There has been too little debate around the proposed
creation of a national "data spine" for NHS patients' health
records. The deadline for suppliers to lodge bids for contracts for
the NHS national IT programme has passed, and the selection process
is underway; yet still we know virtually nothing about how the data
spine will operate in practice and what checks and controls it will
be subject to.
The 600-page "output-based specifications" document, on which the
suppliers based their bids, yields no clues to the general public,
each version of which is password-protected. And the cult of
secrecy of Richard Granger, director general of the £2.3bn national
programme for IT, has been reported previously in Computer Weekly.
In an ideal world, an integrated health records system allowing,
say, a consultant in Land's End to familiarise himself with the
medical history of a patient from John O' Groats, would be a great
thing. But computer systems do not operate in an ideal world. In
the real world, a national system spanning some 50 million
citizens' medical records will introduce such scale and complexity
that glitches and security flaws are inevitable - and that's if
clinicians use the systems, something that is by no means
guaranteed.
Many concerns remain. How will doctors find the time to discuss
with 50 million people whether they will consent to their personal
information being fed into a national data spine? Of course,
citizens will have the option of refusing to consent to their
records being loaded up on to the database. But those who do will
be warned that their refusal could compromise the quality of
healthcare they receive.
And what of our national security agencies? Will we receive
assurances that they are barred from accessing the records for
their own ends?
We strongly support the idea of electronic patient records. But the
advantages of a centralised national system may be outweighed by
the high risks of failure. Electronic records that can be exchanged
within an NHS trust area may be more practicable. And any
implementation will be a success only if the full, non-IT
ramifications are given comprehensive consideration. This does not
appear to be the case.
There is the issue of patient-doctor trust, for example. Philip
Larkin memorably described passing ambulances as "closed like
confessionals". The same can currently be said of GPs' surgeries,
where patients are able to broach issues they might never
countenance discussing elsewhere. This relationship will
fundamentally change when citizens realise that every secret
yielded at the local surgery could find its way on to a national
database.