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Facepalm

    The NHS and electronic patient records...

    What could possibly go wrong?

    Has the fiasco that was the NHS Spine totally passed Hunt (I prefer The Today Programme's pronunciation) by?

    1. Anonymous Coward
      Anonymous Coward

      Re: The NHS and electronic patient records...

      <Warning: Informed comment>

      The thing is, virtually every GP practice has had electronic patient records for ages courtesy of EMIS LV (google it) even if they don't know what electronic patient records are. These records can also interoperate with a wide variety of medical software which lets the average GP practice interoperate with everybody else using software that accepts open data formats.

      Having worked for the NHS at a county level, I can say that >80% of surgeries in my county are using EMIS. (it used to be >90% before generous bribes, (ahem incentives, of course) were offered to practices to switch away from it. Those that were using the government recommended solutions generated more support issues than all of the others put together, because EMIS is simply a lot better written and fault tolerant than the competition. Doctors know this quite well since they all meet up occasionally, which is why you'll pry EMIS out of their cold dead hands.

      You can't force GP's to use something more useless, because they are and always have been independent for profit businesses. (screaming about privitising the NHS always somehow glosses over that little fact!)

      My solution? Specify one set of open interchange formats for medical businesses and declare job done. GP's could swap electronic records 20 years ago via modem, so where is the problem?

      The problem only exists at the NHS PCT level. Why? IMO: political interference in operation decisions. Your opinion might differ.

      1. Anonymous Coward
        Anonymous Coward

        Re: The NHS and electronic patient records...

        Oh I know all that, I used to work for the NHS, I was simply referring to the fact that the last concerted attempt to do what Hunt wants was a collossal clusterf**k!

        1. Anonymous Coward
          Anonymous Coward

          Re: The NHS and electronic patient records...

          "I was simply referring to the fact that the last concerted attempt to do what Hunt wants was a collossal clusterf**k!"

          Except that, much as I hate Hunt for all manner of reasons, that's not what he's saying. They want a network of systems interconnected and able to share information on demand in a standardised way, rather than one giant single database with a tiny handful of possible front-ends.

          Anyway, it's not new, it's classic politicians announcing old news as their own idea. Until October I was working for a Council on interoperability with the NHS, and this idea of interconnecting standards, through the Interoperability Toolkit, has been around for at least 2 years, although it may or may not have been official policy, that's what everyone was working on.

      2. The Original Steve

        Re: The NHS and electronic patient records...

        So really, define a standard interface that EMIS supports off the bat, create a central broker / proxy and all queries hit this proxy, which then forwards / redirects to the appropriate GP's surgery EMIS DB.

        Only central data is name, NHS no, postcode and location of the actual DB that houses the patients records. Maybe DOB too.

        Auditing DB with every access attempt (who, where, when and what) - no bulk viewing and all read only. Single record can be viewed at a time, no browsing - access by name, postcode and DOB OR NHS no plus one other piece of data as above.

        Cheap and easy. Get away with a couple of tables. DB replication, a load balancer and slap it into a datacentre with diverse network and power.

        What's that...? About £25k, £3k a year overhead / support / hosting / connectivity etc. Done.

        Oh, 5k consultancy fee for me too.

        Obviously could happily sync the data from EMIS instead, or just have it all centralized but why reinvent the wheel?

        Keeps the data where it is, the same people who can already get it have access, just a central way to get it.

        1. Anonymous Coward
          Anonymous Coward

          Re: The NHS and electronic patient records...

          <Warning: Informed comment>

          EMIS LV comes delivered as a client/servers setup already. Having been designed back in the days of dial up, it's pretty impervious to losing it's internet connection since the clients just send data to the server. (For the people who haven't had the unique pleasure of working for or with the NHS, Spine is the central database, access to which is role restricted and locked by 2FA; smartcard and p/w) EMIS's server also caches it (and all local data) in case it loses it's internet connection.

          This makes it very handy, especially when people are web browsing during lunch and using much of the internet connection. On nameless, but infamous software which is loathed and the use is resisted strenuously doctors can (and DO) lose data because the connection drops packets and submission just fails and the client gracelessly loses it's data. Uh, you do remember all your medical notes that you typed in so you didn't have to remember, right? (This is why there was "resistance" to the NPFIT rollout!)

          EMIS just shrugs and like an email server keeps retrying until it delivers it's records to wherever it needs to. The only reason I can think of for records not being held centrally is that patient consent, and needing to do data entry on the old stuff held in paper files.

          I'd be interested to know what the objection was higher up the chain towards EMIS should anybody from such exalted heights wish to enlighten me.

          That having said, I might be mistaken about minor details about EMIS; As we all know, systems that "just work" don't need you to learn a great deal about them beyond curiosity.

          1. Anonymous Coward
            Anonymous Coward

            Re: The NHS and electronic patient records...

            The privacy thing should not be forgotten because I'll be damned if I allow uncontrolled access to records (which is what will happen if you let them), and I want an audit trail so I as a patient can see who did a data grab.

            That is, however, not very hard to do (I developed a model for that at least 10 years ago), and if EMIS LV is already in a client/server architecture it's not going to be a massive effort to link it all up.

            But that would not make such a massive amount of money for $consultancy, would it?

      3. Richard Jones 1
        Unhappy

        Re: The NHS and electronic patient records... - PCT Explanation

        Some may not understand the abbreviation PCT it appears to stand for Prevention of Care and Treatment

        Richard

        1. Anonymous Coward
          Anonymous Coward

          Re: The NHS and electronic patient records... - PCT Explanation

          I'd like to see you do their job. They are given a finite amount of cash to manage which always means making tough decisions.

          They're going anyway, being replaced by GP consortia.

      4. This post has been deleted by its author

    2. Skoorb

      Re: The NHS and electronic patient records...

