That NHS ‘junk mail’ leaflet DOES require action — NOW

January 14, 2014 12 Comments
By

If you live in England, you might recently have received an NHS leaflet — white background with a blue and green design — with your junk mail.

If not, it is on its way.

It is called ‘Better information means better care’. Furthermore, it says no action is required on the part of the recipient.

As this pamphlet deals with personal patient data — yours and mine — two thoughts occurred to me. First, why wasn’t my surgery writing to me personally? Second, what about the opt-out of a few years ago wherein many English NHS users took the opportunity to prevent their records from going on the grand nationwide database, the Summary Care Record?

This leaflet discusses something different. There is a lot to read, so I’ll summarise it and leave you to further peruse the links provided.

The leaflet, which, no doubt, the NHS and Government hope you will ignore and discard with the accompanying flyers, is about care.data, even though there is no mention of it. care.data will eventually be sharing data with third parties — initially anonymous but not in subsequent stages — about our ailments, illnesses and lifestyle habits.

This, as will be shown below, has nothing to do with our treatment by doctors and nurses, whether in surgeries, clinics or hospitals.

And you can opt out by writing, not visiting, your surgery.

This is what the relevant NHS site says (much more at the link, emphases in bold mine below):

The role of the Health and Social Care Information Centre (HSCIC) is to ensure that high quality information is used appropriately to improve patient care.

NHS England has therefore commissioned a programme of work on behalf of the NHS, public health and social care services to address gaps in information. Our aim is to ensure that the best possible evidence is available to improve the quality of care for all.

It is important that the NHS can use this information to get a complete picture of what is happening across health and social care and to plan services according to what works best. The new system will provide joined-up information about the care received from all of the different parts of the health service, including hospitals and GP practices.

Your date of birth, full postcode, NHS Number and gender rather than your name will be used to link your records in a secure system, managed by the HSCIC. Once this information has been linked, a new record will be created. This new record will not contain information that identifies you. The type of information shared, and how it is shared, is controlled by law and strict confidentiality rules.

MedConfidential states that this is not really as harmless as it looks. In fact, a physician from Hampshire — Dr Neil Bhatia — provides more information on what this scheme really entails as well as opt-out forms you can send to your GP.

MedConfidential says:

Under changes to legislation, your GP can now be required to upload personal and identifiable information from the medical record of every patient in England to central servers at the Health and Social Care Information Centre. Once this information leaves your GP practice, your doctor will no longer be in control of what data is passed on or to whom.

This information will include diagnoses, investigations, treatments and referrals as well as other things you may have shared with your doctor including your weight, alcohol consumption, smoking and family history. Each piece of information will be identifiable as it will be uploaded with your NHS number, date of birth, post code, gender and ethnicity.

NHS England – the body now in charge of commissioning primary care services across England – will manage and use the information extracted by the Health and Social Care Information Centre for a range of purposes, none of which are to do with your direct medical care. These ‘secondary uses’ include patient-level tracking and monitoring, audit, business planning and contract management. In September 2013, NHS England applied to pass on your information in a form it admits “could be considered identifiable if published” to a whole range of organisations that include – but are not limited to – research bodies, universities, think tanks, “information intermediaries”, charities and private companies.

Though you may be told that any data passed on will be ‘anonymised’, no guarantees can be given as to future re-identification – indeed information is to be treated so that it can be linked to other data at patient level – and NHS England has already been given legal exemptions to pass identifiable data across a range of regional processing centres, local area teams and commissioning bodies that came into force on April 1st 2013. The Health and Social Care Information Centre already provides access to patient data, some in identifiable form, to a range of ‘customers’ outside the NHS, including private companies.

If you prefer looking at flowcharts, this one — from one of the aforementioned sources — explains more.

The data upload is due to begin in March 2014, so if you wish to opt out, using one of Dr Bhatia’s letters — here and here — now is the time to do so.

Dr Bhatia’s Care-data site explains the scheme in more detail. Excerpts follow, so please take the time to read more privately:

  • The information is not going to be available to doctors and nurses, and so will not be used to provide direct medical care
  • The HSCIC will keep your uploaded information indefinitely – it will never be deleted, but continuously added to
  • Your GP surgery cannot stop this extraction – but you, as an individual, can
  • care.data is voluntary – you are under no obligation to allow your records to be processed in this way, and you have the right to opt-out
  • You can prevent the extraction of identifiable data from your GP records by asking your GP surgery to put a special code in your GP records
  • You can prevent the release of your identifiable data from the HSCIC by asking your GP surgery to put an additional special code in your GP records
  • You cannot prevent the HSCIC from releasing information about you in anonymised, aggregated or pseudonymised formats (to ensure that, you must prevent the HSCIC from obtaining your information in the first place, by opting out now)
  • If you opt-out of care.data (now), you can opt back in at any time in the future
  • care.data is not the same as the Summary Care Record – opting out of one does not mean that you have automatically opted out of the other

This project, called care.data, is administered by the HSCIC using software and services provided by a private sector company (ATOS).

How much is care.data costing the taxpayer ?

No one knows. The HSCIC has refused to indicate the full costs of the programme to date.

Will doctors and nurses treating me have access to this information ?

NO.

Medical staff treating you in GP surgeries, hospitals, A&E, pharmacies and GP out-of-hours centres will not use, or be able to use, this database.

care.data is not about information sharing between healthcare professionals.

It is about data extraction, linkage and analysis: in other words, data mining.

Will medical staff with an NHS Smartcard be able to access my uploaded care.data?

NO.

NHS Smartcards are used to access software systems that help provide direct clinical care, for example the Summary Care Record, the Personal Demographics Service, Choose & Book and the Electronic Prescription Service.

