back to article NHS orgs not keen on UK gov's mega-intranet

NHS organisations in England are showing a reluctance to consider future use of the Public Service Network (PSN), according to officials and a supplier taking part in its early implementation. Bringing healthcare bodies within the PSN – the "network of networks" for which the Cabinet Office recently launched the first …


This topic is closed for new posts.
  1. Martin Gregorie

    Privacy is paramount

    If NHS use of N3 keeps J.Random Civil-Servant's hands off my data, which I assume it does, but use of PSN or merging N3 into PSN can't guarantee the same level of protection, then I'm totally against any use of PSN by the NHS.

    1. Anonymous Coward
      Anonymous Coward


  2. Anonymous Coward
    Anonymous Coward

    "attitudes to sharing data in the NHS can be defensive"

    Too bloody right and inside the nhs, so they should be.

  3. All names Taken
    Paris Hilton

    Agree with post #1 but ...

    ... the term NHS organisations might be misleading.

    Maybe "NHS organisations and NHS contractors or subcontractors" gives better insight into the muddled world that makes up healthcare UK.

    Besides, on basis that UK healthcare professionals (upper echelons) tend to earn double or more that nearest UK competitor countries I hope NHS is scrapped to be replaced with Healthcare UK or something with a better name. Similarly so for traunch of bureaucrats that seem to follow public money.

    Basis: any organisation of contractor receiving payments from Department of Health will need to a priori conduct those parts of its DoH business on PSN (otherwise they lose the contract and payments from DoH).

    Extension: any organisation or contractual arrangement depending on public monies will have to a priori ensure full compliance with a suitable PSN before contract is honoured, upheld & payments made?

    Second thoughts about "J.Random Civil-Servant's" - they tend to be numpties and with present uncertainties in public sector are about as rabidly vicious as a pet rabbit with myxie (I can't spell myximatosis)

    1. DavidK
      Thumb Down

      No! Don't change the name.

      Think of the £whatever-amount-dr-evil-tried-to-extort it would cost in branding consultants. And you'd be trying to make a silk purse out of a sow's ear.

  4. JohnMurray

    With over 80% of patients at my gp practice declining to have their information stored on the "probably defunct but who really knows" nhs spine, I feel that data protection (never a gov priority anyway) is lacking relevance (the staff cheerfully told everyone they had already opted-out)

    A lot of the departmental joining is to get around the data protection act, which does not allow gov departments to share data. Hence a lot of the amalgamations....

    1. Jonathan Richards 1

      Data Protection Act

      The DPA doesn't stop government departments from sharing data, and it doesn't try. It sets out the parameters within which personal data is handled, so as not to cause harm or distress to us data subjects. I guess sharing my health data with, oh, I dunno, the Ministry of Justice, could cause me distress, and that's what Privacy Impact Assessments (see Info Commissioner's website) are for.

  5. Anonymous Coward
    Anonymous Coward

    The Private sectors wants the patient lists / the patient data and the patients

    They are not waiting for a meeting to discuss terms and conditions of the NHS's surrendar. They have the NHS by the financial balls, and will squeeze until we submit to being branded as Communist traitors. If you have a slip or fall, expect and insurance call, if you have a hip replaced, expect a mobility supplier to offer a car. If you die, expect your children to be persuaded the house can be invested in shares.

    The problem is the reputable private sector companies are staying away in droves because they seem the scams coming. With 500 private providers plugged in the N3 and scratching at the door to share(slurp) your patient data. Your days of heath confidentiality being paramount are numbered. Even the US ensure you protect your own data. Here we have to trust the private sector to keep it mum! fat chance with a fat cheque.

    1. Peter2 Silver badge

      Your probably right that more than 500 private providers are plugged into N3. Funny really, when *every single* doctors practice in the country is a private business then the number of private businesses connecting to N3 will always be pretty high.