      This was the idea of the last government:

      http://www.youtube.com/watch?v=YJxTznwRzs4

      Sounds like the same target (which is a good idea, just the implementation is the issue).

    3. Anonymous Coward
      Anonymous Coward

      Re: The NHS and electronic patient records...

      And when it does go wrong, the government will react in the same way as it does with its corrupt basnking buddies - do nothing.

  2. Dr_N
    FAIL

    These Hunts Never Learn.

    Maybe the Health Secretary could apply a homeopathic solution to this "problem":

    Pay a consortium massive amounts of taxpayer cash for a load of empty cardboard filing boxes, or something.

  3. Vimes

    I've had a kidney transplant, and my local GPs surgery and the hospital don't seem to have problems communicating.

    As for ambulances: since I'm taking a certain form of steroids as a result of the transplant I carry with me a card detailing my medication. I would imagine that most people in this sort of situation - diabetic people for example - also do something similar. If paramedics don't know to look for this sort of thing then there are some more serious problems that need to be dealt with starting with their training, and this ever occurred we really would be up a certain creek without a paddle. Another red herring perhaps?

    Has Mr. Hunt forgotten that NHS trusts regularly appear on the list of organisations fined by the ICO? Why should they be trusted?

    1. Halfmad

      NHS trusts and councils tend to appear on the ICO because they self-report to the ICO far, far more often than private companies especially when something very bad happens.

      Doesn't mean they are any better or worse at handling data.

      1. Vimes

        @Halfmad - and yet they keep on having to report themselves as they keep on making the same mistakes. Until people start getting sacked for these mistakes - and I'm including managers in that group since they often make spending decisions that encourage this - rather than simply fining taxpayers via the NHS then nothing will ever change.

        I'm still curious: why should we be trusting the NHS?

    2. Hnk0

      I don't know about your area, but in London Boris is cutting ambulances and firefighters, so pretty soon there might not even be someone to take you to hospital.

      1. Anonymous Coward
        FAIL

        Doubt he will be cutting Ambulances as he has no remit for the NHS...

        As for the fire service LFB is bloated and in dire need of restructuring. Whether BoJo and the Assembly will do it properly is an entirely different kettle of fish.

    3. Anonymous Coward
      Anonymous Coward

      @Vimes

      I should think that taking a card out of someone's pocket and reading it would be more reliable (and even quicker) than trying to find it on a computer - no doubt in a wireless dead spot, as Murphy would ensure. Few things are more useless than a networked computer client without a functioning network.

      Unless of course our brilliant lords and masters mean every single ambulance and paramedic to carry a complete database of everyone in the UK. Now that would be perfectly secure.

  4. Pete 2 Silver badge

    cloudy flexibility meets touchy-feely

    > a top down project akin to building an aircraft carrier

    The first step should be to kick all the IT people off this project. Stop thinking of it as a computer to help medical people and start thinking about what those people want to do. Then apply the least amount of technology that will meet the needs of the users.

    Most people in the caring professions are there because they are drawn to the personal interaction with patients, they want to do tangible stuff (like sticking on plasters) that makes people better. The ones I have met do not want to spend their days as data-entry clerks, although last time an aged relative was admitted three different members of the nursing staff sat with AR at various times during the day and wrote down on paper pretty much the same information - most of which we could have done while sitting in the waiting room, waiting to be called in.

    So if this project is going to be a success - and the odds don't seem to be in its favour - the starting point must be to create a system around the way the medical staff like, or choose, to work and to make THAT JOB easier. If it starts from an IT perspective of "let's give these people new practices and procedures that will make them more productive" than it will get sidelined and ignored, just like the previous failures.

    1. Gordan
      Facepalm

      Re: cloudy flexibility meets touchy-feely

      More importantly, ban all non-IT professionals from making any IT related decisions. This is the fundamental source of the problem.

      Those that can - do. Those that can't - teach. Those that can't teach - administrate. Those that can't administrate - go into politics - so they can tell all the others how to do, teach and administrate. Madness.

      1. Piro Silver badge
        Thumb Up

        Re: cloudy flexibility meets touchy-feely

        Spot on...

      2. Intractable Potsherd

        Re: cloudy flexibility meets touchy-feely

        "Those that can - do. Those that can't - teach. Those that can't teach - administrate. Those that can't administrate - go into politics - so they can tell all the others how to do, teach and administrate ..."

        ... and those that can't be bothered to get into politics go into Human Resources departments so they can stop anyone doing anything useful either.

    2. BryanM
      Happy

      Re: cloudy flexibility meets touchy-feely

      But if you ask 3 medical staff how they work you'll get at least 3 different answers. This is why a country wide system will never work. Particularly now that hospitals, AKA Health Trusts are essentially disparate companies.

      That said, it really shouldn't be that difficult to create a database table with 65million rows in it?

      1. Bronek Kozicki

        Re: cloudy flexibility meets touchy-feely

        A database with 65 million rows?

        Ha ha ha. Soon after you have started the project you will learn that somehow, many of these rows have subtly different structure to all the others. And then you find that you need to write and maintain communication with more than 5000 databases, each using different schema and using more than a dozen of different protocols. Few of them actually documented and none of them robust enough to actually do the job.

        Well I am of course guessing all of this, but these are "normal" starting conditions of someone trying to connect thousands disparate data systems, few of them designed to support distributed data processing. And since each GP, hospital and trust currently has its own private database, that's where you start.

      2. Hnk0
        Flame

        Re: cloudy flexibility meets touchy-feely

        "a country wide system will never work", and yet in other countries that is exactly what they have, and it works (or at least, the advantages are greated than the drawbacks). Off the top of my head at least France, Iceland and The Netherlands, I think Norway, certainly other European countries. How about we ask them?

