Like most people I expect, I received a letter in the post at the weekend informing me of next phase of the government’s bloated IT platform for the NHS — the Summary Care Record or SCR as they like to call it.

For various reasons, I am both quite comfortable with my medical information being shared, with my consent, and yet also quite twitchy about my personal data being shared a bit too freely.

Indeed, quite a bit of my personal medical data is shared with other organisations as I am participating in a long-term medical study relating to the pills I have to take to stay alive. Everything is done with my consent and I am informed of what is being shared.

However, the government have a lamentable history where it comes to so-called upgrades to information systems, especially as the government prefers single big projects where smaller incremental steps would have been vastly better.

I presume politics plays a part — as it is easier for the politician to get publicity if they can press a BIG RED BUTTON to switch everything on, rather than slow tiny improvements that can’t justify a press release, let alone an appearance on the evening news.

So, in the post arrived a BIG RED BUTTON, announcing a new direction for the NHS record keeping. Incidentally, I am deeply suspicious of the timing of any government initiate that is launched just as an election is due.

In essence, a summary of my medical history will be digitised and made available to other “authorised” medical persons at various medical centres.

Generally, I would consider this to be a very good idea as making medical data available to people when in need of it is very sensible, and it should save a heck of a lot of money – but I have serious reservations about how the NHS system is being rolled out.

Firstly, everyone will be automatically added to the system — unless you pro-actively send them a form, and despite all the claims about the paperless office, you have to print it out and fill in, then hand into your GP surgery. I am willing to bet you will be required to hang around for an interview where they will try to change your mind.

Talking to my flatmate, he glanced at the document and binned it — he wasn’t aware that he had to opt-out if he wasn’t interested in the plan. I bet a lot of people will think this is something that you have to sign-up for and wont bother, not realising that they are going to end up on a database they never knew they would be on.

So far, the online world is looking like a typical government 1970s style bureaucracy.

If I decide to opt-out, but later change my mind, then don’t worry as I can opt back in again later. So tha’s not too bad. I presume of course that the reverse also applies?

Don’t bet on it!

Once the Summary Care Record is created it can never ever be deleted. Yes, tha’s right, just like the ridiculously badly designed ID Card system, once you are in the system, never again can you leave it.

You can however, ask for your record to be “cloaked” so that Dr Average cannot access it — but it will be made available to an “authorised” person if an unspecified process is followed and unspecified people judge that the unspecified request is reasonable. In other words, some faceless bureaucrats will have the power to overrule my decisions about my own medical privacy.

As you might guess I am incredibly annoyed about that.

In actual fact, you can request a deletion, but they offer dire warnings about how incredibly difficult that will be if you have ever had any medical care after the record was created. Which is bogus — any database system can be designed to handle incidents where “customer accounts” are deleted, while preserving necessary audit trail records. This happens in hundreds, if not thousands of companies every single day — it is common practice.

So why did they design a system that makes it difficult for us taxpayers to control how our information is managed?

I am also not entirely sure their protestations are even legal — as the Data Protection Act requires that “information may be kept for no longer than is necessary” and if I have requested that the summary record is deleted, then it is no longer necessary and MUST be removed.

After all, the Summary Care Record is just a summary of my medical records and the master-file still remains intact. Doesn’t it?

In fact, the documentation explaining what is going on explains how much information is included in the Summary. Although it makes soothing noises about how the Record will initially only contain basic information, the implication is that it will grow in size every time I need treatment and that unspecified details will be added at later dates.

As someone who has to visit the hospital at regular intervals, the idea that every visit I make is added to the Summary is not one I am at all comfortable with. Not because I don’t want the visits to be recorded, as they already are recorded by the hospital – but when Dr Average sees a gigantic file where a short document was expected, they tend to get very, very cautious about everything they do. Too cautious in fact and it causes more problems than it solves.

The lack of information about the Summary Records, coupled with the difficulty of getting out of the system once you are in it make me wary. Very wary indeed.

There is a good aspect to the SCR though — as it records the medications you are taking, and if for some reason you go to a medical center that isn’t your local doctor, they can check that what they give you won’t conflict with whatever you are already taking.

Now, firstly, unless they are going to finally roll-out a long overdue change and let people visit doctors where they happen to be, not where they live (such as a doctor close to work), then the only time this will be an issue is if you are rushed to hospital. Here, two scenarios exist – you are concious and give permission for your SCR to be looked at — but most people on medications know very well what they are taking and right now, if asked “what medications are you taking”, we can reply swiftly with accurate information. So the SCR doesn’t really add anything new.

Of course, you could be unconscious due to a road accident and not able to tell the doctor what medications you are taking, so the SCR becomes very useful. Except that the emergency center can only look at your SCR if you give them permission to do so — and as you are on a table dying from internal injuries, this is not likely to be possible.

So, the key reason given for having an SCR is also shown to be bogus.

As it is – I am going to opt-out as the check/balances and the right to privacy is simply not even close enough for me to trust the system with my medical history. Fix that, and I might change my mind, as I do genuinely believe that good IT systems can make things better. It’s just such a damn pity that the government never buys good IT systems.

If you want to opt-out, the form to print out is here.

