Different perspectives are always useful in these areas, helping to
provide a fuller picture. Myself, commenting only as a service user,
having directly observed/experienced a mixed picture across the health
service prefer to maintain some scepticism.
Some examples which range
from very low levels of knowledge and professionalism to high expert
levels of knowledge and professionalism — which not surprisingly are
the ones trying to form, project, and sometimes protect, the services
image.
A few disparate examples:-
Unwillingness/inability/expressed
complete lack of knowledge of how to password protect patient
computerised files - to allow confidentiality within a practice area
for members of staff. The outcome was a wider and more intense focus on
the confidential health aspects of the individual staff member
involved;
Sometimes great sensitivity to data protection (but not
necessarily protection of the data subjects data);
The common use of
pseudonyms to communicate patient data between doctors where the
meaning has become commonly and widely known. (A transparency and
privacy nightmare which only ostensibly protects patients data within
the health arena);
The common (appearing sometimes to be deliberately
caused) computer errors which result in the patients wishes not being
honoured in favour of outcomes which reflect organisational usage needs
or ease of use (a sort of - its in the public interest error);
The
deliberate use of information (by non medical staff) in ways which
provide temporary amusement but are detrimental to the person they
impart that information to. (An interplay common in many areas, which
many professional organisations are not free of);
Serious discrepancies
between the information verbally given to a patient about treatment
being provided and after the event written notes of that treatment
which in those circumstances appear to serve more for organisational
protection than accurate patient treatment;
Those observations and
experiences have also been contrasted with the highest levels of
openness, integrity and care, even in what are at times difficult and
distressing circumstances.
Of course difficulties should not stop data
protection successes being highlighted, and whilst agreeing that a NHS
free at point of delivery is something to be proud of, those factors
should not create any blindness to the very real and sometimes serious
difficulties (not just accidents) all organisations, be they public or
private, continue to experience with data protection.
Ian W
-----
Original Message-----
From: This list is for those interested in Data
Protection issues [mailto:[log in to unmask]] On Behalf Of
Simon Howarth
Sent: 20 December 2012 17:57
To: [log in to unmask]
AC.UK
Subject: Re: [data-protection] NHS and patient confidentiality
Sorry but I can't entirely agree with the implications of some of your
points.
"there is an immensely opaque web of relationships among NHS
structures and theirs suppliers / providers, the world of academic and
research institutions, the media and the world of charities in their
widest acception (I mean including politically supported movements, not
for profit organisations and local / national and international
lobbies) - all exchanging patients data."
There is really nothing that
opaque and the controls that are in place, if followed correctly, are
as robust as anywhere. Also, what patient data? Identifiable?
Psuedonymised? Anonymised? Living or dead?
The relationships can be
made more clear and there is a Freedom of Information Act to support
obtaining such information.
The systems are not perfect but having
been involved in health information governance since the phrase was
properly coined and I can tell you that when patient information
exchanged from the NHS the Caldicott Principles, NHS Code of Practices,
ICO guidelines and applicable legislation are all followed. There will
indeed be slip ups, but anyone that claims a perfect system is lying.
If you want information on specific diseases and conditions take a look
the NHS Information Centre Website which provides free tools to analyse
certain data sets that may give you this type of information.
I would
argue that the NHS is more aware of confidentiality and the need to
protect patient data more than almost any other organisation, public or
private. It will however, make mistakes. It also is very much on the
leading edge of managing confidential information in innovative ways to
improve the service it gives and provide meaningful data for use in
research. Being on that leading edge means that sometimes the
interpretation of guidelines or legislation is found to be inaccurate,
but this not malicious or any attempt to be opaque; it is driven by the
desire to provide the best NATIONAL Health Service that "meets the
needs of everyone", "be free at the point of delivery" and "be based on
clinical need, not the ability to pay".
Regardless of whether this is
delivered by the Government or by private contractors (increasingly so)
we need to cherish what we have and if the use of patient information
supports these aims, then maybe that is a small price to pay so long as
the information is shared legally and ethically.
My apologies if this
comes across a bit forcefully but I am quite passionate about the
health service and the governance of its information.
Simon Howarth
MSc. MBCS CITP
www.informationedge.co.uk
-----Original Message-----
From: This list
is for those interested in Data Protection issues [mailto:data-
[log in to unmask]] On Behalf Of Brunella Longo
Sent: 20
December 2012 17:27
To: [log in to unmask]
Subject: Re:
[data-protection] NHS and patient confidentiality
I think this Country
has an exceptional reality that does not exist in any other Country in
the World (including the highest number of employees for a public
organisation, second only to the Republic of China): there is an
immensely opaque web of relationships among NHS structures and theirs
suppliers / providers, the world of academic and research institutions,
the media and the world of charities in their widest acception (I mean
including politically supported movements, not for profit organisations
and local / national and international lobbies) - all exchanging
patients data.
Besides any other consideration, I think that a good
way to start being aware that such reality constitutes per se an
extremely risky context (not just for patients' privacy but also for...
patients treatments, doctors' decision making processes and the overall
health of the nation) would be more transparency about these
relationships.
So it would be a good think to have published not
just data on individual surgeons' performance or on patient mortality
statistics, but also for any surgery / GP / hospital or care home, also
the number of people affected by UTIs, PIDs or other inflammatory
diseases (for instance) after clinical exams and tests, number and
names of suppliers for hygienic tools or any other supply, number, sex
and age of people affected with cronic diseases that are also on
benefits in the correspondent local authority, number of stories
published by media and social media, funds received via whatever
channel, including collaborations with national and foreign
universities and so on and so on.
Confidentiality may be better
guaranteed where there is transparency on who is managing what data and
why - as most of the abuses happen because they can be easily deceived
hiding or misrepresenting the context.
Brunella Longo
Information
Management Adviser
http://www.brunellalongo.co.uk
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
