Chris Lancelot on... The DOH and Data Security

In the wake of the recent child benefits fiasco, no one in their right mind will trust the government to keep their personal details confidential.

It beggars belief that a government department could act in such an incompetent and illegal manner. The situation is made even worse by ministers claiming that this was human error and not a system failure. Properly configured application software should never allow ordinary users to download an entire database, nor burn it to disk in an unencrypted form.

The episode highlights the government's cavalier disregard for personal data. In the wake of this, which patient will now allow their medical details to be uploaded to the spine?

Medical information is quite different from child benefit data because once a breach of medical confidentiality has occurred the genie can never be put back in the bottle. Those affected by the recent breach were able to change their bank accounts and passwords: but once the details of your schizophrenia at age 23, HIV status or recreational drug history are public then that is that. Your employment prospects, your personal relationships, indeed your whole life may well never be the same again.

A centralised medical database will improve the quality and efficiency of medical care enormously - but only if patient data is confidential, accessible only to clinicians and staff who have a direct need to know. Not only must the data be kept confidential, it has to be seen to be kept confidential. The child benefit fiasco, coupled with the government's insistence (against medical and professional IT advice) that everyone's medical data will be uploaded automatically to the spine unless a patient specifically objects, both shout that the DoH doesn't give two hoots over handling data responsibly. As a result patients in their droves will refuse to allow their data to be uploaded.

Connecting for Health needs, very urgently, to implement its data protection mechanisms completely, and very publicly; arrange for patients to opt in to uploading their data; and then go on a 'hearts and minds' campaign to persuade both professionals and patients that centrally kept data really is safe in their hands. It will be an uphill struggle.

Dr Lancelot is a GP from Lancashire. Email him at GPcolumnists@haymarket.com.

Have you registered with us yet?

Register now to enjoy more articles and free email bulletins

Register

Already registered?

Sign in

Follow Us:

Just published

GP appraisal should be suspended until pandemic ends, says RCGP

GP appraisal should be suspended until pandemic ends, says RCGP

GP appraisal should be completely suspended for the duration of the COVID-19 pandemic,...

First5 GPs and trainees record videos for new general practice recruitment films

First5 GPs and trainees record videos for new general practice recruitment films

A new series of GP recruitment films for Yorkshire and the Humber region feature...

GPs could face CQC inspection at sites delivering COVID-19 vaccine

GPs could face CQC inspection at sites delivering COVID-19 vaccine

GPs could face CQC inspections at designated sites delivering millions of COVID-19...

COVID-19 vaccination could start 7 December as GPs promised 10 days' notice

COVID-19 vaccination could start 7 December as GPs promised 10 days' notice

GP practices chosen to deliver COVID-19 vaccination will not start the campaign before...

GPs face unfair burden from 'layers of regulation', government admits

GPs face unfair burden from 'layers of regulation', government admits

A government report on NHS bureaucracy admits GPs face a 'particularly high' legislative...

GPs should carry out 45% of consultations remotely after pandemic, says Hancock

GPs should carry out 45% of consultations remotely after pandemic, says Hancock

Nearly half of GP consultations should continue to be delivered remotely after the...