Different perspectives are always useful in these areas, helping to 
provide a fuller picture. Myself, commenting only as a service user, 
having directly observed/experienced a mixed picture across the health 
service prefer to maintain some scepticism.

Some examples which range 
from very low levels of knowledge and professionalism to high expert 
levels of knowledge and professionalism — which not surprisingly are 
the ones trying to form, project, and sometimes protect, the services 
image.

A few disparate examples:-

Unwillingness/inability/expressed 
complete lack of knowledge of how to password protect patient 
computerised files - to allow confidentiality within a practice area 
for members of staff. The outcome was a wider and more intense focus on 
the confidential health aspects of the individual staff member 
involved;
Sometimes great sensitivity to data protection (but not 
necessarily protection of the data subjects data);
The common use of 
pseudonyms to communicate patient data between doctors where the 
meaning has become commonly and widely known. (A transparency and 
privacy nightmare which only ostensibly protects patients data within 
the health arena);
The common (appearing sometimes to be deliberately 
caused) computer errors which result in the patients wishes not being 
honoured in favour of outcomes which reflect organisational usage needs 
or ease of use (a sort of - its in the public interest error);
The 
deliberate use of information (by non medical staff) in ways which 
provide temporary amusement but are detrimental to the person they 
impart that information to. (An interplay common in many areas, which 
many professional organisations are not free of);
Serious discrepancies 
between the information verbally given to a patient about treatment 
being provided and after the event written notes of that treatment 
which in those circumstances appear to serve more for organisational 
protection than accurate patient treatment;
Those observations and 
experiences have also been contrasted with the highest levels of 
openness, integrity and care, even in what are at times difficult and 
distressing circumstances.

Of course difficulties should not stop data 
protection successes being highlighted, and whilst agreeing that a NHS 
free at point of delivery is something to be proud of, those factors 
should not create any blindness to the very real and sometimes serious 
difficulties (not just accidents) all organisations, be they public or 
private, continue to experience with data protection.

Ian W

-----
Original Message-----
From: This list is for those interested in Data 
Protection issues [mailto:[log in to unmask]] On Behalf Of 
Simon Howarth
Sent: 20 December 2012 17:57
To: [log in to unmask]
AC.UK
Subject: Re: [data-protection] NHS and patient confidentiality


Sorry but I can't entirely agree with the implications of some of your 
points.

"there is an immensely opaque web of relationships among NHS 
structures and theirs suppliers / providers, the world of academic and 
research institutions, the media and the world of charities in their 
widest acception (I mean including politically supported movements, not 
for profit organisations and local / national and international 
lobbies) - all exchanging patients data."

There is really nothing that 
opaque and the controls that are in place, if followed correctly, are 
as robust as anywhere. Also, what patient data? Identifiable? 
Psuedonymised? Anonymised? Living or dead? 

The relationships can be 
made more clear and there is a Freedom of Information Act to support 
obtaining such information.

The systems are not perfect but having 
been involved in health information governance since the phrase was 
properly coined and I can tell you that when patient information 
exchanged from the NHS the Caldicott Principles, NHS Code of Practices, 
ICO guidelines and applicable legislation are all followed. There will 
indeed be slip ups, but anyone that claims a perfect system is lying.


If you want information on specific diseases and conditions take a look 
the NHS Information Centre Website which provides free tools to analyse 
certain data sets that may give you this type of information.

I would 
argue that the NHS is more aware of confidentiality and the need to 
protect patient data more than almost any other organisation, public or 
private. It will however, make mistakes. It also is very much on the 
leading edge of managing confidential information in innovative ways to 
improve the service it gives and provide meaningful data for use in 
research. Being on that leading edge means that sometimes the 
interpretation of guidelines or legislation is found to be inaccurate, 
but this not malicious or any attempt to be opaque; it is driven by the 
desire to provide the best NATIONAL Health Service that "meets the 
needs of everyone", "be free at the point of delivery" and "be based on 
clinical need, not the ability to pay".

Regardless of whether this is 
delivered by the Government or by private contractors (increasingly so) 
we need to cherish what we have and if the use of patient information 
supports these aims, then maybe that is a small price to pay so long as 
the information is shared legally and ethically.

My apologies if this 
comes across a bit forcefully but I am quite passionate about the 
health service and the governance of its information.

Simon Howarth 
MSc. MBCS CITP

www.informationedge.co.uk

-----Original Message-----
From: This list 
is for those interested in Data Protection issues [mailto:data-
[log in to unmask]] On Behalf Of Brunella Longo
Sent: 20 
December 2012 17:27
To: [log in to unmask]
Subject: Re: 
[data-protection] NHS and patient confidentiality

I think this Country 
has an exceptional reality that does not exist in any other Country in 
the World (including the highest number of employees for a public 
organisation, second only to the Republic of China):  there is an 
immensely opaque web of relationships among NHS structures and theirs 
suppliers / providers, the world of academic and research institutions, 
the media and the world of charities in their widest acception (I mean 
including politically supported movements, not for profit organisations 
and local / national and international lobbies) - all exchanging 
patients data.

Besides any other consideration, I think that a good 
way to start being aware that such reality constitutes per se an 
extremely risky context (not just for patients' privacy but also for... 
patients treatments, doctors' decision making processes and the overall 
health of the nation) would be more transparency about these 
relationships. 

So it would be a good think to have published not  
just  data on individual surgeons' performance or on  patient mortality 
statistics, but also for any surgery / GP / hospital or care home, also 
the number of people affected by UTIs, PIDs or other inflammatory 
diseases (for instance) after clinical exams and tests, number and 
names of suppliers for hygienic tools or any other supply,  number, sex 
and age of people affected with cronic diseases that are also on 
benefits in the correspondent local authority,  number of stories 
published by media and social media, funds received via whatever 
channel, including collaborations with national and foreign 
universities and so on and so on. 

Confidentiality may be better 
guaranteed where there is transparency on who is managing what data and 
why -  as most of the abuses happen because they can be easily deceived 
hiding or misrepresenting the context. 

Brunella Longo
Information 
Management Adviser
http://www.brunellalongo.co.uk

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
     If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
 Any queries about sending or receiving messages please send to the list owner
              [log in to unmask]
  Full help Desk - please email [log in to unmask] describing your needs
        To receive these emails in HTML format send the command:
         SET data-protection HTML to [log in to unmask]
   (all commands go to [log in to unmask] not the list please)
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^