I wrote: > This locking together of clinical and administrative information > is quite unnecessary but appears to form a central plank of IMG > thinking. It is bound to lead to continuing serious trouble in the > future Robin Beaumont replied: > I would totally disagree, this is what i've been fighting for for over > five years > > (drivel about object oriented systems deleted) > > What l presume you mean is that you do not see the point of sharing > administrative data? The sharing of administrative data as envisioned by the NHS Executive is flatly in breach of medical ethics as laid down by the GMC and explained in the BMA handbook. It also conflicts with my own perceptions and expectations as a patient. I do not accept, for example, that when a girl has a TOP and asks for this to be kept private, the hospital should submit a CDS to clearing which then passes on the record - still identified by date of birth and postcode - to HES where it will be accessible to all manner of civil servants, any of whom might be bribed or blackmailed into releasing this information to people with less then altrustic motives. I do not accept that when patients have self-referred to a distant hospital with a view to getting confidential treatment for HIV, the hospital administration should - without their knowledge or consent - fill in forms that identify them by date of birth, postcode and the soundex code of their surname, and share this information with health authorities and laboratories, on the grounds that it is necessary `to plan the number of nurses'. I do not accept that whenever a GP orders a test, the hospital should enter it on the HISS `to prevent duplication in the event that the patient is admitted to hospital', when the effect is that instead of the result of that test being private to the patient, the GP and the pathologist, it is now available to over a thousand people at the hospital. I do not accept that the AR should tell all and sundry who has had a relationship with a GUM clinic or a psychiatric outpatient department. There are many, many more examples where system design has been carried out with an almost complete disregard for privacy - and in many cases for safety as well. It is not just the usual laziness and carelessness of the individuals who specify and build these systems (though there is plenty of that). The core problem is that the IM&T strategy contains some goals that are simply wrong, such as that of a single seamless electronic patient record shared throughout the NHS. Compare this with the GMC's guidance: `Patients have a right to expect that you will not pass on any personal information which you learn in the course of your professional duties, unless they agree'. Unless doctors refuse to buy - or to use - unethical systems then the whole nature of the doctor-patient relationship will end up being changed utterly. This is already visible in the USA, where an elderly GP told me that over the last 25 years, patients had gone from being completely open with her about their problems to being extremely guarded, and aware that `anything they say may be taken down and used in evidence against them'. Administrative data has its uses, but where a patient forbids a doctor to share information with third parties such as administrators then this wish must be respected. The administrators must learn to make do with de-identified data rather than demanding to know everything about everybody, and to share this knowledge with any of their chums in the Department who say they have a `need to know'. Consent, not `need-to-know', can be the only ethical basis of sharing clinical information in the NHS. I should not have to go private in order to maintain my privacy, Ross %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%