NHS Smartcards will not permit access in any way to care.data uploaded to the HSCIC.

care.data is not about the provision of direct medical care by clinical staff.

Will my information be anonymised before it is uploaded from my GP surgery?

NO.

The information will be extracted from your GP surgery in a form that can clearly identify you as the patient that the data refers to.

In other words, it will not be anonymised, pseudonymised or de-identified before it is uploaded.

If it was anonymised, you wouldn’t be able to opt-out.

If it was anonymised, the leaflet wouldn’t state “If you do not want information that identifies you to be shared outside your GP practice, please ask the practice to make a note of this in your medical record.”

If it was anonymised, the HSCIC wouldn’t be able to link it to further identifiable data about you that it holds extracted from hospitals.

If it was anonymised, you wouldn’t be able to make a Subject Access Request for information that the HSCIC holds about you.

Later on, mental health records will be added, Dr Bhatia says. These are also scheduled to be released to interested parties.

It is appalling to think where personal information might end up and how many individuals will have access to it.

I also find it interesting that the UK’s oft-invoked Data Protection Act does not seem to be of use against this scheme.

One wonders how many people dumped this in their recycling bin without even looking at it?

Tags: , ,

12 Responses to That NHS ‘junk mail’ leaflet DOES require action — NOW

  1. Furor Teutonicus
    January 14, 2014 at 2:30 pm

    Hmmm.

    Somewhere, in the dark and distant past,(Until 1995/9) I had medical records in the U.K.

    They refused to send them to Germany, so I presume they still have them.

    There appears to be know way to tell them to go stuff themselves.

    How retrospective are they going to get? And how do I retrospectively tell them to fuck themselves sideways, considering I no longer have a G.P?

    • January 14, 2014 at 4:08 pm

      Living in Germany, you probably won’t have to worry about it.

      You can always look your old GP up via the NHS search (using your old postcode):

      link to nhs.uk

      then send a letter to them.

    • mona
      January 14, 2014 at 8:11 pm

      You belong to the EUSSR, Gorbachev said the EU is the old USSR dressed in new clothes.they know all about you try Agenda 21.

  2. GhostOfWinston
    January 14, 2014 at 4:29 pm

    This country gets more like Orwell’s 1984 ever day.

    On Dr Bhatia’s web site he states that the upload is due to begin in March.

    When I visited my GP surgery’s website today the home page states “From the 1st of January 2014 the HSCIC will be uploading information from your medical record. They will be uploading information such as: Date of Birth, NHS Number, Postcode, Health Status, Medication Types & Quantities and Referral information for any condition you have been treated for”.

    So who’s telling the truth? If uploading of GP data has already started, opting out today is already too late.

    :evil:

    • January 14, 2014 at 6:05 pm

      That’s unfortunate.

      My GP’s site doesn’t have anything about it.

      Perhaps give yours a call to find out if your surgery’s patient data are already uploaded?

    • ptbarnumthe2nd
      January 14, 2014 at 6:43 pm

      I phoned the number on the leaflet this morning to give them earache and clarify the date of upload (for my own unfortunate reasons). I was told (by an American male voice who was disconcerted on my refusing to disclose who I was) “Spring” which translated, eventually, as April. Call it February, shall we?

  3. The Jannie
    January 14, 2014 at 4:30 pm

    Ah, ATOS; the commercial medical gangmasters behind the shambles over the assessment of patients’ entitlement to benefits. I certainly want no part of any scam they’re involved in.

    • January 14, 2014 at 6:06 pm

      That’s exactly what I thought.

  4. Errol
    January 14, 2014 at 9:24 pm

    While there is always the fear of big brother, and yes, the state is incompetent and doesn’t understand the simplest of security (such as allowing patients access to their own records) private insurers alread do this.

    If I fall ill in Bournemouth and go to the nearby Spire hospital should the same happen in Norwich they know everything about my history and thus can treat me properly.

    • January 14, 2014 at 10:42 pm

      But is that with your consent, Errol? Something in fine print in the policy, perhaps?

      They don’t just slip a flyer with the latest furniture sale or charity appeal in your letterbox and hope you’ll ignore it.

      It also seems you’re missing the point. As I highlighted in the text … THIS ISN’T ABOUT HEALTHCARE. This is about ‘interested third parties’ wanting to do surveys, plying smoking-cessation treatments, getting you on clinical trials, constantly bugging you by post, phone or on your doorstep.

  5. Paul Shinton
    January 15, 2014 at 1:30 pm

    Thank you, thank you, thank you. If I hadn’t have read this article the leaflet would have gone straight in the recycling bin along with the pizza delivery junk mail that was cleverly wrapped around it.

    Why do they want this information? They seem to be making the reasons as deliberately obtuse as possible.

    Even more importantly, why is this information provided by a blogger when it should be on the font pages of every national newspaper.

    My letter to my G.P. is in the post!

    • January 15, 2014 at 9:44 pm

      Thank you, Mr Shinton. Glad this post was helpful.

      This scheme is meant to ‘pass’ on your personal health information to those who notionally ‘care’. Yes, for that purpose, as you say, the message has been made ‘deliberately obtuse as possible’.

      This was made news last autumn, but nearly all of us — myself included — thought it referred to the Summary Care Record of a few years ago.

      See the bottom of Dr Bhatia’s site for news references to this scheme from late 2013:

      link to care-data.info

United Kingdom Time

Subscribe

Email us at contact orphans of liberty [all one word] at gmail dot com

Authors

For more about these renegades, click on the name to go to a short profile:

AK Haart
Churchmouse
James Higham
JuliaM
The Quiet Man

Orphans logo


Feel free to take this for your sidebar.