An innocuous-looking amendment to the Identity Card Bill could allow the ID card's database to hold medical records in future, according to a data protection expert.
Dr Chris Pounder, an expert in data protection and privacy law, has warned that the amendment, tabled in October, could reverse the position stated by the government in its public consultation documents.
The government has always maintained that the information in the ID card database would not include sensitive personal information as defined by the Data Protection Act.
But the amendment could legitimise the storage of such information in certain circumstances, according to Dr Pounder.
The amendment defines when 'sensitive personal data' should not be included.
As a result it is possible to infer that sensitive data could be held in other instances.
The Bill also confers power upon the home secretary to modify the information held in the ID card database, or register. This power, if exercised, coupled with the possibility that the database could include items of sensitive personal data, would establish the legal infrastructure to permit details of medical and criminal records to be held in the database in future, said Dr Pounder.
A Home Office spokeswoman did not deny that the Bill could have the effect of allowing the ID card register to contain medical records. But she said that the government had made it clear that it did not intend to hold medical information on the register, apart from the possible voluntary inclusion of organ donor status.
The Medical Protection Society opposes personal information being held on the card or register.
Dr Mick Clements, MPS medico-legal adviser, said: 'The public would be very concerned if there was sensitive medical information on ID cards that could be freely accessed. There have to be safeguards.'
Dr Michael Wilks, chairman of the BMA's medical ethics committee, said there needed to be guarantees that sensitive personal information could not be accessed by unauthorised personnel.
Information to be held on the central ID database could imply certain medical conditions through the holder's address and photograph.
The Bill also provides for a record to be kept of when, where and by whom ID is checked. This has raised fears that the 'audit trail' could provide clues to medical conditions.
Dr Pounder explained: 'If an individual on the register uses an NHS service which requires a check on entitlement to free treatment, that check will be recorded on the ID card database.'
The BMA fears that this audit trail could compromise confidentiality, for example, if it shows an individual has accessed mental health services or a GUM clinic.
The Home Office spokeswoman said the record would merely show that a check was made by a particular public service. But if the Bill is passed in its current form, it would leave it open to government ministers to decide later on the detail of how it would work.
The Home Office spokeswoman said safeguards included independent oversight of the scheme by the National Identity Scheme Commissioner.
The Lords' Select Committee on delegated powers and regulatory reform said that any decision to make access to public services conditional upon an ID check should be determined by fresh primary legislation.
Before imposing such a condition there would need to be consideration of the public health implications, the BMA warned.
'We are worried that the ID card proposal could affect the most vulnerable patients, ' said Dr Wilks.
The Bill is at the committee stage in the House of Lords.