back to article NHS England tells MPs: 'The state isn't doing dastardly things with GP medical records'

NHS England's bosses and the government's health minister came under fire from MPs on Tuesday afternoon over the fudged and delayed plan to store patients' GP-held medical records with other data kept by hospitals in a centralised database. Tim Kelsey, the health service's patients and information national director, admitted …

COMMENTS

This topic is closed for new posts.

Page:

  1. Eponymous Cowherd
    Big Brother

    Track Record

    "[Kelsey] said that it was simply not true that "the state is going to do dastardly things" with centrally held GP medical records. "

    And, of course, their track record bears this out.

    1. Anonymous Coward
      Anonymous Coward

      Re: Track Record

      > And, of course, their track record bears this out.

      Even if this government did have a spotless record in this regard and kept rigidly to their word, could they guarantee that the next government would do the same? Or the one after?

      1. Eponymous Cowherd

        Re: Track Record

        Its a moot point. We know this lot aren't above giving citizens a damn good probing and selling the results, and the Labour lot were worse.

  2. Richard Jones 1
    Holmes

    Broadmoor Has To Answer

    I am convinced that the use of inmates on day release from Broadmoor Hospital to manage and develop Government software projects is not the world's greatest idea. It is good that the disadvantaged members of society are given the chance to contribute. However, sadly those so far used lack both the detailed knowledge and subtle appreciation of how society should function. I am convinced that this is the reason why almost all government projects have infinite cost overruns and the capacity to fail on their objectives. The "was it wasn't" illegal sale of hospital records for the princely sum of £2,500 will of course keep the NHS running for a long time; about 1 second did I hear?

    1. Anonymous Coward
      Anonymous Coward

      Re: Broadmoor Has To Answer

      It is good that the disadvantaged members of society are given the chance to contribute. However, sadly those so far used lack both the detailed knowledge and subtle appreciation of how society should function.

      Funny, you could be talking about MPs there.

  3. Ocular Sinister

    Of course the state isn't doing dastardly things!

    They've all been contracted out so that government can make claims like this, with the added bonus that you can't find out what's going on because they are exempt from Freedom of Information requests.

    1. Robert E A Harvey

      Re: Of course the state isn't doing dastardly things!

      I think this is the real problem.

      I don't suppose for a minute that anyone at the NHS wants to do dastardly things. I also assume good faith on the part of most of the Government. But that isn't enough. We now don't trust any of our power structures in this country, after 5 decades of ineffectiveness and occasional magnesium flares of corruption.

      Duck houses, the way failed politicians run away to well paid sinecures in Europe, Blair and his housing stock, Thatcher and her cover ups. We don't trust them any more. At all. Over anything.

      So when they try to do something that /might/ need us to take a balanced view of why they are doing it, we can't. Because we suspect everything they do. We have become uber-cynical.

      The shame is entirely theirs.

  4. Anonymous Coward
    Anonymous Coward

    Awesome. Attempt to guilt-trip the population into saving your nefarious scheme.

    Two words for Kelsey, first begins with F, second begins with O

  5. nichomach

    Technically, they're not...

    ...*doing* nefarious things, since the nefarious things have already been done.

  6. Grahame 2

    Fine then.

    "He said if scattered pieces of such data could be assembled, like a jigsaw, to identify a specific individual, for example, then the firm responsible would face a fine of up to £500,000 from the Information Commissioner's Office."

    Half a million cap on the fine, and no possibility of a custodial sentence. Compared to the value this data set has, half a million pound fine could simply be put down as the cost of doing business.

    Once that data set has been re-identified and distrubuted, the damage is done.

    500k puts the value of each record at arround 10p, I think the data is worth a bit more than that!

    1. Grahame 2

      Re: Fine then.

      decimal point error, oops

      500,000 / 43,000,000 = ~a fine of 1p per record (maximum)

      I suspect this data is worth much more than that to insurers.

    2. Chris Malme

      Re: Fine then.

      Now if it was 500K per per patient affected, then that might be something.

      But I believe that deliberate circumvention of the intent to keep the data anonymised should get you jailtime - for anyone involved, from the techies to the managers and directors involved.

      1. John Smith 19 Gold badge
        Thumb Up

        @Chris Malme

        "Now if it was 500K per per patient affected, then that might be something."

        Now that's more like it.

      2. JohnMurray

        Re: Fine then.

        Perhaps they should really anonymise the data. Not pretend-anonymise. It is almost as if it was anonymised in a way that could easily be de-anonymised if wanted. I mean, birthdate, gender and full postcode. Never attribute incompetence to a government, when you can as easily attribute malignacy to it. Government employs enough people with univ degrees to get it right, to get it wrong has to be deliberate.

      3. Anonymous Coward
        Anonymous Coward

        Re: Fine then.

        "But I believe that deliberate circumvention of the intent to keep the data anonymised should get you jailtime "

        Not enough. Look at Murdoch and his vermin all bleating that they didn't know or they didn't do it deliberately. Proving otherwise is difficult, and could be enough to get the despicable liars (or incompetents) off the hook.