        Oh no an expensive US consultancy will be hired, who hire an expensive US software company, who will outsource the work to India/China and walk off with billions and we'll have fuck all to show for them. And then as if by magic an incredible amount of politicians will get directorships in the same companies involved.

        1. Skoorb

          Re: cloudy flexibility meets touchy-feely

          Yup. Even in Canada, where provincial government health insurance schemes cover everyone.

          And we have one already in this country, just not for medical records: http://www.connectingforhealth.nhs.uk/systemsandservices/ssd/prodserv/demo. Everyone who has an NHS Number is in the Exeter system, so, amongst other things, provider NHS Trusts (hospitals etc) know who to bill when they see a patient.

          This type of system is even in Canada, where provincial government health insurance schemes cover everyone.

    3. fixit_f
      FAIL

      Re: cloudy flexibility meets touchy-feely

      I'd love to see a shipyard attempt to build an aircraft carrier starting from the top and working downwards to the keel. What an idiotic thing for him to say.

    4. Anonymous Coward
      Anonymous Coward

      Re: cloudy flexibility meets touchy-feely

      > a top down project akin to building an aircraft carrier

      So what is the brilliant alternative he has in mind? Bottom-up - with hundreds or thousands of disparate, uncommunicating teams all over the country inventing their own ways of doing it? That would turn out like the classic cartoon of the bridge being built by two teams, one on each side of a huge deep ravine. Naturally, when they reach the middle they find the two halves don't quite meet.

      Other possible approaches might be middle-out, or (with apologies to the immortal Stan Kelly-Bootle - author of "The Computer Contradictionary" http://tinyurl.com/alk2o7v and its earlier subset, "The Devil's DP Dictionary") the very common but notoriously unambitious bottom-down.

  5. g e
    Coat

    Rhyming slang

    Jeremy Hunt

    1. John Bailey
      Happy

      Re: Rhyming slang

      No.. Nominative determinism

      http://en.wikipedia.org/wiki/Nominative_determinism

  6. Crisp

    Once medical records are in the cloud

    There's no way to get them out again. And there's no way to prevent scope creep.

    Because you can bet that some bureaucrat somewhere will think to themselves, "We've got a lot of data here on every man, woman and child in the UK. I wonder who we can sell it to."

    1. Captain Hogwash

      Re: Once medical records are in the cloud

      I think that's the point. Drug and insurance companies are likely to be first in the queue. Obviously they won't admit it though and need to sell it on how it will make the NHS save more lives/save more money.

      1. James Micallef Silver badge
        Thumb Up

        Re: Once medical records are in the cloud

        It's true that it's likely that the records will be abused / sold off. Which is a real pity, because a good e-record system WILL really improve health outcomes.

        Completely true about the no top-down approach. Nothing prevents local hospitals from keeping their own e-records. There isn't THAT much population mobility that a significant number of people will ever need their records accessed somewhere out of their home county. And when that happens, it's possible to copy an e-record from one hospitals' format to another, but too complicated to do en masse (which for privacy's sake will be a desirable feature rather than a bug)

  7. Vimes

    From the article:

    it estimated that £4.4bn from the public purse could be saved each year and funnelled into improving the healthcare system.

    Could be, but won't. It'll more likely be funnelled into the 30+% pay rise that MPs think that they deserve amongst other things.

    I seem to recall the special deals negociated by the government with the drug companies coming in for criticism in the past. Apparently a lot of the time the drops in prices were due to rebate agreements rather than simply paying less, but thanks to the complexity of said agreements the rebates were often left unclaimed leading to unnecessarily higher costs for the NHS.

    I wonder how much the government could save if the civil service actually took advantage of all those rebate agreements rather than just those that were easy to deal with?

  8. Dr Who

    The alarm bells really started ringing when I got to the bit about PricewaterhouseCoopers having published a report. The big consultancies are short of public sector work at the moment. What better time to lobby ministers into launching another round of NHS madness.

    If the consultancies are involved you can bet your a*se that any solutions will be even more complex, more centralised and more prone to juicy and lucrative cost overruns than the last attempt at this.

    There are some (relatively) simple decentralised solutions to solving this problem, but there is little money to be made from them by the management and IT consultancies, hence they never see the light of day.

    The fathers of the internet did not set up a single, central DNS server and require everyone to subscribe to it. Instead, they defined a standard for the operation and interaction of domain name servers. Anyone could set up a server as long as it complied with the standard, resulting in a gloriously simple and scalable distributed database. OK, it's time for some updates now, but it has served us with distinction and performed way beyond its original design goals.

    The NHS needs to define a standard by which any two patient administration systems (PAS) can share records. After that, we can have many competing PAS systems which will increase choice and quality and drive down costs. Trouble is, you can't charge 12 billion quid for setting a standard.

    1. annodomini2

      Oh I don't know...

      ' you can't charge 12 billion quid for setting a standard'

      Google, Apple, [insert other patent litigation headline company] keep trying with their 'FRAND' patents.

    2. John Smith 19 Gold badge
      Thumb Up

      " Instead, they defined a standard for the operation and interaction of domain name servers. Anyone could set up a server as long as it complied with the standard, resulting in a gloriously simple and scalable distributed database. "

      In fact the internet is a family of standards designed to share date between wildly differing computers back when there were many more different systems (a dozen operating systems at least in widespread use).

      People see the WWW and think they are seeing the internet. They are wrong.

  9. PaulyV

    Sending people negative test results by text

    Is that not the same as getting a positive result by impersonal text when you do get one that says:

    'PLZ C DCTR 4 HIV RZLT ASAP'

    or a phone call telling you to come in and see them?

    1. Ian Johnston Silver badge
      Thumb Down

      Re: Sending people negative test results by text

      UR DED M8 KTHXBAI.

