GPs slam NHS England for poor publicity of data grab plan The Tory-led government has failed to make a good case for its plans to share GP medical records with information that is already stored by NHS England, the Royal College of General Practitioners warned on Wednesday. Patients have, in turn, lost confidence in the so-called care.data scheme, said RCGP's honorary secretary …
No leaflet here either.
Luckily the internetz informed me about this scandal and I have downloaded opt out forms from http://medconfidential.org
Another aspect that has not been publicised is that the police will have complete access to your medical records now, even if you opt out.
Any company can buy the medical records for around £3k (or something like that) and while your name is supposed to be changed for a number to keep your identity secret, it is trivial to work out who someone is as the data will contain your date of birth and postcode. The chances of someone else in your postcode having the same date of birth are very slim.
There has been an update on that site since I last looked which throws the initial understanding out the window. When you opt-out all it does is remove your name and a few other identifying entries but the data still gets uploaded in the anonymised form. Not really an opt-out in that case.
Also shows that ALL your details are shared if you don't opt-out. Previously it was thought the data was anonymised for all. One suspects the complete lack of information has been intentional.
That was the old policy. It seems to have changed now so that it will prevent any upload, althought this is relatively recent (and seems to have been announced on Twitter)
<blockquote class="twitter-tweet" lang="en"><p>@C7RKY @sam_a_voice @clarercgp Hi. The 1st type of objection in FAQ 8 stops all flows of your data to care.data http://t.co/bAvaJiaPWU</p>— Geraint Lewis (@GeraintLewis) February 12, 2014</blockquote>
<script async src="//platform.twitter.com/widgets.js" charset="utf-8"></script>
@Anon5000
You're getting horribly confused there, and the misinformation in your post is staggering. I think you've been reading a lot of scare stories, while not reading up on what is what.
'Red' data (which is first line care only data) is the only one which contains a date of birth and a postcode. Those of course being 'identifying' information. Companies simply can't buy that. To get it, there needs to be a whole horde of legal steps that involve the patient directly..
The first point that a company can begin to acquire information is the pseudonymised "Amber" data, which specifically, in every release that has ever been made about it, specifically mentions they replace the post code and date of birth with tokens. If a country wide research project reveals some worrying spikes in some demographic, that can be reported back to the NHS, who can then refer that back to identify the group at risk, internally (this info can't be passed back to the research group, as it would break the NHS Information Governance restrictions, but it is info the NHS has that is very useful).
Part of the requirement is that any company accessing this needs to abide by an extremely punitive access agreement (the kind that would result in a company being sunk entirely, and the names associated with that company not really being able to work in the industry very easily afterwards).
What you're thinking of is "Green" data, that is pre-aggregated, and contains large scale demographics, without anything that could identify someone (unless you're scared that reporting to your GP for a rash in Manchester in 2013 would uniquely identify you).
Please, don't carry on the scare mongering. There are definitely things to think on about Amber data, and they are being considered.
Now, that's not to say there aren't issues with pseudonymised data; there always will be (any information carries risk). The trick is to balance that risk so society, and its individuals, get the best return for any risk. That's the aim of this, and it's having a fair stab. The debate should _always_ carry on, but it should always be done with facts, not something your mate said in a pub that he'd heard from the dustman who'd got it from his son in the playground from someone who'd read it on facebook, so it must be true!
Have a read of: http://www.england.nhs.uk/2014/01/15/geraint-lewis/ for a quick overview. It's fairly easy to dig out the factual side of things from the official NHS sites, which publish what the data sets contain, and who can access what levels. There's really not a lot of excuse for getting it that badly wrong.
The problem is that I (and anyone else I know) have had no information at all from the NHS, my GP or anyone else about this. We have had to hear it from other places. Then try and work out what it all means when different NHS pages have had conflicting information. Do we go and tell every individual in the country to go and do a few hours research on something most had not even heard about until a few days ago thanks to their friends or newspapers.
Do we trust the NHS pages that are using a bit of 'nudge' theory to convince us that everything is ok and there is nothing to worry about? Naming PDF's "Better information means better care" and such like is only to convince us to accept our privacy is being destroyed. Yes there can be some good done from sharing some anonymised data but we are at a point where we no longer trust external parties with that data. Not only will the information be abused, we won't have to worry about the data being hacked as too much access will be given from the start anyway.
