E-care records safety fear raised

[Admin]

E-care records safety fear raised

More proof is needed that electronic personal health records are safe and effective, some doctors say.

[dsn]

I really don't see what the problem is. It isn't exactly rocket science to have different levels of privilege (access) to determine what you can see and change on the database. So if you wanted only a consultant from a GUM clinic would be able to see your sexual health history, unless it was an emergency and a different doctor needed it and this would be logged and then verified in case of abuse of the system. Shock, horror, the systems that individual hospitals currently have (mostly McKesson PAS as I understand) allow you to have different privilege settings and so on. In future in a national system you could make it that a person had to be admitted on the system in to the care of the consultant, so you could only see the medical records of people under your care. And to see the demographic details of a person they might need to live in the PCTs that the hospital serves (as currently, any one with access to the system can look up addresses and so on of people registered at their hospital, but generally they don't).

The problem really is that too many people talk about the Connecting for Health programme wot know nothing about networks and databases (not that I myself know all that much).

[Mattie]

I think any negatives associated with this system will be outweighed by the advantages of having a patient's medical history in front of you the moment they walk in the door. How invaluable will it be and how much time will be saved! I once stood in a Cath Lab with the patient on the table, waiting for his procedure to be performed, for 30 minutes as the notes were lost and no one could find them. How distressing was that for the patient? The doctors time was wasted as well. All this would have been avoided if electronic notes were avaibable.
I'm not saying that security and privacy is an issue and should be considered really important, but I don't think the public should start thinking their new girl friend will be able to see whether they have any mental health issues for example.

[Dick Cheney]

Quote:

Originally Posted by dsn

The problem really is that too many people talk about the Connecting for Health programme wot know nothing about networks and databases (not that I myself know all that much).

What alarms me is that many people who are experts in security systems and privacy are concerned about the NHS spine, Ross Anderson for example.

Balancing performance, integrity and security in such a large system is complex.

I suspect that the government has an ulterior motive for this huge and expensive centralised data store. My feeling is that this will underpin some kind of health insurance scheme.

[dsn]

Quote:

Originally Posted by Dick Cheney

What alarms me is that many people who are experts in security systems and privacy are concerned about the NHS spine, Ross Anderson for example.

I don't know anything about this person; he's some sort of Cambridge academic. However, may be I'm cynical, but in general the best way to get noticed is to criticise some government proposal. Newspapers don't run stories like "Famous Academic supports NHS Spine" because that's neither news, nor very good at selling papers, whereas "You're neighbour will know your HIV status says academic" does. I don't mean that any academic is being dishonest, but they might be encouraged to come to a certain view by the prospect of publicity. And in any case newspapers are pretty negative about everything.

Ultimately, I think confidentiality is over emphasised in general. I don't care what gynaecological problems Mrs K has. In fact I don't want to know. And since I need to go through 100 peoples records I won't even remember any of them after five minutes. The problem is with the records of people you know, but somehow that's dealt with at the moment. I don't see how enlarging a database to have the records of people from the other side of the country make this (potential access to records of people you know) more of a problem? Probably not, since most people you know probably live within your health authority.

[Dick Cheney]

Anderson is a respected academic in IT circles, and he is not alone in his criticism. You are being indeed being unduly cynical if you are accusing him of sensationalism. You are attacking the person rather than his argument.

If you are really interested in NHS CFH, do some reading. It has great potential and also risks. It is a mammoth project.

There is a variety of sensitive information in people's medical records and many interested parties who would like to get their hands on it - not your neighbours. The spine makes it far easier for people with mischievous motives to get their hands on the data.

Quote:

Ultimately, I think confidentiality is over emphasised in general. I don't care what gynaecological problems Mrs K has. In fact I don't want to know.

She might care who knows, or who knows that she has been abused or raped or is carrying HIV or has drug problems or depression. I hope you have more respect for confidentiality when you practice as a doctor.

[dsn]

Quote:

Originally Posted by Dick Cheney

She might care who knows, or who knows that she has been abused or raped or is carrying HIV or has drug problems or depression. I hope you have more respect for confidentiality when you practice as a doctor.

