There is no clear answer to the question of who's responsible for mistakes in summary care records.
NHS Connecting for Health suggests that responsibility for mistakes lies with the person making the incorrect entry into a patient's medical records.
But the legal responsibility appears to lie with the Data Controller who, in the case of Summary Care Records, is the Secretary of State for Health, according to a Parliamentary answer on 25 June in 2008 by the then NPfIT minister Ben Bradshaw.
The Data Protection Act says that the "data controller" should take reasonable steps to ensure the accuracy of data - and keep it up to date.
But it's unclear how the Secretary of State can ensure that Summary Care Records are up to date, or are free of mistakes.
GP Neil Bhatia points out that the advice of the Information Commissioner's Office is that:
"...it is not enough for a data controller to say that, because the information was obtained from either the data subject or a third party, they had done all that they could reasonably have done to ensure the accuracy of the data at the time.
"Now data controllers may have to go further and take reasonable steps to ensure the accuracy of the data themselves and mark the data with any objections. The extent to which such steps are necessary will be a matter of fact in each individual case and will depend upon the nature of the data and the consequences of the inaccuracy for the data subject."
**
Bhatia questions whether the Secretary of State takes any reasonable steps to ensure accuracy of the SCR data; and he says that nobody from Connecting for Health checks the GP-held summary data data prior to upload. It's also unlikely that the GP checks it either.
So who makes sure the SCR - which is a central part of the £12.7bn NPfIT - is accurate?
Nobody, it seems.
Last month I reported that the Summary Care Records database contains inaccuracies and omissions that make it difficult for doctors to trust it as a single source of truth, according to a confidential draft report by University College London.
Links:
Confidential report on Summary Care Records finds database is inaccurate - IT Projects Blog
Opting out of the NHS database - GP Neil Bhatia's advice
Lib-Dems want to abolish the NPfIT - Smarthealthcare.com
Subscribe to blog feed
Tony,
This appears to be a good example of the confusion between accountability and responsibility. The Secretary of State is accountable for the quality of SCR data, the processes and systems used to manage and update the data. Responsibility for entry, updating and correction lies with the many staff involved across the NHS. To hold senior managers/politicians etc. responsible for all data quality errors may not help improve data quality.
To minimise the risk of data errors a number of enablers are required:
* Systems should be constructed to minimise the risk or error
* Clear standards and processes are required for the provision and updating of data
* Staff should be incentivised to correct any errors that are discoverd
* Data stewards should undertake regular data quality checks in order to assess the quality of data and plan any remedial actions
Data quality issues are, in general, the symptoms of human failures. Whether these are failures to follow correct processes, out of date standards or poorly planned systems. This forensic activity is where efforts should be focused to design out of the overall system any areas of weakness.
Julian Schwarzenbach
Data and Process Advantage
www.dpadvantage.co.uk