Think of those in the mental health system who have confided in confidence subjects to their doctor but now that information will be available to the Police at least and possibly others. People will start shunning mental health services if they do not believe there is any confidence.
Having visited my GP recently the receptionist advised that they had seen a lot of opt-out letters in the last week, which surprised me for this quiet leafy suburb. GP's, politicians and generally everyone is concerned about this. Everyone except the NHS and those who want to get their hands on the data at some point. Obviously everyone is concerned for no reason...
... was when I read this document that I got this document forwarded to me:
http://www.care-data.info/
I thought I'd done enough by opting out of the Summary Care Record and similar nonsense, but this is something completely different and I'd urge everyone to opt out ASAP because this data doesn't even make an attempt at the fig leaf of being "anonymised" and you'll be giving your information to Cameron's Cronies in perpetuity for them to use in any commercial way they want!
I got one, slipped into a Farm Foods leaflet. Normally they're just chucked but thanks to el Reg I was expecting it. It doesn't mention anything about care.data, only SCR. Even doctors don't think this is a good idea so I'll be asking for my personal details to be withheld:
http://www.patient.co.uk/health/caredata-sharing-your-information
Thanks for that link - most informative. A couple of things jumped out at me ...
What information will be shared? : Your NHS number and date of birth, your postcode.
Some reasons why you might choose to opt out: There is a small risk of your data being traced back to you. You cannot be sure which companies may have access to your information in the future.
So.. one item of data that uniquely identifies you and two others that, when combined can almost certainly identify you only pose a 'small rsik' of identification?? Oh, and you have no idea where this data is going to end up - who in their right mind can think that this situation is acceptable?
the fact that there is no standard, straight-forward way of opting out of this speaks volumes.
They seem to be claiming that the 'identifiable' data will only appear in a 'bridging' database:
"Your date of birth, full postcode, NHS Number and gender rather than your name will be used to link your records in a secure system, managed by the HSCIC. Once this information has been linked, a new record will be created. This new record will not contain information that identifies you."
So the stuff that is offered on the open market will be 'less' identifiable. (The black market is another matter...)
Wrong, wrong wrong. That's "Red" data, which is for front line emergency care (i.e. if you're having a major op in a Bupa hospital or something).
you're thinking of Amber and Green data, which do have those things removed. It's in all the published information about it, and it's strongly worded in the Information Governance requirements for the NHS (which the ICO can fine a hospital or organisation hugely for breaking).
The sheer amount of misinformation, and lack of reading of readily available factual information in this thread is staggering. It seems like Facebook is becoming the source of "this is a fact" information these days, and nobody wants to put in the effort to read the readily and easily available facts (a simple Google search would have disproved what you've just written by reading the NHS published information on what goes where).
" "Red" data, which is for front line emergency care (i.e. if you're having a major op in a Bupa hospital or something)."
Bupa will not get a damn thing that falls under "Red" data, even if you go into cardiac arrest in one of their hospitals; care.data is not for front line care at all.
Read http://www.england.nhs.uk/2014/01/15/geraint-lewis/ or ring 0300 456 3531 and ask specific questions (like "will the police get my data"; wait for the stunned silence when they can't quite decide if you are being serious or not).
I always look through the rubbish that comes through the letter box - just in case.
I had heard about this (here or on slashdot & friends emailed me) so I wrote to my GP, to be asked to fill in a form that contained the same information that I had given them in my letter. I had previously written to my GP to opt out of a similar scheme in 2010.
We have not received a leaflet.
When I presented the health centre reception with a written opt out request letter for the data protection official they didn't seem to know what to do with it or who that person might be. I suspect it was filed in the bin, I've certainly had no confirmation that it's been acted on.
Zero information about data-protection or this latest attempt to sell our personal data in any of the health centre public spaces.
There's a GP toolkit on the official website.
GPs are a commercial entity (subcontracted to the NHS). Them not spending the time (5 minutes, from the reception desk, where I often have to wait because they're chatting to each other about TV programmes when I come in on an evening session) to grab the document from the official site is a bit lame.
