The Department of Healthhas amassed
acentral database of one billion confidential
recordson patient visits to hospitals and is
transferring extracts to an academic organisation outside the
NHS.
Computer Weekly has learned that the central database, called
the
Secondary Uses Service, contains over one billion records and
is expanding rapidly. NHS trusts are submitting new records for
uploading onto the database at a rate of one million a day.
The data is used for important medical research, aimed at
improving NHS treatments and healthcare.
But experts are concerned the data is being used without
patients giving specific consent for their private medical
information to be uploaded to the Secondary Uses Service. Grant
Ingrams, chair of the British Medical Association GP IT committee,
says patient-identifiable information in the Secondary Uses Service
should be made anonymous before it is transferred to any other
organisation.
Computer Weekly has also learned that the government's own
advisers question whether there is a solid legal basis for the
Secondary Uses Service database. One of the legal issues is whether
the government should amass private, identifiable data on patients
for purposes not directly connected to their care or treatment.
Although lawyers, doctors and IT specialists recognise the
benefits of medical research based on patient data, they say that
people may be losing control of their medical information which has
traditionally resided in GP practices or the IT systems of local
hospitals.
The Secondary Uses Service is run by BT for
NHS Connecting for Health as part of the £12.7bn NHS National
Programme for IT.
It contains records on nearly all patients in England who have
stayed in hospital, visited outpatients, or attended A&E. It
includes patient-identifiable information such as postcode, date of
birth and NHS number. It also has coded medical information on
diagnoses, and any treatment given, whether a hysterectomy or a
heart operation.
For every patient on the system - tens of millions are on it -
there are usually multiple records.
With official approval, patient-identifiable records from the
database are downloaded monthly onto a DVD encrypted to the 256-bit
Advanced Encryption Standard and despatched by secure courier to
the Dr Foster Unit, an academic organisation which is said by
Connecting for Health to be outside the NHS.
The unit is part of the Faculty of Medicine at Imperial College,
London, and is the only organisation outside the NHS to receive
patient-identifiable information from the Secondary Uses Service.
It keeps the data in secure offices, on diskless workstations which
have no links to the internet. It has received nearly 300 million
records, which include patient-identifiable records from the
Secondary Uses Service.
The Dr Foster Unit is funded by various grants. Its primary
funding is from a separate organisation, Dr Foster Intelligence - a
joint venture between the NHS Information Centre for Health and
Social Care - and a private company, Dr Foster, which provides
healthcare information. The Dr Foster Unit passes only anonymous
records to Dr Foster Intelligence. Dr Foster Intelligence provides
the NHS and the general public with analysis of death rates in
order that hospitals can improve clinical outcomes.
The use of patient data for medical research is seen by experts
as a necessity, for example to analyse whether people living near
electricity pylons or phone masts have more health problems than
those who do not.
But the government's own advisers, the Patient Information
Advisory Group, which is a statutory body, has questioned whether
the government has a solid legal grounding for obtaining, holding
and processing identifiable patient data to produce anonymous data
extracts for analysis.
Whitehall officials, however, say lack of a clear legal status
for the Secondary Uses Service does not make the database
unlawful.
Computer Weekly has further learned the Department of Health
plans to make wider use of the Secondary Uses Service by making
extracts available to commercial organisations, after removing data
from records which identifies the patient, such as date of birth,
NHS number and postcode.
A spokesman for the Dr Foster Unit said that it carries out
research into why healthcare outcomes can vary, for example between
different hospitals, to improve patient care and treatments. That
is why it needs to hold large amounts of data.
He said that stringent measures safeguard the confidentiality of
patient information and there has never been a breach of
confidentiality. The unit does not pass any identifiable data to Dr
Foster Intelligence, he said.
For several months the transfer of patient-identifiable
information from the Secondary Uses Service has been investigated
by the BBC Panorama programme. Since its investigation began the
Department of Health has launched a consultation into the wider
uses of patient information in health research and managing and
planning care.
Panorama: "You Can Run" will be broadcast at 8.30pm, 27
October on BBC One.
Dr Foster Intelligence
Dr Foster Intelligence is a joint venture, half-owned by the
NHS, set up to improve the quality of patient care. It provides,
for example, the NHS and the general public with analysis of death
rates, so hospitals can improve clinical outcomes.
"Some hospitals have been able to dramatically reduce the number
of avoidable deaths because of the availability of this
information. Dr Foster uses a number of data sources to power these
analyses. Key is its partnership with Imperial College, which is
both an NHS hospital Foundation Trust and a leading university,"
said Tim Kelsey, chair of the executive board of Dr Foster
Intelligence.
He said that neither Dr Foster Intelligence nor any Dr Foster
company has ever used, or had access to, confidential patient data
in its work. "Anonymised data is essential to helping the NHS - as
with all public services - understand how it can improve the
quality of its provision."
Read more on Tony Collins's IT projects
blog >>