Discuss the data spine dangers

There has been too little debate around the proposed creation of a national "data spine" for NHS patients' health records. The...

There has been too little debate around the proposed creation of a national "data spine" for NHS patients' health records. The deadline for suppliers to lodge bids for contracts for the NHS national IT programme has passed, and the selection process is underway; yet still we know virtually nothing about how the data spine will operate in practice and what checks and controls it will be subject to.

The 600-page "output-based specifications" document, on which the suppliers based their bids, yields no clues to the general public, each version of which is password-protected. And the cult of secrecy of Richard Granger, director general of the £2.3bn national programme for IT, has been reported previously in Computer Weekly.

In an ideal world, an integrated health records system allowing, say, a consultant in Land's End to familiarise himself with the medical history of a patient from John O' Groats, would be a great thing. But computer systems do not operate in an ideal world. In the real world, a national system spanning some 50 million citizens' medical records will introduce such scale and complexity that glitches and security flaws are inevitable - and that's if clinicians use the systems, something that is by no means guaranteed.

Many concerns remain. How will doctors find the time to discuss with 50 million people whether they will consent to their personal information being fed into a national data spine? Of course, citizens will have the option of refusing to consent to their records being loaded up on to the database. But those who do will be warned that their refusal could compromise the quality of healthcare they receive.

And what of our national security agencies? Will we receive assurances that they are barred from accessing the records for their own ends?

We strongly support the idea of electronic patient records. But the advantages of a centralised national system may be outweighed by the high risks of failure. Electronic records that can be exchanged within an NHS trust area may be more practicable. And any implementation will be a success only if the full, non-IT ramifications are given comprehensive consideration. This does not appear to be the case.

There is the issue of patient-doctor trust, for example. Philip Larkin memorably described passing ambulances as "closed like confessionals". The same can currently be said of GPs' surgeries, where patients are able to broach issues they might never countenance discussing elsewhere. This relationship will fundamentally change when citizens realise that every secret yielded at the local surgery could find its way on to a national database.

Read more on Antivirus, firewall and IDS products