I haven't received a leaflet but fortunately found out by word of mouth. I've had a letter back from my GP confirming that my data will not be uploaded.
I simply don't like the fact that once it has been uploaded you can't have it removed you can only ask for a half ar$ed anonymization. Oh and the fact that I wasn't asked permission for ''My personal'' medical records to be sold off (I know technically they haven't been sold off.......yet!!!).
This post has been deleted by its author
This post has been deleted by its author
Well, I'm torn.
There must be huge epidemiological research potential in collating that data, and if it was rigorously anonymised, heavily encrypted, credibly secured, transparent and accountable in operation, with a formal, unified, straightforward opt-out process, and with a cast-iron guarantee (backed by legal sanctions) that it will never leave the NHS, I'd be all for it.
But since instead it seems to have been deliberately slipped under the radar, with inadequate anonymisation, slapdash opt-out, all the usual hallmarks of government failing to take security seriously, and an overt intention to sell the data on(!!!), this fantastic research opportunity has been turned into an IT, PR and political train-crash.
Data greed kills clinical need. *Sigh*
Perhaps it won't be that long before data capture becomes a fairly standard part of illness management for many conditions; such things as blood pressure, temperature, pulse and a range of other more subtle measurements. Many diabetics, for example, routinely keep a fairly close watch on their insulin levels, and those with bad lungs monitor blood oxygen.
With open source software and data formats there should be sufficient uniformity for results to be pooled completely anonymously via the experts who provide personalised treatments; that is to say identifiable only as far as the medical practitioner in charge of treatment. Data logging could both improve the treatment for many conditions and directly collect data for research.
As per title; no leaflet through the door, unless it was tucked into the local rag. When I phoned the health centre to opt out the receptionist had to go and ask someone what it all meant. Poor girl sounded like she hadn't even heard of the scheme.
Not had any confirmation that my records have been made exempt so may well still end up on the register. Has there been any info on deleting the data once on the DB in line with the DPA?
Been reading a lot about this and have opted out, you ask GP to add a code to your your records.
But reading further you can't opt out of the police accessing the information that leads me to think, that even if you do opt out your data is still being sent to the central DB, it just has an additional field that flags that you do not with your data to be allowed for the commercial use.
I didn't get a leaflet.
I'm opted out.
I'm rather keen on IT in medicine and healthcare.
But not this instance of this class of scheme operated this way.
NHS England is quite ... new.
Similar schemes were pushed in 1990-2002 IIRC and we rejected them.
At that time the idea of effective end to end encryption was resisted - successfully - for reasons unclear to us then.
This is presented as the first effort and only way to achieve various goods.
It is neither.
I had some knowledge about this but have had no leaflet. I will be filling out the form at http://optout.care-data.info/ , thanks for the link.
It's quite sad when I think about it, this sharing of information could have resulted in better care for patients by GP's comparing the results of treatments to see the effectiveness, however I can't trust any government or corporation with my personal data not to use it for their own gain or mismanage the security.
I find the following statement on the website quite worrying though as they could just claim to have already pulled your data though the website claims they don't start till March and I'm pretty sure last time I checked that sql has a delete command? DELETE myrecords FROM UNSECURE_CORPORATE_TWATS;
"But do not delay, because once your data is uploaded you can never get it removed from the HSCIC databases."
The following statement from the website is a classic,
How much is care.data costing the taxpayer ?
No one knows. The HSCIC has refused to detail the full costs of the programme to date.
A business case for the care.data programme has not yet been submitted to HM Treasury.
It is likely to cost in excess of £50 million though.
Here's the honest answer to that,
No one knows, were not telling, you've given us the go ahead anyway and were going to rinse you for at least 50 big ones.
I can't think of a legitimate reason for there being identifiable records available for non-care purposes.
For any data mining or research purposes the first half of the postcode should be accurate enough and even that should only be released if deemed necessary.
What I have read about the scheme causes much concern, there seems lots of scope for privacy breaches. I have opted out although I understand this is a pretty feeble action to take - the records are still being uploaded and will still be accessible.
That's because there isn't.
