Many of us live in a world where we can access and edit personal information online and on the move. Whether it is checking bank balances, amending grocery orders, or informing the world of our most recent “epiphany”, we are becoming accustomed to a life lived in close connection with our private data. A small number of patients have also been able to access their NHS heath records online for a number of years. However, the NHS as a whole has been rather slow on the digital uptake.
The current government has been trying hard to rectify this. Jeremy Hunt, the health secretary, announced last year that he wanted the NHS to be “paperless” within five years and also recently renewed a pledge to give patients online access to their health records by April 2015.
The government is also pressing ahead – albeit with a six month “pause” – with plans to collect digital health information from doctors’ records and link these data with digital health information from hospital records in one large care.data database.
Eventually, patients will get access to any identifiable data held about them but the primary purpose of this database is to give commissioners, researchers and, more controversially, private companies, access to valuable health data.
Managing your condition
The Department for Health’s rather saccharine video clip illustrates some of the benefits of giving patients online access to their own health information and the Royal College of General Practitioners has issued more formal guidance outlining the key benefits (and risks) associated with this policy. Among other benefits, providing online access should make it easier for patients to identify (and rectify) errors in their health records and should help patients to better understand and manage their medical conditions. It might even encourage healthcare professionals to improve their record keeping practises and enable them to fulfil their legal duty to provide equal access for all, for example by making it easier for patients with visual impairments to read their own health records.
There are also many potential benefits associated with schemes designed to share key aspects of patient’s digital health data with commissioners, researchers and, potentially, private companies. Allowing this kind of access should lead to more effective provision of care, better health service planning, and more efficient responses to epidemics. Even those who are critical of the handling of the care.data project agree that allowing “third party” access to our digital health records can improve health care provision for everyone.
However, whenever there is talk of letting patients and/or third-parties access digital health data, anxiety abounds. Sometimes the concern has to do with a potential unfairness in the way the benefits and burdens of data sharing fallout. In other cases, the concern is with the harm that might befall a patient if they see certain damaging or distressing information in their own records. But most of the digital disquiet is about something which is arguably more basic: confidentiality.
Privacy has long been at the heart of good healthcare practice. Hippocrates, the Father of (western) medicine, made this clear in his oath and the organisations that regulate medicine, nursing and midwifery and the allied healthcare professions in the UK make it abundantly clear that confidentiality is essential to good professional practice. This is because the integrity of the “professional-patient” relationship depends upon it and public health cannot be achieved without it. And if confidentiality is treated in too cavalier a fashion, trust, implicit promises and human rights may all be violated.
The digital revolution
But does the digital revolution taking place in the NHS represent a clear and present threat to the security of health records? The answer depends, in part, on which aspect of the revolution we are taking about. The care.data project involves greater sharing of digital health records (although there is an opt-out clause) and serious concerns have been raised about such things as “jigsaw attacks”.
But simply allowing patients online access to their own records can also lead to a loss of privacy because passwords can be hacked and people can forget to log out after accessing their online accounts. We also know that many patients who already have online access often share their records with family members. This is not necessarily problematic, but there are clearly serious risks associated with doing this.
Whatever the risks, it looks like a “digital NHS” will soon be with us and it is important that we do not become too luddite about these developments. After all, paper records are not always very secure either, as anyone who has visited a relative on a hospital ward will no doubt know.
That said, the security of our health records matter hugely to us all and if the government wants NHS patients and NHS professionals to embrace the digital revolution it’s going to have to work much harder to ensure that we all have a better understanding of what is going on and much more control over the sharing of our data.