Google and Microsoft to take over NHS records?

Without making any formal policy announcement, the Tories yesterday suggested – unattributably – that health records could be transferred to Google Health or Microsoft’s HealthVault, or even Bupa.

Political parties sometimes check reactions to possible policies by giving tentative ideas to newspapers, then seeing what happens. It has worked fairly well – The Times had 119 comments on its article.

It published a follow-up on how ethics could sink the plan for Google or Microsoft health records.

Meanwhile Tom Brooks, a much-respected figure in health service IT, has given his views on the plan and gives the latest thinking on President Obama’s healthcare IT proposals. Brooks is a semi-retired healthcare management consultant who still maintains close links with the USA.

Brooks says there are innumerable reasons why it’s not possible to rely on Google and Microsoft for e-records, one being that the internet is not accessible to many of the people who may need most access to health records: the elderly.

Points made by Brooks:

1. “Patients wish to control who accesses their data.  It is not necessary to consolidate data into a database outside of the patient and clinician’s direct control.

“In June, five leading healthcare providers in California successfully demonstrated how patient data could be shared while still being retained by the prime healthcare provider.

“The five providers tested the exchange of clinical health information to improve patient care, allowing access to the information only in that instance of time that it was necessary.

“Taking advantage of recently released Nationwide Health Information Network (NHIN) Connect software, Kaiser Permanente, Long Beach Network for Health, ER Connect-Orange County, Redwood MedNet and Santa Cruz HIE verified the ability to share patient clinical information among regional networks across the state.  The original data remained only on the original healthcare provider’s database.

“Patients do not want their healthcare data to be included in any centralised consolidated depository, where it may pass outside of their control.  Medical information is provided by a patient to a clinician, voluntarily or involuntarily, for use by that clinician in connection with the patient’s healthcare needs.  If their healthcare data is consolidated in anyway in a depository such as the [Microsoft] ‘HealthVault’, it is capable of being accessed without the patient’s explicit permission.

2. “Reliable healthcare data must be proactively managed. Healthcare data is time dependent.  Whether the data is current or not can be of considerable importance.  Legal duties exists for the healthcare provider to record, and maintain, data accurately, but also only to retain the data for as long as the detail is current and relevant.

“The healthcare provider who originally records the data has a duty to use its professional knowledge to manage it. There is no professional active management of a third party data depository to ensure data is current and relevant.

3. “Healthcare data must be unambiguous to anyone who plans to use it. Healthcare data is full of coded data, numeric and otherwise.  Sharing patient clinical information requires strict agreement on ‘coding’ detail to be of value.

“Data placed by a variety of parties into a third party data depository has every probability of breaching coding protocols and putting patients at risk.”



Google or Microsoft could hold NHS records say Tories – The Times

Medical records via Google or Microsoft – BBC technology blog

Tom Brooks – what contribution to NHS IT do local service providers make? – IT Projects blog

Google Health  

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

I'm waitng for the episode of CSI - where the victim dies in hospital of an allergic reation, and it turns out the murderer had hacked into their Googlesoft medical records to delete details of their allergy to penicillin.

Serious stuff - health records. Not sure I'd want to be responsible for them.

The Conservative proposals not only fail to address a number of fundamental issues such as security, funding, existing NHS standards and integration with other NHS systems but they draw attention away from the real debate at a critical time for the National Programme for IT (NPfIT). Do we really need a centralised patient record system or should responsibility be devolved down to NHS trust level? NHS Trusts already have investments in patient record and appointment booking systems and relationships with / and the trust of local citizens. Why not use the web to enable individual trusts to provide secure access to records for other trusts and patients themselves, rather than duplicating everything centrally? This needn't mean new systems for each and every NHS Trust, far from it! In the time that the NPfIT has been running, web technologies have developed to the point where a web front-end can be quickly and cost-effectively developed and overlaid onto existing systems.

Surely making local trusts the guardian of patient records offers the best of both worlds? A trusted and responsible guardian that the public can identify with, without the huge costs and duplications of a centralised system would be a far better use of public funding.