The whole point is that you only ever know for about five seconds, before you forget. And the thing is that information cannot any longer be kept confidential, back in 1982 Mark Siegler wrote an article "Confidentiality in medicine--a decrepit concept" (http://content.nejm.org/cgi/content/...on/307/24/1518 though not available online). A COPD patient complained to this consultant that a, shock! horror!, respiratory therapist was writing in their medical records and didn't this violate their right to confidentiality? Siegler investigated how many people had legitimate access to the medical records. It turned out that 25-100 people did, ranging from doctors, nurses, allied health to administration. This was all necessary, apparently. So medical confidentiality has to be about limiting the number of people that have access to records, but beyond that there's nought to be done.

In fact, I think the NHS gets carried away with confidentiality. So when someone writes from a doctor's surgery about some patients to their colleagues in their PCT they must use NHS numbers, not names. All this means is that time and money is wasted converting names in to NHS numbers at one end and then the NHS numbers in to names at the other. Since information is usually transmitted either via email or internal post the security risk is minimal. On the other hand sometimes data is "anonymised" to a very superficial level. I recently worked with spreadsheets which had people's dates of birth and postcodes - more than enough to identify them, if you're looking for a specific person. And the people who log off their computers and lock their offices when they leave them at the hospital where I am is minimal. I have (usually at about 4pm on a Friday) come across entire departments which are either deserted or nearly so, but all the doors unlocked, with hard copy medical records for the picking. No doubt the hospital would accuse me of libel, but that's the way it is.

At the same time the trust has very good security for babies and children, so all the doors to departments that have them cannot be opened using your ID badge unless you work in those departments, so you have to ring to be let in (if any one is at the front desk). This is really annoying if your work involves visiting lots of different departments, as it wastes lots of time and is quite unfair. If they can trust contracted cleaners, why can't they trust their own NHS staff? I could rant on about what else the trust does wrong ro annoy me... Especially the receptionists who do bugger all, all day and then tell you to put a very heavy box of paper you're delivering to them on a shelf 2m off the ground. Do it yourselves! And the stupid receptionist at the GUM clinic who said to me "and who are you seeing?" Nobody! Just sign for your stationery. I made the mistake of telling my supervisor this... the rest of my department mocked me for the whole day...

[Captain_Carrot]

I think we have every right to be cynical about the inability of a government managed project to maintain the confidentiality of <60 Million people given that they couldn't keep the personal data of this years FY1 cohort secure.

I agree that this will bring massive benefits. My personal fears lie with the potential of the system to be hacked if it is run over public phone lines/the internet. I think it will be too much of a tempting target. That's my 2 cents.

[NorthernLight]

Quote:

Originally Posted by dsn

The whole point is that you only ever know for about five seconds, before you forget.

Actually, the point is that if you shouldn't know something then you shouldn't know it. Whether or not you choose to forget it quickly is immaterial.

Quote:

Originally Posted by dsn

Especially the receptionists who do bugger all, all day and then tell you to put a very heavy box of paper you're delivering to them on a shelf 2m off the ground.

You must have a lot of free time if you can spend entire days watching what other people do for a living. No wonder they ask you to lift boxes onto shelves for them!

[dsn]

Quote:

Originally Posted by Captain_Carrot

I agree that this will bring massive benefits. My personal fears lie with the potential of the system to be hacked if it is run over public phone lines/the internet. I think it will be too much of a tempting target. That's my 2 cents.

They have NHS net now which I don't think gets hacked much, although it contain administrative rather than clinical content mostly. But blood tests are requested by GPs in my PCT online through ICE and lab results get sent back from hospitals and this seems to work fine.


As for the receptionists, they were such a waste of money in the outpatient waiting areas at this trust that they were liquidated (i.e. redeployed elsewhere) and replaced by volunteers, who at the very least seem to be quite friendly. I don't spend my time watching them, because a) I'm far too busy and b) it would be far too nauseating. I'll agree that there are times when they're quite busy, but unlike most other people (and certainly purchasing where I am, where there is always two day's work to be done in a day) they also have periods of time when they are not and they chit chat about nonsense. If they are unreasonable in their demands when they are not busy, some of them are down right rude when they are busy. Consequently, if I am going to a ward I look for the Sister or a staff nurse, because at least they know what they are doing and don't find it necessary to try to show off their superiority unlike some of the receptionists. I don't like them much basically and nor does any one else in my department.