      I would however like to know since when does the ability to connect to N3 equate the ability to slurp patient data? Patient data that can actually be shared is on spine, which requires a smartcard to access it. Smartcards are issued by RA on a case by case basis, and access is locked to what you require for your job.

      if you had any knowledge of abuse then presumably you'd have raised it with the Registration Authority team to get their access cut off, so my view is that you actually have absolutely no evidence that anything untoward is happening.

  6. All names Taken

    Hmm - pondering a technicality?

    I may be mistaken but ... any business transacted under DoH funding under banner headline of NHS has data that are belonging to the NHS.

    A contractor (say a GP surgery) conducting business for and on behalf of NHS records data for and on behalf of NHS - the data are belonging to NHS. No?

    So any organisation/contractor doing DoH funded work under NHS banner cannot massage, mine or manipulate such data without express permission of NHS and patient. (There are four parties to the arrangement: patient, contractor, NHS & DoH - it could be argued that NHS data are belonging to DoH).

    An aside: woeful laments about why UK registered social landlords are all publicly funded inspired. BBC observed no great level of private registered social landlords here as in US or Europe.

    My take: no wonder the way UK Treasury & Whitehall in particular sequester mega-millions from rents received with both central and local governments taking huge bites from rents received depending upon whim, fad or thin wallet syndrome. Private RSLs are likely to stay away in droves.

  7. JaitcH

    Insurers pay Big Money for patient health data

    Most health insurance clients (patients) don't appreciate that data from every claim is retained in what is the equivalent to a health 'credit bureau' where the most infinite detail is recorded and, from which, intimate health information can be derived.

    The only real information they lack are the doctors detailed notes, although some doctors do 'share' them for money.

    Apply for a life insurance policy and the first thing they do is to pull your file. 'Forget' to include some small detail, no problem the insurer knows. They'll still happily accept your premiums BUT CLAIM then they drag out the omission and deny you coverage.

    The reluctance of the NHS "to make connections with other public sector agencies." is to be praised. How would you like Plod, investigating a criminal complaint against you, to be able to rummage around your health record looking for supporting evidence?

    What, of a disclosure during treatment a patient said to their physician I can't sleep because of A, B or C. The doctor would understand the context in which this disclosure was made. However, Plod might say that having made this disclosure, and they are investigating an incident of type C, this is sufficient evidence to charge someone.

    Do you really want any connected terminal to be able to look at your life with a few keystrokes?

    When Canada switched to on-line data banks Parliament wisely set up a system where data is compartmentalised. An unauthorised agency seeking data has to apply to an access official who can judge the appropriateness of a data request and then that official, if satisfied, then retrierves ONLY the pertinent data. Audit trails ensure proper use.

    For example: say the Passport office wanted to verify citizenship, they have full access to data banks with that data. Should the Passport office want access to pensions information, they would be blocked.

    If a Plod seeks a person, one way is to access employer information from pensions or tax data banks. Application is made to the data guardians who consider the request and if they concur, they rather than Plod will ascertain an employers information.

    The former Labour government had a fetish for data collection and universal file access. Imagine what ACPO could do! They could take their number plate database, check info with ownership information, and build a profile. If Tom Cobley goes to Blackpool, every other week, Plod could search the database and find out he visits a doctor.

    UK citizens should question all data collection requests and challenge all opportunities for linking data.

    1. Displacement Activity


      > The only real information they lack are the doctors detailed

      > notes, although some doctors do 'share' them for money.

      Do try not to be an arse. If a patient consents to a GP's report, then the GP will (for a fee of, I think, about £80) read the notes and write a (relevant) summary report for the insurer. If the patient doesn't consent, no report.

      If, OTOH, you do actually know of a GP who shares "detailed notes" for money, then you should tell the police, instead of whining here.

      1. Peter2 Silver badge

        Or inform the General Medical Council, so he gets struck of and can never practice as a doctor, or be employed in the medical profession again. Ever.

  8. Anonymous Coward
    Anonymous Coward

    Theme Hospital

    It always appears to me that politicians play with the healthcare in the UK in a manner similar to a sim.....

    1. Anonymous Coward
      Anonymous Coward

      Dial 24328, press Shift-C

      The hospital administrator is cheating!