Non identifiable information is available for non-care purposes. Identifiable ("Red" in all the blurb that's been released) is for primary care purposes only. The other variants (pseudonymised, and outright aggregated unidentifiable information) is the only info that's available, with the pseudonymised protected by pretty draconian requirements for obtaining it.
This post has been deleted by its author
I definitely have not received the leaflet as I've been looking out for it and know what it looks like, so assumed it had not been rolled out yet and was surprised to find it was supposed to have been done in January. I don't know of anyone who has received this, either in London or in the North where family live. How are they intending to give us four weeks notice and yet still roll out the system in March then? I have already opted out with a personal letter and advised friends to do the same.
I get the genuine mail on top and the junk mail folded together below, usually within a Co-op flyer. The Co-op flyer (or the Domino's flyer or whoever's it is that day) and everything within it goes straight in the bin.
Essentially only know about it from The Register articles.
Looking forward to opting out! In that sense it has been handled better than the last lot's ID card scheme. Except that got dropped, of course. But given this lot's record, I expect it'll be back.
"The household leaflet is part of a comprehensive range of awareness raising activities, which also includes: leaflets and posters in every general practice in England; articles in newspapers; information on the NHS Choices website and via social media; as well as information cascaded via 350,000 patient groups and charities"
Ok, so lets break this down:
- leaflets and posters in every general practice in England: Which will miss the vast majority who for reasons of generally good health will not need to attend their local GP regularly. Those who do attend are probably so used to the banal NHS propoganda posters that you find on the walls of GP practices that they simply won't get read.
- articles in newspapers: Which newspapers? Nothing seen in either of the morning/evening commuter papers I read daily.
- information on the NHS Choices website: Who actually visits that? Again, only people visiting the site for some specific purpose will come across this information. It will not be noticed by anyone else.
- and via social media: Ah ha. You mean inside the private internet that is Facebook, where it will be inaccessible to anyone who doesn't have a Facebook account ... or do you mean Twitter, which requires 'following' the relevant stream to receive such information ... if you even have a Twitter account that is.
- information cascaded via 350,000 patient groups and charities: Which are niche groups, populated by a tiny subset of the 60+ million inhabitants of this country.
...and no I've not received this alleged leaflet either in North London.
With postcode and date of birth its really game over on that front.
In a highly populous area you might have a chance but where I live there are three properties on our postcode so its a piece of piss to link the data with postcode, date of birth and gender.
Opt outs will be going to my surgery asap.
As for the police having access, for what reasonable purpose does the police force need to know about your confidential medical records?
If the police are called to an incident where your name has come up, they could check up on your medical records on route. If they see you have heard voices in your head in the past, they can make the choice of shooting you first, ask questions later if you survice, as intel showed you could be a cop killer...
Why, oh why, is everyone harping on about "Postcode is the killer on this, with date of birth", when those two are explicitly not available to commercial entities (unless it's a "private hospital" like Bupa or such that will be performing your operation in the private sector, who will need your medical record to not kill you while they perform the primary care activity, for which this data is reserved).
All the commercially available info does not have date of birth, postcode, or any identifying information. A basic search through the released information tells this plainly, but nobody seems to have read that (just the 'scare stories' running round Facebook).
@Juillen 1: Have you never seen the Electoral role lookups or the data 192.com has? Organisations have these types of databases and are able to reverse search based on any fields they want. There is no doubt they will have data analysts write some code that matches up as much data as possible.
@jullien1 You don't know much about databases do you?
Anonymous data in one database can be cross referenced against other data bases for patterns which can then be used to make identifications.
If the data has no postcode area, gender or age its just a list of illnesses and not much use as a data set. No money in that for Camerons mates......
and they say they don't have access - given that they've lied to me in the past I'll believe it when Satan goes to work on a snowmobile..
The problem with this is compounded because there are several conditions where it is ILLEGAL under UK law to inform anyone of a persons medical status without their permission and there would be precisely zero chance of me granting same especially not to the Police.
This has to be stopped - its going to end up costing lives. Example: Police know a protester has Diabetes - deny them food 'by accident' then claim they were 'drunk & violent' (hypogycaemic) as an excuse for tasering or shooting them "in self defense"...
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