        Far better to make people cupable for circumvention of privacy controls, without having to prove knowledge or intent. It then becomes the organisation's responsibility to have controls to ensure that they do not circumvent privacy requirements. Ignorance of the law is no defence - why should ignorance of the organisation breaching the law be a defence for those rewarded for responsible for running it?

        1. Richard Taylor 2
          Facepalm

          Re: Fine then.

          Apparently Ms Wade did not realise that phone hacking was illegal - honest.....

    3. Yet Another Anonymous coward Silver badge

      Re: Fine then.

      The fine is for the company doing the dedupe, so you simply dissolve the company after you have sold the data to yourself.

      The fine only applies to companies doing the dedupe if they are under UK jurisdiction, simply run the server in Boratistan and you are safe.

      There is no fine for buying/selling/using the data afterwards

  7. Anonymous Coward
    Anonymous Coward

    Do you trust the Government to oversea a sucessful IT scheme?

    Problem is, once the genie is out of the bottle, or in this case, the data has been compromised, that is it. You can't get it back in.

    With this in mind:

    Do you trust the Government to successfully implement an IT project that manages data of such a private nature, akin to your financial data, to ensure that the safeguards are so watertight that even a malicious insider couldn't easily walk away with it?

    If the answer is no then how can you agree to the proposals?

    Not that I think *what* I think will make one jot of difference to the inevitable outcome. I will have to rely on incompetence to do the job for me. Worked with identity cards.

    1. JohnMurray

      Re: Do you trust the Government to oversea a sucessful IT scheme?

      I think they´re trusting ATOS. What could be wrong with that?

  8. John G Imrie

    One big database

    I've never understood why it has to be 'one big database'. Why not define communication and anonymization protocols that can be run at the GP's surgery so only the minimum amount of data requested can be accessed.

    1. Otto is a bear.

      Re: One big database

      Nice idea, just how much IT do you think a surgery has to do this, and what constitutes the minimum amount of data. You would need some kind of AI to work it out, or someone in the surgery who would spend their time reviewing and releasing data requests.

      1. Raumkraut

        Re: One big database

        > just how much IT do you think a surgery has to do this

        Don't most local surgeries outsource their IT already?

        > You would need some kind of AI to work it out, or someone in the surgery who would spend their time reviewing and releasing data requests.

        I'm not so sure pre-reviewing every request is entirely necessary. Decent security, restricted authentication tokens, comprehensive logging of every request, a clear audit trail, and stiff penalties for misuse, should be enough to deter most ne'er-do-wells from mucking about.

        How often would such requests be done, anyway? Surely only when a patent's status changes - they move home, visit a doctor on holiday, require emergency treatment, etc. We're surely not talking 1,000 requests per second which need reviewing.

    2. JohnMurray

      Re: One big database

      The data is extracted as-is. Even the opt-out only refers to the data when it is on HSCIC system.

      You can bet your ass that the opt-out is worth less than an ice creams lifespan in a volcano.

  9. Tromos

    Want my data? Limit the postcode to area code (first 3/4 characters only), no date of birth, just age range accurate to decade, and no NHS number or other unique identifier. And then make it opt-in.

    Otherwise, I will not only opt out, but also encourage everyone I know (and anyone else I can reach) to do likewise and spread the word further.

    1. Grahame 2

      Even redacted that much could still be re-identified if details of a few previous addresses where included. Include data such as time off work / hospital stays, more pieces of the jigsaw fall into place, the list goes on.

    2. Anonymous Coward
      Anonymous Coward

      Given the rarity of quite a few medical conditions, or more saliently combinations of conditions, even this is nowhere near enough.

      1. Anonymous Coward
        Anonymous Coward

        I have 2 conditions affecting 2% of the population. if these are independent ( research topic there straight away, contact me re informed consent) then I'm one special snowflake within 250 ordinary snowflakes.

        now talk to me about re-identification. oh and I've "opted out", which seems to mean my data from the gp is going to be extracted to somewhere (in the UK?) by the nice people at atos. quite what happens after that? perhaps that nice history graduate from McKinsey could enlighten us?

  10. Crisp

    Turns out that the data is going to be handled by ATOS healthcare.

    And that's me opting out straight away.

    1. TitterYeNot
      Thumb Up

      Re: Turns out that the data is going to be handled by ATOS healthcare.

      @Crisp - Thanks for the heads up, wasn't aware that those incompetent parasites were involved.

      I was 90% sure I was going to opt out before learning that, now 100% sure...

  11. Zog_but_not_the_first
    Big Brother

    Reassurance

    Like finding a dodgy-looking character testing your doors and windows who reassures you that “It’s just a security check for your safety and privacy”.

    Well, I’m reassured.

  12. Thomas 4

    Time out a second here, Skippy

    "If 90% of people opt out, we won't have an NHS."

    Logically, the fact that we have an NHS now means that either this data harvesting system is active now, or this statement is a load of complete bollocks.