  10. Anonymous Coward
    Anonymous Coward

    Let's just hope ...

    ... that in setting standards for communication that none of those standards are remotely related to HL7v3. Definitely the worst piece of design produced by the people you would least trust to produce it foisted on the last thing you want to go wrong.

    AC because criticising HL7 hasn't been good for your career in Health Informatics - particularly if you're Stateside of the pond.

  11. Vimes

    Lest we forget...

    http://www.bbc.co.uk/news/10089066

    1. Prudo King

      That's hardly fair as the NHS is the largest employer in the country and one of the top-five largest employers worldwide.

      As a result you would expect more breaches in the NHS than any other organisation in the country.

      Also, public sector organisations must report breaches to the ICO, private organisations do not.

  12. Anonymous Coward
    Anonymous Coward

    I hope the NHS has some anti-bacterial soap for the germy c**t

  13. Lee Dowling Silver badge
    Thumb Down

    "It is crazy that ambulance drivers cannot access a full medical history of someone they are picking up in an emergency"

    It's crazier to assume that ambulance staff are going to be sitting in the ambulance reading the patient's medical history for anything other than keywords. Keywords that, should they impact on the paramedics ability, are most likely to be printed on a bracelet about that person in a recognised design to attract the attention of a paramedic.

    "Allergic to"

    "Suffers from"

    "Must not be given"

    etc.etc.etc.

    There are not thousands of people dying every day because the ambulance has given them something they didn't know the patient couldn't have. And if there are, nothing more than a summary of keywords needs to be stored ANYWHERE, or transmitted to ambulance crew. Thus this is a fabricated problem, which makes me wonder the true intent.

    The other part, about GP's etc. having consistent access to medical records - there, I grant you there's a use. But I'm afraid you just dug your own grave by going above and beyond what it quite a simple problem (digitise all medical records) to something that's unnecessary, expensive, needs lots of specialised equipment (a GP I expect to have a PC already, an ambulance doesn't need any more expensive electronic crap put into it), and transmits my personal medical details around the country for no real reason.

    What you need is a common electronic file format. Not a cloud-based system with poor controls on it. Under the current system, I know that my doctor has my medical records, and can supply them to other vetted people if necessary (at his own risk). If he had a common electronic file format, he could easily supply that information to various places as and when the need arises for my details to transfer (even, say, a one-time transfer to a central location which can pass them out to ambulances should I get run over and be identified as the patient). What ISN'T needed is a way for everyone, everywhere, with an NHS machine to access my records willy-nilly, confuse me with a similarly named / numbered stranger, and to have little to no control over, say, seven thousand people all accessing celebrity X's medical records to see if he really DID have a nose job last week.

    What you NEED is a common electronic medical file format. When you have that, and you publish it, and software manufacturer's can compete to provide the best system to handle those formats, then you may convert my records. How you distribute those records once converted - that's an ENTIRELY different question, and I'd personally go for a token-checkout style method. Anyone on the NHS can checkout a record (with suitable permission and checks that they are allowed to do so), but only ONE machine/user can checkout my records at a time. Those checkouts are logged and recorded and I can QUERY THEM myself from the Government gateway website at any time (I don't need personal medical details on there, either - I just want to have a list of when my token was checked out and who's currently holding it, and a short history of token changes). If a hospital in Strathclyde reads my details (I haven't been a doctor in nearly 10+ years except to register, and live nowhere near there), I will want to know WHY, and have people held accountable. And without the token request, you cannot see ANYTHING of my details.

    Then an ambulance, or a Casualty department, can have "priority", take the token away from any current holder for my records (suitably logged of course) at any time. And I will KNOW they did that. And they will see what they want. And the common file format thus devised will provide the minimum of access necessary for their job (i.e. a list of important conditions and nothing more, unless they request to probe further but most likely that would be a doctor in the Casualty rather than the paramedic who does that) so they can see if I'm allergic to penicillin but NOT, say, that I recently had a colonoscopy or whatever.

    Everything you do above and beyond a simple, secure system like that makes me question why. Usually the answer is simple greed ("I have a friend in the medical software business who needs some work", for instance), but that's indistinguishable from government corruption in the early stages, so you need to do things to reassure me that's NOT your intention.

    And the best thing you can do? Not pilot another humongously expensive NHS IT scheme (which now have a reputation for complete and utter failure worse than anything else in IT), but a small, simple change that will make all such future schemes easier, cheaper, more practical, and still compatible with what you've done. Gimme a common file format. Then we can talk about digiting records. Then we can talk about centralising records. Then you can give me a token system that prevents abuse. Each step in a few years work at absolute worst, do-able within a reasonable budget, and helps the next steps take place.

    Until then, you keep that brown envelope that my local doctor still holds and has about three slips of paper in it describing an injury to my eye at birth and - well, that's about it. I have nothing to hide in my medical records, but the WAY you want to use them doesn't give me any confidence at all in the presence of simple ideas that would work much better and that you actually stand a chance of implementing successfully inside a single term of leadership.

    1. Dr. Mouse

      I have to agree, here.

      Everywhere could easily run their own databases for medical records. What is needed is a standard format for exchange of this data between NHS institutions.

      So if your GP refers you to the hospital, they can send the data on in a manner which will integrate with the hospital's own systems. Similarll, A&E departments could be given (logged and controlled) powers to access a patient's medical records, with that access being funnelled to the appropriate GP's database.

      This requires much less development (and money) than a centralised system, and should be more secure. At the very least if a breach did occur, it would be for a single database instead of the whole thing.

      1. Simon Round
        Holmes

        I also agree that everywhere should be able to run their own electronic patient records system.

