No qualifications needed to access national health records database

A new national database of confidential patient records is being opened to access by NHS staff who need no professional qualifications – despite official assurances that access to the summary care record will be provided only to specialists who are providing care or treatment.

Documents obtained by Computer Weekly under the Freedom of Information Act also provide evidence that NHS Connecting for Health – which runs part of the £12.4bn National Programme for IT [NPfIT] – has quietly decided to weaken assurances given to patients about the confidentiality of records.

Bolton Primary Care Trust is the first “early adopter” of the summary care record, a national database run on BT’s data “spine” which is being gradually populated with what Whitehall health officials hope will be about 50 million patient records.

The database will include the names and addresses of patients, medication history, serious illnesses and allergies. It’s a central part of the NPfIT.

Patients in Bolton were the first in England to be offered the option of viewing their NHS summary care record online through

Along with those in other areas, Bolton’s patients have been mailed leaflets informing them about the summary care record. The leaflets set out the benefits of having a national database but also gave patients the option of “opting out” of having their records uploaded.

One leaflet gave a specific assurance to patients that receptionists will “not need to see your full clinical records”.

After the leaflets were mailed to thousands of patients it was realised that receptionists at Royal Bolton Hospital’s Accident and Emergency department had – before the trial of summary car records began – been accessing the local electronic patient records routinely, then printing them to add to the casualty record card.

GPs involved in a trial of the NPfIT summary care record said they did not want receptionists to see clinical files unless patients were contacted again and told of a change of plan and that non-clinical staff may now have access to the health database.

Instead Bolton Primary Care Trust has decided to change the procedure at hospitals to allow healthcare assistants – sometimes called nursing auxiliaries – to view the care records database instead of receptionists. But GPs say healthcare assistants usually have no professional qualifications and are not clinical staff treating patients.

It has also emerged that healthcare assistants are in Bolton’s A&E department only 50% of the time.

The papers released under the Freedom of Information Act further disclose that NHS Connecting for Health has decided to change a written assurance to patients that non-clinical staff “will not” have access to your [patient] records to the weaker “may not” have access. This leaves open the possibility of administrative and other non-clinical staff viewing the database of summary care records.

Paul Cundy, co-chair of the British Medical Association’s GP IT committee, said the papers obtained by Computer Weekly showed there has been an “erosion of the confidentiality of patient records that we feared would happen”. He said that healthcare assistants were in essence “trained receptionists”.

He added: “We were told there would be role-based access to the summary care record. It’s now turned into whim-based access”.

An assurance on NHS Connecting for Health’s website tells patients that NHS staff will have to pass three tests to access their records:

– “They will have to be registered as NHS staff and be issued with a Smartcard and passcode which works like a chip and PIN bankcard

– “They have to be recognised by the system as providing care or treatment to you (Legitimate Relationship)

– “They will only be able to see the sorts of information they need to give you that care or treatment (Role Based Access)

“So, the receptionist may not be able to see the same information as a doctor or nurse, and none at all if not involved in providing care to you.”

And the leaflet sent to patients in the Bolton area said that anyone who has access to their clinical care records:

“• must be involved in your care;

“• must have an NHS smartcard, with a chip and a passcode;

“• will only see information appropriate to the job they are doing (for example, a receptionist will only see the relevant information needed to process your appointment, and will not need to see your full clinical records)”

The document from Bolton Primary Care Trust – minutes of a Summary Care Record Project Board meeting on 7 January 2008 – released to us under the Freedom of Information Act says:

“Process for using Summary Care Record in Accident and Emergency

“The group were informed that, at one of the implementation group meetings, the GP practices raised an issue around the process for using SCR in A&E. Originally, the procedure at A&E was to be that the receptionist would look at the record then print it off and add it to the CAS [Casualty Record] card. The GPs have issues over non-clinical staff accessing the records as they have informed their patients that this would not happen.

“Two leaflets went out to patients when they were being informed of having a Summary Care Record. The standard mailing leaflets state that non-clinical staff ‘may not have access to your records’. The security leaflet however, clearly stated that non-clinical staff ‘will not have access to your records’. Connecting for Health have decided to keep the wording of the 1st document the way it is and change the second to match it.

“The GPs have said that all their patients will need to be informed that receptionists may look at their records. It has been decided that, because of this, the only action that can be taken is to change the procedure at the hospital. The amended procedure means that HCAs [healthcare assistants] will now access the records rather than the receptionists as they are classed as clinical staff…

“The main problem with this change of procedure is that HCAs are only in the department around 50% of the time. Chris is looking into what could happen the rest of the time and will feed back at the next meeting. The Board are happy to sign off the procedure for the HCAs to access the records instead of the receptionists as long as there is a procedure in place for the full day rather than just when the HCAs are in.”

GP Paul Thornton who has made a study on the privacy implications for patients of national databases of patient information said the assurances given to patients in Bolton had been misleading.

He said:

“The question is whether patients would regard access by healthcare assistants as fitting with what they have been told. Do they really meet the requirement to be regarded as ‘clinical staff’? Healthcare assistants do not have a registerable professional qualification. It is beyond their remit to interpret and act upon the information in the summary care record.”

A spokeswoman for Bolton Primary Care Trust said the issues about whether receptionists and healthcare assistants can access the national summary care record database are “still being worked through”. She added that healthcare assistants are meanwhile accessing patient records and printing them.

She said that the national leaflets being sent to patients about the Summary Care Record are “currently being reviewed”.


Patient database open to access by non-qualified NHS staff

Leaflet for NHS patients – Your health information, confidentiality and the NHS Care Records Service – Answers to your questions

Why might National NHS Database proposals be unlawful? – paper by GP Paul Thornton

NHS Connecting for Health – data controllers “in common” – another paper by Paul Thornton

Role-based access

Information Commissioner’s view of NHS electronic health records

National Audit Office due to publish 2nd report on NPfIT by May 2008

Will national database of electronic records have a 50% shortfall?

Bolton Primary Care Trust reports “excellent” progress with summary care record

They’ve got you with SUS

BMA GP IT spokesman questions whether system being supplied under the NHS’s National Programme for IT [NPfIT] is legal

NHS database: Is NHS Connecting for Health telling the whole truth?

NHS 23 – wiki of senior computer scientists who have signed an open letter calling for an independent review of the NPfIT

Data confidentiality – NHS blog doctor

NHS actively weakening access to patient records