Like most people I expect, I received a letter in the post at the weekend informing me of next phase of the government’s bloated IT platform for the NHS — the Summary Care Record or SCR as they like to call it.
For various reasons, I am both quite comfortable with my medical information being shared, with my consent, and yet also quite twitchy about my personal data being shared a bit too freely.
Indeed, quite a bit of my personal medical data is shared with other organisations as I am participating in a long-term medical study relating to the pills I have to take to stay alive. Everything is done with my consent and I am informed of what is being shared.
However, the government have a lamentable history where it comes to so-called upgrades to information systems, especially as the government prefers single big projects where smaller incremental steps would have been vastly better.
I presume politics plays a part — as it is easier for the politician to get publicity if they can press a BIG RED BUTTON to switch everything on, rather than slow tiny improvements that can’t justify a press release, let alone an appearance on the evening news.
So, in the post arrived a BIG RED BUTTON, announcing a new direction for the NHS record keeping. Incidentally, I am deeply suspicious of the timing of any government initiate that is launched just as an election is due.
In essence, a summary of my medical history will be digitised and made available to other â€œauthorisedâ€ medical persons at various medical centres.
Generally, I would consider this to be a very good idea as making medical data available to people when in need of it is very sensible, and it should save a heck of a lot of money â€“ but I have serious reservations about how the NHS system is being rolled out.
Firstly, everyone will be automatically added to the system — unless you pro-actively send them a form, and despite all the claims about the paperless office, you have to print it out and fill in, then hand into your GP surgery. I am willing to bet you will be required to hang around for an interview where they will try to change your mind.
Talking to my flatmate, he glanced at the document and binned it — he wasn’t aware that he had to opt-out if he wasn’t interested in the plan. I bet a lot of people will think this is something that you have to sign-up for and wont bother, not realising that they are going to end up on a database they never knew they would be on.
So far, the online world is looking like a typical government 1970s style bureaucracy.
If I decide to opt-out, but later change my mind, then don’t worry as I can opt back in again later. So tha’s not too bad. I presume of course that the reverse also applies?
Don’t bet on it!
Once the Summary Care Record is created it can never ever be deleted. Yes, tha’s right, just like the ridiculously badly designed ID Card system, once you are in the system, never again can you leave it.
You can however, ask for your record to be “cloaked” so that Dr Average cannot access it — but it will be made available to an “authorised” person if an unspecified process is followed and unspecified people judge that the unspecified request is reasonable. In other words, some faceless bureaucrats will have the power to overrule my decisions about my own medical privacy.
As you might guess I am incredibly annoyed about that.
In actual fact, you can request a deletion, but they offer dire warnings about how incredibly difficult that will be if you have ever had any medical care after the record was created. Which is bogus — any database system can be designed to handle incidents where “customer accounts” are deleted, while preserving necessary audit trail records. This happens in hundreds, if not thousands of companies every single day — it is common practice.
So why did they design a system that makes it difficult for us taxpayers to control how our information is managed?
I am also not entirely sure their protestations are even legal — as the Data Protection Act requires that “information may be kept for no longer than is necessary” and if I have requested that the summary record is deleted, then it is no longer necessary and MUST be removed.
After all, the Summary Care Record is just a summary of my medical records and the master-file still remains intact. Doesn’t it?
In fact, the documentation explaining what is going on explains how much information is included in the Summary. Although it makes soothing noises about how the Record will initially only contain basic information, the implication is that it will grow in size every time I need treatment and that unspecified details will be added at later dates.
As someone who has to visit the hospital at regular intervals, the idea that every visit I make is added to the Summary is not one I am at all comfortable with. Not because I don’t want the visits to be recorded, as they already are recorded by the hospital â€“ but when Dr Average sees a gigantic file where a short document was expected, they tend to get very, very cautious about everything they do. Too cautious in fact and it causes more problems than it solves.
The lack of information about the Summary Records, coupled with the difficulty of getting out of the system once you are in it make me wary. Very wary indeed.
There is a good aspect to the SCR though — as it records the medications you are taking, and if for some reason you go to a medical center that isn’t your local doctor, they can check that what they give you wonâ€™t conflict with whatever you are already taking.
Now, firstly, unless they are going to finally roll-out a long overdue change and let people visit doctors where they happen to be, not where they live (such as a doctor close to work), then the only time this will be an issue is if you are rushed to hospital. Here, two scenarios exist â€“ you are concious and give permission for your SCR to be looked at — but most people on medications know very well what they are taking and right now, if asked “what medications are you taking”, we can reply swiftly with accurate information. So the SCR doesn’t really add anything new.
Of course, you could be unconscious due to a road accident and not able to tell the doctor what medications you are taking, so the SCR becomes very useful. Except that the emergency center can only look at your SCR if you give them permission to do so — and as you are on a table dying from internal injuries, this is not likely to be possible.
So, the key reason given for having an SCR is also shown to be bogus.
As it is â€“ I am going to opt-out as the check/balances and the right to privacy is simply not even close enough for me to trust the system with my medical history. Fix that, and I might change my mind, as I do genuinely believe that good IT systems can make things better. It’s just such a damn pity that the government never buys good IT systems.
If you want to opt-out, the form to print out is here.
If anyone thinks I am moaning and just being negative for the sake of being negative, here is my vision for how an NHS database should have been designed.
A team should have defined the communications protocols between IT systems, the security rules and access controls.
Then published that as an open API that anyone can view and comment on to point out any flaws.
Once finalised, anyone can build a â€œfront-endâ€ that enables medical professionals to access information. That way innovative front-ends come into existence and doctors/hospitals are free to choose whichever platform they personally feel comfortable with, knowing that it fully complies with the API standards.
Some companies might develop graphically rich websites that come replete with bells and whistles that some doctors will love, and other companies might develop a very old-fashioned looking website that other doctors would prefer.
The key is that each doctor can pick and choose what they want, innovation drives improvements and competition drives down prices. The only centralised system would be the core database â€“ and even that could be on a distributed platform if that was deemed to be desirable.
No need for the current planned bloated, expensive, slow, centralised system.
Everyone would win — well, except Crapita of course.
As a final comment, if you want an example of how good the government is at managing IT systems, this excellent eclectech cartoon should educate you.