        However I do see the benefit in a central database but only one that provides a pointer to where a persons medical records are stored based on their NHS number. This way GP's, A&E departments, Hospitals and even dentists could store their own data on a patients. Provide that data upon receipt a suitable, secure, electronic request via a clearly defined data interface standard.

        Using this type of approach a GP, for example, could request the records for one of their patients and their own ePatients system would not only pull the data from it's own database but would query the data from other external databases based on the central NHS Number database. The resulting data retrieved from other sources could be locked as read only and sorted into date order with the GP's own data giving a full history. Queried data would then be purged after use.

        Such a system should be easier to implements as a central database of people against NHS number probably already exists. Just setup a new table with a one to many relationship listing all the locations where that persons records exists. When new locations present themselves then add them to the table.

        Setup an access rights table to control who can have access to what data from which sources.

        Define the standard for data interchange and for communication with the central database for either queries or update/addition of locations.

        Finally the software vendors who provide the ePatients databases would then needs to add the data interchange functionality, central database query functions and finally the views of the data.

        Simples. Job Done. Ok sounds simple but won't be. But there does not need to be a central cloud of all patients data. There just needs to be a better way of pulling it all together when appropriate.

        Just my two pence worth.

      2. David Dawson

        This happens already. My local hospital reads data from the local GPs for patient information.

    2. Stephen Channell
      Meh

      and these days that bracelet could contains USB storage

      With today’s memory sticks you could store every comment & every x-ray, MRI etc in every format ever captured.

      Last time round a justification for the national database was to prevent multiple x-rays being taken by each hospital that someone with complex problems, who did not want to be sterilised in the process. Sticking the x-ray on a memory bracelet and/or DVD would be much simpler.

      The real benefit of a national database has got nothing whatsoever to do with patient care, it is for DNA profiling to find correlations between gene sequences, ethnicity, gender, behaviour and medical conditions

      1. John Smith 19 Gold badge
        Meh

        Re: and these days that bracelet could contains USB storage

        "Last time round a justification for the national database was to prevent multiple x-rays being taken by each hospital that someone with complex problems,"

        IIRC the capture and storage of X-rays digitally was one of the jewels of the almight cluster**ck that was the NHS PfIT. That is already taken care of.

  14. ACx

    Trying to be trendy and "in" is fine, if not sad, when pretending to own onesies, but this cloud lark is plain dangerous. Fine, stick non critical stuff in a cloud like your stupid holiday snaps, but NOT my damn medical records. Once your data is in a cloud you have lost all reasonable control over it. Worse still, of some muppet allows some thing American to touch it, suddenly the US gov thinks its entitled to our medical records. Great. If this happens, I'll think twice about what I say to doctors, hell, I'll think twice about even visiting one. And this is with out the spectre of connection problems at critical time. Imagine the cloud being inaccessible during an emergency?

    Why the hell is every one falling for this kings new clothes? Christ, some twat will "invent" a terminal server next.

    Oh what's the point? Facebook and twitter probably have more than enough medical information freely given by their sheep idiot users to screw over the average punter.

    1. annodomini2
      Devil

      Yes but how is the government supposed to sell your medical information to private health insurance companies if it's behind protected firewalls and the data protection act?! ;)

  15. EvilGav 1
    Facepalm

    More stupidity

    Again we see a senior MP spouting a variation of what has gone before. Again we see that it's the bureaucrats that run Whitehall and not the MPs.

    We don't need any new massive IT systems, we need to sweep away huge swathes of senior civil servants and kill these projects once and for all.

  16. This post has been deleted by its author

  17. Valeyard
    Facepalm

    start small

    Make a local application using a local database which is the same for all hospitals, doctors etc, once everyone knows the system and is integrated with it, make the application upload to and download from a central database, reconciling any differences the central repository holds per patient with what they have

    but no, they'll start off with the cloud and the database etc, then after months of work they'll say "now... what kinda things do hospitals log, and what interface would they like" etc. and then they'll have to change what they've already finished and adapt user behaviour to work with the cloud stuff rather than the other way about

  18. helliewm

    Here is what happens when you try to opt out......

    You are denied access to a GP. This patients case has been written by Prof Trish Greenhalgh this month in the British Journal of General Practice. http://www.ingentaconnect.com/content/rcgp/bjgp/2013/00000063/00000606/art00022

    Bucks PCT have not found a way for this patient to access GP service. The patient has been without a GP since the end of July 2012.

    1. Ian Johnston Silver badge
      FAIL

      Re: Here is what happens when you try to opt out......

      She has not been "denied access to a GP". She won't register with a GP unless that GP will opt her out of proactive health mailings, and no GP is able to do that. That may not be a good situation, but her GPlessness is entirely her own choice.

      1. John Smith 19 Gold badge
        Unhappy

        Re: Here is what happens when you try to opt out......

        "She has not been "denied access to a GP". She won't register with a GP unless that GP will opt her out of proactive health mailings, and no GP is able to do that. "

        So the "opt-out" clause is meaningless in the NHS.

        The process being with a lie.

        Not a good way to build trust, is it?

      2. Number6

        Re: Here is what happens when you try to opt out......

        I filled in opt-out forms some time ago. The receptionist seemed positively pleased to receive them, so I'm guessing that the local practice was not impressed with the last attempt. I don't remember receiving any proactive health mailings either.

    2. sleepy_chicken
      FAIL

      Re: Here is what happens when you try to opt out......

      Did you even read the article you linked to? It is about a patient's dislike of being targeting by QOF (Quality of Outcomes Framework) invitations...it has absolutley nothing to do with opting out of the Summary Care Record Service, or anything else.

      "Bucks PCT have not found a way for this patient to access GP service. The patient has been without a GP since the end of July 2012"

      Where is this mentioned in the article?