      The hospital administrator is cheating!

      The hospital administrator is cheating!

      The hospital administrator is cheating!

      The hospital administrator is cheating!

      The hospital administrator is cheating!

  9. Anonymous Coward
    Anonymous Coward

    Solution = PSN

    Requirement = ????

    1. Peter2 Silver badge

      To be fair, there is some requirement. Nurses for instance that take pictures of children who have been beaten by parents so badly that they need to report it to social services and the council's children protection people can't just send it over the NHS network, since other agencies aren't on it.

      The existing solution is to email the pictures attached as a AES256 encrypted zip file, however that's then going over the public internet as there is no interconnect with GSI, and i'm sure you can imagine how users send the password for the AES encrypted zip. Training users to a decent standard on this sort of thing is pretty difficult, especially given that they usually don't care, despite sending things unencrypted being gross misconduct and punishable by dismissal.

      So yeah, I can see the uses. However, a simple connection between N3-PSN so that email stays on the government network and doesn't go over the internet would meet virtually all requirements in my view.

  10. All names Taken
    Paris Hilton

    Maybe wider issues?

    Civil servants act in way that suggests they own the service (whatever the service may be) and all monies attracted to it belong to same civil servants?

    Politicians act as if by granting public funds to something they then become owners/directors of said something and so tempted into micromanagement (sets up a kerfuffle with Whitehall just like Defence minister has of late equating to Whitehall Mandarins going for the jugular on a triviality?)

    All parties ignore the public as an individual and a person?

    Besides: hear/see BBC reports on failing hospitals? The explicit condemnation of nursing practices is espoused even though it as actually an operational management issue yet somehow given its widespread nature BBC does not seem to want it made sure that it is indeed an operational management matter.

    In at least one hospital even though knowledge of problems were known and existed it took a CQC inspection to identify faults. Call me daft (okay - daft) but if a hospital cannot effectively manage its own business then the management needs restructuring straight away.

  11. All names Taken
    Paris Hilton

    ps on DoH

    Perhaps DoH could assert its ownership of all NHS data then datamine it anonymously with access by academics and flog results or even portions of anonymised data to interested customers?

    Second thoughts: not to flog but to give away freely based on data paid for through public purse

  12. Dave Bell

    Misunderstanding the Environment

    Since there are several non-NHS organisation-types which will routinely want to talk with the NHS, and pass on personal data, expecting the network to be NHS-only seems a silly idea.

    An example from family experience: my mother was receiving carer support from the local Adult Social Services department. The carers were supplied by a private company. The first time somebody wanted to arrange a check by an NHS physiotherapist (or was it an occupational therapist?), we ended up getting several forms to fill in, giving various people permission to pass on my mother's personal data to anybody. It was a generic form, very generic, and the covering letter didn't even explain what had triggered this request.

    "Data Protection Act".

    It seems to me that it ought to have been obvious that the Social Services department needed to be able to pass information on to medical professionals, if only to arrange appointments, and it surprised me that the council's data protection registration didn't cover this. And after that form was signed, they had permission to supply data to anyone and everyone, such as a commercial operation making up a mailing list to send out a catalogue of disability support products, or a catalogue selling porn movies.

    The NHS needs to talk to outsiders. It's often a statutory requirement, and there were times when it seemed that my mother was spending time in hospital because Social Services couldn't pick up the phone. From what I have seen, the NHS doesn't have that many DPA problems, it's essentially the same as the medical confidentiality that they were used to. But some of the outside operators, frankly, just don't get it.

    An NHS-only network doesn't solve those problems. Signing up to another network is no guarantee of security. And this morning's report of Oliver Letwin's handling of mail suggests that there is a huge gap to bridge. But better communications in the health field is going to depend on a far better awareness of privacy and responsible data handling.

  13. All names Taken

    Royal Wootton Bassett clause

    Maybe Royal Wootton Bassett shows us that in a democratic kingdom all are belonging to the monarch?

This topic is closed for new posts.

Other stories you might like