Someone called DiamondGeezer on Twitter is equally unimpressed (with apologies to Iain Dale)


If anyone thinks I am moaning and just being negative for the sake of being negative, here is my vision for how an NHS database should have been designed.

A team should have defined the communications protocols between IT systems, the security rules and access controls.

Then published that as an open API that anyone can view and comment on to point out any flaws.

Once finalised, anyone can build a “front-end” that enables medical professionals to access information. That way innovative front-ends come into existence and doctors/hospitals are free to choose whichever platform they personally feel comfortable with, knowing that it fully complies with the API standards.

Some companies might develop graphically rich websites that come replete with bells and whistles that some doctors will love, and other companies might develop a very old-fashioned looking website that other doctors would prefer.

The key is that each doctor can pick and choose what they want, innovation drives improvements and competition drives down prices. The only centralised system would be the core database – and even that could be on a distributed platform if that was deemed to be desirable.

No need for the current planned bloated, expensive, slow, centralised system.

Everyone would win — well, except Crapita of course.

As a final comment, if you want an example of how good the government is at managing IT systems, this excellent eclectech cartoon should educate you.


Be the first to know what's on in London, and the latest news published on ianVisits.

You can unsubscribe at any time from my weekly emails.

Tagged with: , ,

This website has been running now for just over a decade, and while advertising revenue contributes to funding the website, but doesn't cover the costs. That is why I have set up a facility with DonorBox where you can contribute to the costs of the website and time invested in writing and research for the news articles.

It's very similar to the way The Guardian and many smaller websites are now seeking to generate an income in the face of rising costs and declining advertising.

Whether its a one-off donation or a regular giver, every additional support goes a long way to covering the running costs of this website, and keeping you regularly topped up doses of Londony news and facts.

If you like what your read on here, then please support the website here.

Thank you

  1. John says:

    After getting this form I checked their website(more fluff than fact), I couldn’t find any real details of what the exact dataset of an SCR was, I phoned the helpline and had a discussion with a very helpful chap. It seems that the onus is on you to actively manage this data via your GP.

    Also it appears that after initial population with medication, allergies, known adverse reactions data, more information may be added following treatment(s). Again it is up to you to keep any non-default information, which may be sensitive, hidden.

    It would be nice to have a system with the basic accurate information on, but I’m not happy about the fact that more information can be added and the fact that I have to actively manage it with my GP.

    I did suggest that they published a clear definition of what data they would hold and what circumstances data would be added and what the mechanism is to keep the data default values only.

  2. Nigel says:

    I rarely use hospitals, but had a really bad fall in Norwich, about 100 miles from my home. My daughter took me to the nearest hospital A&E Department and I was asked for my name and date-of-birth. Immediately the A&E receptionist stated my home address and asked me if that was me. At no time was I asked to provide any I.D.

    Instead of waiting 2hrs 10 minutes to see an A&E Doctor, I could easily not have sat down for a long wait and departed with sensitive information.

    Theoretically, if I knew anyone’s name and D.O.B I could call into any UK hospital, give the same details and immediately find out their home address, providing they were of male sex and reasonably similar age.

    Bit worrying!


    Database security seems extremely lax in my view.

  3. Robbo says:

    You really should Opt Out. I’ve worked for the NHS for years. Their IT system is not safe and patient confidentiality is very lapse. For the government to get some money back for this expensive IT system they are looking at selling your information to insurance companies! If you are taken ill away from home it’s best to let the Doctors deal with you as a totally new case and not let them be hindered by info on a computer. Need I say more.

  4. Iainc says:

    Firstly – the National NHS IT Systems are very safe and Patient Confidentiality is not lax. Some Trusts have been fined for breeches, and every Trust monitors this are very carefully.

    As for the A&E scenario, a Consultant has the ability to use a “break-box” feature to look at your Summary Care record if you have one, but are incapacitated. if there is a medical neccessaity and reviewing your SCR might save your life, there is provision for this.

    the reason that there is no dataset, is that SCR is being continually developed. initially it covers your demographic data, medications and GP summaries. As other developers link to the SCR it will grow – other software will share summaries via the SCR.

    The system is not centralised, but very decentralised and continuing to go that way. In 2015 most Trusts will be freed from group contracts and there will be much more emphasis on clinical messaging.

    • IanVisits says:

      Quite what was it you were looking for when you found this “more than three year old” blog post — and why were you looking for it from a computer with an IP address points to St. Thomas Hospital in London?

    • Greg says:

      Depends what you mean by confidential.
      If by confidential the NHS means only healthcare staff can access it, then its confidential.
      If by confidential the patient expects no confidential information has left the doctor’s computer without the patient’s knowledge and consent, then no, it is not confidential.
      The NHS’s definition of the word ‘confidential’ is different to the public’s definition of the word.

  5. Kal says:

    Well, I ended up here, in September 2013 after Googling “NHS Summary Care Record Concerns”, as they are now implementing it in my area, so I’ve just received the opt-out form in the post and wanted to learn more.

1 Pings/Trackbacks for "Why I am opting out of the NHS Summary Care Records Scheme"
  1. […] has fully lifted) but here is a very interesting piece written in the BMJ and here are a few other opinions of bloggers who share some of my concerns, as well as the opinion of the BMA (British Medical Association) […]

Home >> News >> rants