    1. Anonymous Coward
      Anonymous Coward

      Re: Time out a second here, Skippy

      I think he meant to say "If 90% of people opt out, I won't have a job."

      1. Allonymous Coward

        Re: Time out a second here, Skippy

        And this would be a bad thing...?

    2. Kane
      Big Brother

      Re: Time out a second here, Skippy

      "Later, during the hearing, Kelsey made what some critics may consider to be an outrageous claim. He said: "If 90 per cent opt out [of care.data], we won't have an NHS.""

      To me, that didn't sound so much like a claim, as it did a warning.

      1. MrT

        Grabbing that much...

        ...the collective cough would be deafening.

    3. Ken Hagan Gold badge

      Re: Time out a second here, Skippy

      Logically, the fact that he made this statement, despite it being patently untrue, means the one thing that any intelligent observer now knows is that the scheme's backers feel the need to spout outrageous lies to keep their ship afloat. It's that bad.

  13. HereWeGoAgain

    Legal safeguards

    "the legal safeguards he insisted were already in place in the Health and Care Act 2012."

    They are in effect non-existent. They can be changed at will by another act of parliament.

    1. Anonymous Coward
      Anonymous Coward

      Re: Legal safeguards

      Yes, and they were cheeky bastards for even planning data collection before security is crystal clearly defined, because people must have informed consent; I saw nothing which gave me confidence in that data sewer, so have already opted out.

      F'em!

  14. Anonymous Coward
    Anonymous Coward

    I was born yesterday?

    "...NHS England would try to bring an end to concerns about care.data by talking about legal safeguards..."

    Like passing a law criminalising the possession of patient data of those who have opted out by private companies, attempting to obtain, , or viewing, or encouraging others to obtain, or supplying data of those opted out. Criminalising the de anonymization of any NHS patient data by private businesses, or attempting to reconcile it with third party databases. Making those within the NHS responsible for the data criminally liable for allowing unauthorised 3rd party access, including someone handing over a password or allowing records to be viewed. Etc, etc. With decent custodial sentences attached.

    Given the deliberate mendacity, hedging and incompetence to data, I won't hold my breath. The current half cocked attempts to deliver a back door fait accompli to the private sector will blow back very badly.

  15. SeanEllis
    Megaphone

    Private interests

    Bottom line: I'm very happy for my medical data to be used for the good of all. I'm not happy for it to be used as another asset to be sold off in the forced privatization of the NHS.

    Ben Goldcare has a nice article in the Grauniad: http://www.theguardian.com/society/2014/feb/21/nhs-plan-share-medical-data-save-lives

    Let's see what changes get made in the 6 months "consultation" period - and opt out if we're still not happy.

    1. Anonymous Coward
      Anonymous Coward

      Re: Private interests

      That's the real bloody tragedy. I imagine most people are happy to contribute, but not happy to line others pockets for a pittance or make a rod for their own backs with future insurers, employers etc etc.

    2. Mark #255

      Re: Private interests

      Ben Goldacre is now rather less optimistic. If you look at his tweets yesterday (@BenGoldacre), you'll see - it's the most vexed I've ever seen him.

      And given his (guarded) optimism in that piece last Friday, it seems that care.data is sunk.

      1. Anonymous Coward
        Anonymous Coward

        Off-Topic: Eyesore.

        I just looked at the Ben Goldacre Twitter webpage and all I can say is what an eyesore. I can't remember the last time I saw anything that bad.

      2. Dr Stephen Jones

        Re: Private interests

        Too little too late from Goldacre, who has been a cheerleader for the scheme, and was telling everyone who objected we were Luddites or idiots as recently as a week ago. He supported the extraction six months ago when there was no patient opt-out at all.

  16. This post has been deleted by its author

  17. James Boag

    Man The lifeboats

    You can always move to Scotland and vote yes, Problem solved !

    1. Anonymous Coward
      Anonymous Coward

      Re: Man The lifeboats

      ...or just move to Scotland.

      NHS Scotland has always been a separate body from the NHS in England & Wales and healthcare is already a devolved issue in Scotland.

      Not sure that would be sufficient to delete/opt-out your NHS England & Wales data though?

      Information Governance page at NHS Scotland:-

      http://www.knowledge.scot.nhs.uk/ig.aspx

  18. John Smith 19 Gold badge
    Gimp

    "Start the slurping and we'll do the "code of conduct" later."

    Because really it's not like the patients own their data, is it?

    That's the attitude of a data fetishist.

    1. Code Monkey
      Big Brother

      Re: "Start the slurping and we'll do the "code of conduct" later."

      And this is exactly why I've opted out. Not that I'd trust these bastarts with a code of practice either.

      [dons tinfoil hat]

  19. Anonymous Coward
    Anonymous Coward

    Tim Kelsey: If 90 per cent of patients opt out of care.data, we won't have an NHS.

    But the care.data data isn't used for medical care, so how could opt outs end the NHS?

    Someone is being economical with the actualité, but who?

Page:

This topic is closed for new posts.