  19. Anonymous Coward
    Anonymous Coward

    *cough* data streaming *cough*

    It's already quietly happening behind the scenes without the gov. having to get involved

  20. JaitcH
    Meh

    Who OWNS UK Patient Records

    In Canada the doctor who actually writes the records owns the records BUT a patient has the right to demand unexpurgated copies (my doctor called me OBESE! in my records) of recors.

    What is the status in the UK and CAN PATIENTS OPT OUT OF E-RECORDS?

    These records hav a great financial worth when used by insurers - so what protection/encryption is being usd to keep Plod and Murdoch.

  21. M7S
    Stop

    Ambulances

    There are a few issues here.

    Firstly if I am despatched to a patient as an emergency, rarely will I know the identity of the patient. Mostly we are given one out of male/female and another out of adult/child and a brief description from a member of the public about the injury which may well be incorrect. Many times we have gone to call given as an adult male in cardiac arrest to find the young girl sitting up and chatting but suffering from a sprained ankle, or perhaps vice versa. I exaggerate not. That is why every call is treated as an emergency until a reliable identifiable traceable person can give an assessment, which will usually be the first crew to arrive. We simply cannot rely on information from unqualified persons.

    Secondly many of the patients are unknown to the callers (helpful members of the public) and therefore to us. Even if a person is found unwell in an address, no-one can be certain that they live there and are not their sister visiting for a weekend or are a burglar taken unwell "at work" (its happened), or are driving a car registered to someone else so until we start searching them for photo-id, with a recent reasonable photograph (and the hope that the scene is well lit, and there are no disfiguing facial injuries, changes of beard since the photo was taken etc) and then we can tie this back to some patient data (and lets leave identical twins out of it as well) then again what use are the records? I will do my best to identify the patient but if life saving interventions are required and there are no close friends or family nearby then I don't have time to do this before things start happening, by the time I found out anything relevant to emergency treatment from "the database" it might well be too late.

    If we had the ability to "pull" the record in the street once we found out who the casualty was, rather than it being "pushed" to us from control when the call is despatched, then we'd also need a damn good data carrier. Large events tend to overload the cellular networks. I am sure people will suggest accolc, airwave and all sort of other things but to be frank when it all goes tits up then some of us still have a few handheld VHFs for resilience and "local control". One major service I know has retained 200 vehicle VHF sets. I've seen them (I wasn't supposed to). They're all in boxes at the back of a warehouse. Fantastic. I'd seriousl consider semaphore at events it the scouts still taught it. The idea of using my warning lights as some kind of Aldis lamp appeals but I realise here that I'm getting off topic.

    As a few people have mentioned. it would be nice to assume that everyone with a known pre-existing medical condition wears some form of medic-alert bracelet. This simply does not happen, and there are quite a few situations where it is impractical to do so. You could say that this will be a form of Darwinian selection then, but in the same way as we don't refuse to treat the many many people who go to an all day music festival and "didn't think they'd need their inhalers" (for various respiratory conditions, which are often life threatening) we have to manage as best we can. This does make a reasonable argument for the proposal and I acknowledge the good intent.

    Patient records can be wrong. A relative (and I appreciate this is a minor point but its the principle I am trying to illustrate) was incorrectly listed as a heavy smoker. She'd never smoked in her life and of this I am certain. A salive swab test (for life insurance) confirmed this insofar as such tests can. The GP accepted that the record was wrong but could not alter the record as he did not put that particular note on. The GP who had added this at a previous surgery where she had been registered had left that surgery and no-one else could remove that note. I pointed out the bit about Data Protection Act requiring information to be accurate and this cut no ice. An amendment could be put on but this was pages away from the summary which would be all we might have time to read. If the incorrect information had been for something more serious, well the consequences of treatment withheld or incorrectly give could be fatal.

    There are many agencies involved in pre-hospital emergency care. Statutory ambulance services. Voluntary Aid Societies (Red Cross, St. John) who do 999 work for some statutory services or also cover events on their own, private services covering events or againg doing 999 work. BASICS Doctors. Local first responder schemes (some allow theirs to do considerably more than basic 1st aid, O2 and Defib). Would all of these have access? If so the papers will scream about the "untrained and unsupervised" people with access to your records. If not the papers will scream about the postcode lottery and the incomplete provision of services. If they do have access, will every first aider covering a small event (who will in effect supplement for the ambulance for some time until it arrives) have some sort of data terminal? You might say that first aiders don't need it but many are fully qualified ambulance personnnel, could they be held liable for a poorer standard of care given due to not having such information?

    Who is going to pay for all these portable devices, the data contracts, the training, remote security management etc, and the replacements when the yoof of sarf lundun realise that some of the medics now go home from events in the evening with something more nickable and floggable than a couple of No. 4 Dressings. I'll protect my patients confidentiality but perhaps not at the point of a knife or looking down a tube with an inner diameter of 9mm or so.

    It's a minefield of legal, technical and financial issues, however I think that the thing that will stop me worrying about it for some time is that for mobile users at least, you'll never get it to work properly anyway.

    1. Hnk0

      Re: Ambulances

      The thing is, this type of record isn't designed to help first responders. As you pointed out, you show up and try to figure out what's going on.

      It is a lot more useful in other situations. Let's say my usual GP surgery is closed, I could just walk into any other, have an equivalent of France's "Carte Vitale" scanned, and the GP has immediate access to my records, including prescription history, so they can re-issue a prescription for example. No need for registration. There are "pharmacist precribers" as well, so if they have your records they could e.g. renew your prescription for insulin, without you wasting doctor's time for what is effectively an administrative function. After (limited) renewals, you would have to go see your doctor again, but that could be customized to the drug/patient, or over-ridden entirely.

      Again following the French system, once I have my prescription I got to the pharmacy get my drugs. The pharmacist scans my card, and discounts/waives are applied automatically.

