EXECUTIVE SUMMARY

—  In our experience the breakdown in communications is one of the most frequent causes of adverse incidents, claims and complaints. We support, in principle, the development of an integrated centralised health record system.

—  Patients should not be required to expressly consent to have their data uploaded onto the NHS Care Records System. However, patients should have the right to opt out of the system or limit access to some of their clinical data.

—  Healthcare professionals must have a legitimate justification to access patient information on centralised system based on a therapeutic relationship.

—  Information on the centralised system should be tiered to permit access only to the areas of a patient's record which are necessary for a healthcare professional to carry out their work.

—  The existing framework of confidentiality and patient access to information should be replicated in the centralised records system.

DETAILED EVIDENCE

  1.  The Medical Protection Society (MPS) is the world's leading indemnifier of health professionals. As a not-for-profit mutual organisation, MPS offers support to members with legal and ethical problems that arise from their professional practice.

  2.  MPS membership offers peace of mind to more than 240,000 health professionals and their patients worldwide. Members commonly seek help with clinical negligence claims, complaints, medical council inquiries, legal and ethical dilemmas, disciplinary procedures, inquests and fatal accident inquiries. They have access to expert advice from a 24-hour emergency helpline and, where appropriate, legal assistance and compensation for patients who have been harmed through negligent treatment. We also run risk-management and education programmes to reduce adverse incidents and promote safer practice.

  3.  MPS is not an insurance company. All the benefits of membership of MPS are discretionary as set out in our Memorandum and Articles of Association.

  4.  We welcome the Health Select Committee's enquiry into the Electronic Patient Record and its use. The development of the NHS Care Records service is a hugely ambitious project which has the potential to make a significant difference to the delivery of healthcare in England.

  5.  We support, in principle, the development of an integrated centralised health record system. In our experience the breakdown in communications is one of the commonest causes of adverse incidents, claims and complaints.

  6.  We have experience of claims and complaints arising from circumstances where the patient has changed GP practices and consulted a new doctor who hasn't had the benefit of the patient's records. This has compromised the doctor's ability to get the full clinical picture; exposing the patient to sub-optimal care. Access to accurate relevant information for appropriate healthcare professionals through a centralised records system has the potential to significantly enhance patient safety.

  7.  The introduction of a centralised records system inevitably raises issues about confidentiality, access and security. It is vital that the NHS Care Records Service is developed in a way which complies with the existing legal and ethical frameworks surrounding confidentiality and that the confidence of both the profession and the public in the accuracy and security of the information stored on the system is not undermined.

What patient information will be held on the new local and national electronic record systems

  8.  If the intention is that the NHS Care Records Service should be the sole repository of patient information, then it must be comprehensive, tiered according to levels of sensitivity and with access limited to those who have a legitimate reason to have that information.

  9.  On the other hand, if the NHS Care Records Service is intended principally as a summary, then there will need to be clear guidelines about what should or should not be recorded. There would be a risk that absent data on one patient's record would indicate that there was nothing to record which could potentially mislead a clinician.

  10.  We understand that the Department of Health intends the record to be the primary comprehensive source of information about the patient and that other records would be phased out over time.

Should patients be able to prevent their data being placed on systems

  11.  We support a system where all patients should be deemed to have given consent to the uploading of their health information unless and until they expressly opt out or choose to limit the information available.

  12.  We understand that some organisations have proposed that patients should have the right to expressly opt into the system. We think that such proposals are wholly unworkable and would place an unrealistic administrative burden on highly pressed clinicians, particularly in the primary care sector. The level of work involved in gaining each patient's express consent would be completely disproportionate to the potential benefit.

  13.  Currently, the General Medical Council (GMC) guidance makes it clear that (unless there are exceptional circumstances) a patient's refusal to allow information to be shared with another healthcare professional should be respected. We believe that patients should have the same right with the electronic record.

  14.  Patients should be able to expressly opt out of the centralised records system. A patient's right to limit access to their clinical information could be addressed by the "sealed envelope" system. Patients could limit access to elements of their record by requesting that certain information is hidden from normal view. Further thought needs to be given to how patients will be able to restrict access to their clinical information.

  15.  A large number of patients opting out of the system would undermine one of the core benefits of a centralised records system. We hope that opt outs would be a limited to a small proportion of patients. The onus is on the Department of Health to ensure that the security of the system is sufficiently robust and that the system is rolled out in a way that captures the confidence of the public.

Access to locally and nationally held information

  16.  The mere fact that a person is a healthcare professional working in the NHS should not be sufficient to allow unrestricted access to a patient's records. Currently, patient records are held locally in paper and summary electronic form. It is possible for anyone working in a primary care setting to access patients' records without first being required to demonstrate a legitimate justification. The only restriction is in terms of confidentiality clauses in employment contracts.

  17.  The new system must be underpinned by the principle that access is only possible by those who have a legitimate justification to access health records in the delivery of healthcare or other legitimate purpose.

  18.  The legitimacy should be based on a therapeutic relationship, save in only the most exceptional circumstances. Additionally, access to the system must be tiered to permit access only to the areas of a patient's record which are necessary for a healthcare professional to carry out their work. For instance a receptionist in a GP practice will only need access to, for example, the patient's name, address, telephone number, and possibly limited access to some clinical information such as test results.

  19.  As mentioned above, patients should be able to restrict access to certain information contained in their record.

  20.  Presently, under the Data Protection Act patients have a right to see their records whether they are paper or electronic. It might be helpful, as a means of increasing public confidence in the new system, if patients could "log in" to the system to view their own data and to enable them to see an "audit trail" detailing who has accessed their data. Patients' rights of access to their own data should be subject to the same therapeutic restrictions that are enshrined in the Data Protection Act.

Patient confidentiality

  21.  Security of electronic data is a global concern. The new system must employ the most robust national and international security measures to ensure that patient data remains confidential. The scope and number of potential users of the NHS Care Records System must be a potential weakness that will need to be addressed.

  22.  Technology aside, the major problem is the human factor which is not subject to system controls. Addressing the human element is a matter of education and training, legal requirements to comply, and enforcement.

  23.  The question of whether information of a highly sensitive nature should be excluded from the system during the pilot phase should be carefully considered.

  24.  While security requirements must be rigorous, they should not be so onerous and time consuming that they interfere with the ability of healthcare professionals to meet patients' clinical needs, particularly in an emergency situation.

Data used for purposes other than the delivery of healthcare

  25.  It is sensible that organisations outside the NHS but involved in the delivery of healthcare should have access to the appropriate information in the patient's electronic record. However, the patient should be given the opportunity to refuse to allow information shared outside the NHS. For instance, a GP referring a patient to receive NHS treatment through a private healthcare provider should explain to the patient that the provider will have access to appropriate information contained in their electronic record and give the patient the opportunity to refuse or limit access to the provider.

  26.  Using data stored on the new records system for clinical and management purposes is acceptable if the data has been anonymised or pseudonymised in accordance with the recommendations of the Information Commissioner.

  27.  The trend in clinical research has been for increasing transparency and a proper consent process. That should remain the case for any use of patient identifiable data save where there are statutory requirements for disclosure and processing of data for specific purposes.

  We would be pleased to provide any further evidence either in writing or orally which might be helpful to the Committee's inquiry.

Medical Protection Society

March 2007