NHS England’s own risk analysis says the planned Care.data system could undermine patient confidentiality, it has emerged.
The revelation coincides with the publication of a YouGov poll that indicates almost two-thirds of UK citizens are opposed to having their medical data sold to corporations under the scheme.
Details of the risk analysis also coincide with the publication of NHS statistics that show more than two million serious data breaches by the NHS have been logged since the start of 2011.
The risk analysis admits the database could be vulnerable to hackers or could be used to identify patients “maliciously”, reports the Telegraph.
From March, the scheme will see patient medical details collected from hospitals and general practitioners loaded into a central database.
The database, which planners claim will improve healthcare and assist medical research, will be controlled by the NHS Health and Social Care Information Centre (HSCIC).
NHS officials have sought to downplay the risks by pointing out that the information will be anonymised or “pseudonymised” to protect patients’ identity.
More on the NHS and data protection
- Symantec helps NHS trust cut security costs by a quarter
- NHS set to challenge ICO fine
- ICO issues warning over NHS Data Protection Act breaches
- ICO hits NHS Trust with biggest penalty to date
- ICO finds NHS Liverpool Community Health breached Data Protection Act
- Royal Cornwall Hospitals NHS Trust breaches Data Protection Act
- ICO issues first monetary penalty to the NHS
- ICO issues £175k penalty against Devon NHS Trust
- NHS Trust to appeal £375k data loss penalty
- ICO issues £200,000 penalty for failed IT disposal
- ICO concerned about ongoing NHS data breaches
- Royal Wolverhampton NHS trust loses patient data
- NHS trusts breach Data Protection Act with patient records
- Third NHS trust caught in breach of Data Protection Act
- Lost NHS medical records: Laptops had unused encryption software
- ICO takes enforcement action against NHS trusts for data losses
But the risk assessment by NHS England, warns that patients could be “re-identified” if the data is combined with other information.
According to the risk report, the scheme could damage public confidence in the NHS and result in patients withholding information from doctors.
In January privacy groups raised concerns about the planned database and sale of data to health researchers and insurance companies.
They warned there will be no way for patients to work out who has accessed their medical records or how they are using the information.
A new YouGov poll, commissioned by consumer advocacy organisation SumOfUs.org, shows that 65% of the UK public are opposed to having their personal medical data sold to corporations.
More than 220,000 people have also signed a SumOfUs.org petition calling on NHS England to reconsider the scheme and pledge that access patient’s private data won’t be sold.
SumOfUs member and retired GP, Ron Singer said the NHS has to take the confidentiality of patients seriously.
“The government needs to explain who is going to get access to this data, exactly for what purpose and for how much,” he said.
NHS England is distributing leaflets to 26 million households in England about the Care.data scheme and the right to opt out.
But Nick Pickles, director of Big Brother Watch, has questioned whether the public has been “deliberately kept in the dark” about risks that are not explained in public information leaflets.
“Medical records hold some of our most sensitive information and the threat to people’s privacy of them being maliciously stolen or re-identified must not be underestimated,” he said.
Commenting on the risk assessment, Kim Kelsey, national director for patients and information at NHS England, said that on risks of hacking and data misuse by individuals, the document sets out clearly the high-level technical and contractual safeguards against them.
“On ethical issues such as patient trust in the system, the document shows we have pledged to ensure public awareness of the scheme, its benefits, its risks, and patients’ rights to register objection,” he said.
Chris McIntosh, chief executive of security and communications company ViaSat UK, said moving patient data to a centralised database naturally has its risks, and while information needs to be useable it also needs to be secure since health records will inevitably be seen as a lucrative target for hackers.
“The NHS needs to be doing all it can to ensure it has all the safeguards in place, both for the sake of public trust, and to avoid the risk of fines from bodies like the Information Commissioner’s Office,” he said.
To avoid fines worth hundreds of thousands of pounds in the future, McIntosh said the NHS needs to ensure all the information in its new database is encrypted, and patient confidentiality is preserved.