      Also it prevents "double prescribing". A distant relative of mine had studied which symptoms to describe to get which drugs she wanted, so she had a GP prescribing her antidepressant, another sleeping pills, another heart drugs, etc., and picked it all up from different pharmacies so they wouldn't pick up on interactions. All for free (well, paid by French taxes anyway) because of special circumstances. She had to give it up when the Carte Vitale came into place. Had to go cold turkey, but did her good in the end.

      1. John Smith 19 Gold badge
        Meh

        Re: Ambulances

        "have an equivalent of France's "Carte Vitale" scanned, and the GP has immediate access to my records, including prescription history, so they can re-issue a prescription for example. "

        Very commendable.

        That is not what is being proposed.

        It's too human scale for the DoH bureaucrats.

    2. Anonymous Coward
      Anonymous Coward

      Re: Ambulances

      "One major service I know has retained 200 vehicle VHF sets. I've seen them (I wasn't supposed to)." Well if you arent down south, that makes two then.

    3. Anonymous Coward
      Anonymous Coward

      @M7S re: Ambulances

      Many thanks for your brilliant comment, which opened doors and shone searchlights on the subject for me (and many other ignorami no doubt). It's always reassuring to see how often a discussion like this brings out a real expert who knows the ropes from practical experience.

  22. Mr Anonymous

    Beta test

    I suggest a 12 month beta test before the database goes live using all 650 MP's complete medical history as the test data, then we call all test the security of the system. If no data leaks we'll have an idea of the basic security of the system.

    1. ukgnome

      Re: Beta test

      I salute your suggestion +1

    2. Anonymous Coward
      Anonymous Coward

      Re: Beta test

      Running a test database with just 650 records might not be entirely sufficient. Perhaps it would need to be bolstered with additional records of council members and staff and police forces.

      1. annodomini2
        Holmes

        Re: Beta test

        Simpler than that, all politicians families, financial backers, lobbyists, current mates, school mates and the entirety of Whitehall and their families.

        Trust me, if they get it wrong, then they'll get it directly in the ear, which will result in them having a genuine, greater than 10 second attention span on the subject.

  23. Anonymous Coward
    Anonymous Coward

    Slang

    I think that 'Berkley Hunt' and/or 'Charlie Hunt' should now be superceeded by 'Jeremy Hunt'.

  24. Anonymous Coward
    Anonymous Coward

    It already seems to happen quite effectively in Scotland.

    When I took my son to the Sick Children's Hospital in Edinburgh, the consultants there had instant online access to all his scans from our local hospital, many miles away, and to all his GP practice records. Same with the people at NHS24.

    1. This post has been deleted by its author

    2. Anonymous Coward
      Anonymous Coward

      Re: It already seems to happen quite effectively in Scotland.

      Quite the opposite experience here.

      Since last year I have made monthly visits to see a consultant.

      One occasion I apparently didn't exist - ever. On another I did. On another I existed but they held no contact details for me.

      I was then told that I would be in for an operation within 4 weeks by the consultant. After hearing nothing I phoned and the hospital told me they had no record of this.

      Then another call a week later, and there I was back on the system, but now they did not have any contact numbers and no operation data.

      Then, as if by magic, there I was, back on the system again, but they still had no clue that the consultant wanted me in for an operation within 4 weeks of my last appointment.

      They also had no record that the consultant had requested an urgent pre-op biopsy.

      I'm not so full of confidence.

      1. Anonymous Coward
        Anonymous Coward

        Re: It already seems to happen quite effectively in Scotland.

        AC15:51 - I'm with you - my own GP cocked up my records (not in Scotland I must admit).

        I needed to be referred to a consultant, so when my GP practice gave me the referral documents I read them (like you do). Firstly the referral letter itself incorrectly outlined the history of the condition I needed investigating which wasn't a great start. Then it included some "highlights" from my records - apparently I was overdue for my over-75 check. At the time I was 37.

        I don't have an issue with the idea that all GPs and hospitals share patient data as that only be a good thing in the long run. But I have no confidence that the information would be correct.

  25. Anonymous Coward
    Anonymous Coward

    Give us your med recs!

    I can see a whole raft of people who would love to get their hands on peoples medical records. Insurance companies being possibly the biggest. I can also see targeted adware companies salivating at the thought of it. "Get 20% off your next order of (insert related health product here)"

    Where there is a physical connection to the internet or in the airwaves then there is a way in and thus a way for that info to 'leak' (someone in the ambulance services loses a device with access to the system etc). The cloud has not been proven secure yet and I don't trust anything the government approves with my personal information in it.

  26. Anonymous Coward
    Anonymous Coward

    Haven't we failed at this just recently?

    Haven't we tried this before?

    The reason EMIS works for GP practise’s is that my local GP only stores names, contact information and medication previously prescribed. He showed me it once explaining with amazement how the system is able to select all drugs by each pharmaceutical company and create a printable prescription.

    I wasn't so amazed since I knew they system was just selecting values from a database of each drug manufacturer. These GP practice systems are not as interoperable as being advertised. If you change doctors you have to go through a manual registration process again. All medication prescribed by the previous GP most likely gets printed out and follows you in a paper file.

    The objective set by the National program therefore hasn’t really been met. Information cant be shared throughout the country or between GP'S or Pharmacies. My local GP cant electronically send my prescription to my local pharmacy. It has achieved one thing which is preventing doctors from suffering handwriting/pen fatigue.

    1. Hnk0

      Re: Haven't we failed at this just recently?

      Most importantly, it has prevented the wrong drug being given out by the pharmacist because of doctors' atrocious handwriting. Pharmacies have a similar system to check doses/potential interactions. But yeah, it is far from being an interoperable system.

    2. David Ward 1

      Not my experience

      I can share information between all of the hospitals in the region and probably the UK electronically and with all of the GP;s in wales and probably the UK independent of their software, most use EMIS GV or web but some use other solutions and it works perfectly. We are currently in a trial for digital signatures on prescriptions but only one chemist chain are willing to purchase the hardware at present so the others need paper prescriptions. To be honest it isn't much hassle either as a doctor or patient so not that urgent. The doctors have been using digital record for years and they DO interoperate very well thanks, it is the hospitals that have been slow to catch up and the blame lies largely with consults who do not like their actions being traceable and prefer the power of their paper notes and prescription pads and therefore refuse to use any of the systems.

  27. Anonymous Coward
    Anonymous Coward

    Just a thought!!

    One question - how long will it be before some civil servant decides that the best way to connect the patient to their records in the cloud, prescription service etc. would be via a chipped card containing the relevant identification data that would have to be carried at all times (for the emergency services and in the patient's best interests of course!!).

  28. helliewm

    Its official patients are to be denied access to care

    It is official Bucks PCT have responded to Prof Trisha Greenhalgh article in trhe British Journal of General of General Practice. The article concerns one of their patients and the patient sent me their response unless you agree to your data being used on these databases you are denied access to GP services. Its official in black and white. http://www.ingentaconnect.com/content/rcgp/bjgp/2013/00000063/00000606/art00022

    1. Anonymous Coward
      Anonymous Coward

      Re: Its official patients are to be denied access to care

      I've just read the linked article. It is stated that the patient (being fed up with proactive care), has "chosen not to have a GP at all".

      It's not clear to me, however, that this is the same as your "denied access to GP services". Is it not possible to attend a GP with being registered there?

    2. David Ward 1

      Re: Its official patients are to be denied access to care

      "unless you agree to your data being used on these databases you are denied access to GP services" - It does not say that at all, the article is about preventative care which is entirely separate and in most ways a very good thing.

  29. John Smith 19 Gold badge
    Gimp

    *Where* is this "cloud?"

    In the UK?

    Ireland?

    Mainland Europe

    The United States.

    Israel.

    Because by EU data protection all of the have equivalent data protection.

    Including the home of the PATRIOT ACT.

    I smell the DoH data fetishists, hence the icon.

  30. helliewm

    @davidward @anonymouscoward

    The response from Bucks PCT to the BJGP article was only received this afternoon so does not feature in the BJGP article.

    The issue is they collect all this data from your medical records for eg for preventative care for this database that is featured in the above Register article. If you do not agree to your medical records being used for these GP contract purposes which are then sent to this database you are denied care.

    The problem is in Bucks where this patient lives there is only one GP in the area so the patient cannot use another GP Surgery as an temporary/emergency patient as she lives outside the GP Practice boundaries of the other Practices which are 4/5 miles.

    Prof Ross Anderson who blog also features in the above Register article is fully aware of Bucks PCT response he has seen the email. I have worked/campaigned with Ross for a number of years on medical confidentiality issues

  31. Anonymous Coward
    Anonymous Coward

    Have they not shipped all our records out to India yet?

  32. Ponmyword
    Big Brother

    Arrested for demanding a copy of her medical notes

    "A 67-year-old retired scientist was escorted handcuffed from a doctor's surgery in Bedfordshire on Thursday for demanding a copy of her medical notes"

    http://www.bbc.co.uk/news/uk-england-beds-bucks-herts-20817107

    This is only the beginning

  33. Anonymous Coward
    Anonymous Coward

    So the handling can be outsourced to India?

    No thanks, you Hunt. It would also smooth the way to full piratisation to the benefit of the politicians who voted for the piratisation bill. Who wants Beardie looking after their medical records. He couldn't even get the trains to run on time.

  34. James 51
    FAIL

    Every time I hear about something like this I want these clauses to be written into the data protection act or something similar:

    anyone found in breach of their duties e.g. lax security lets hackers in/leaves usb drive on train/sells details on to third party or passes them onto another department for same company personally faces an unlimited fine and serious jail time along with some senior people in the same company. The company can be fined too oh and the government department with oversight gets a kicking also.

    Harsh I know but given the track record of data security both from government and private companies I don't see an alternative.

  35. Secman

    It can be done and works

    Here in New Zealand, we had a few earthquakes a while ago, and medical facilities got a bit run off their feet. What doctors needed was knowledge about the people they were treating, and none was available.

    So, what we have now is eSCRV, electronic shared care record view, which allows suitably permissioned people to see some of ones doctors notes. Important stuff, like allergies, drugs prescribed, summary of known conditions, X-rays. The really important useful stuff.

    It's up and running now, didn't cost the earth to implement, and leverages the existing electronic health communication standards. Uses off the shelf software.

    It's just in canterbury at the moment, but it'll grow to country wide eventually.

    1. Mick Sheppard
      Meh

      Re: It can be done and works

      Sadly just because it is possible to do using off the shelf software doesn't mean that it will happen here. Instead it will go out to tender and be awarded to the large consultancy firms who will develop custom software to allow them to maximise their fees and future income stream from trivial changes.

  36. Mark 75
    FAIL

    Not again....

    Oh no, another £14 billion down the pan...

  37. MrZoolook
    Trollface

    You're all 'glass half empty' people.

    Look at it this way. With all our records being in the ether, the sacks of garbage won't need to carry pen-drives with our data on them... thus, no longer do we need to worry about them losing our data on pen-drives on the train, or on laptops in mini-cabs... See, glass half full :)

  38. Number6
    Big Brother

    Track Record

    If I could trust them to implement it properly, and could trust all future governments not to abuse the information, then I'd be 100% in favour of such a database.

    Sometimes it's worth paying a bit more and suffering a bit more inconvenience for a system that isn't quite so joined up.

This topic is closed for new posts.

Other stories you might like