back to article Patients to access NHS records via web by 2015

The Department of Health will develop a plan to allow patients to access their electronic medical records online by the end of this Parliament. This emerged after Andrew Lansley, the health secretary, confirmed he had accepted all of the recommendations (PDF) of the NHS Future Forum. The NHS Future Forum says the plan should …


This topic is closed for new posts.
  1. Coofer Cat

    Don't really want it

    It's not so much that we want our details on-line or even computerised. It's that we want our records updated when we see the doc (not two weeks later, when he's forgotten the details), and if we want to see our records, we want to see all of our records, not some crappy summary written by a tired doc who's been coerced into doing it because no one else can be arsed.

    It oughtn't be too hard for me to pop down the doc's surgery, or the hospital in which I got treated and get a photocopy of everything in my file at that physical location. For whatever reason though, it's as good as impossible to actually do. I'm not so bothered about getting it online - on paper would be plenty!

    1. PatientOne

      @Coofer Cat

      1) NPfIT is/was supposed to ensure that your records were updated within minutes of treatment. Doesn't happen when the doctor/nurse/consultant doesn't bother to update the electronic record until a month later, but... 2) If you want to see your paper record you need to book an appointment so the GP/Hospital can get your file from store, and that's assuming it's accessible and not with a consultant still (yes, there are tracking systems for patient notes, but that doesn't help if some consultant decides to take your file home with them... which they should never do, but that doesn't stop them). That's why you can't just walk in and ask to see your notes, and that's besides the issue of proof of identity, and distracting a member of staff from their normal duties (such as looking after patients). This is part of what NPfIT was about: To reduce the reliance on paper records and to give access to said records to those who had valid and proven need to see them (Your GP for example, or the triage nurse in A&E when they want to check for known allergies and current medications and can't ask you as you're unconscious). It would also enable your GP to provide access to your medical records to you - all your records in one place, so no need to go to different hospitals and treatment centers. The patient portal has been discussed for some years now: It's an idea that's been passed around but there's been a question of security, and of who should provide it. Some hospital departments are using small scale systems to help monitor long term illnesses (diabetes for example) without need of the patient calling in to the hospital each time. Expanding this to cover more people with more conditions is logical, and to give a full user interface to give you access to your appointments, treatments, prescriptions, test results... well, it's a logical step forwards. But again, the main issue is how to keep such access secure. It'll come, but then so is the end of the world, apparently - wonder which will get here first :p
    2. despairing citizen

      Access to medical records

      You already have the legal right to see and review your medical records, under the Access to Medical Reports Act 1988 and of course DPA98.

      Hospitals destroy most records after a set period of time, except for certain types of treatment, e.g. cancer

      Your GP records should follow you, and be kept up to date (although paper records do get lost in transit from time to time, the current electronic system should eliminate this)

      1. Anonymous Coward
        Anonymous Coward


        Erm, we are talking about electronic patient records, so you have a spine held record. Which is never culled, just updated and refined. So anything which has gone onto the central record is static until more relavent information is applied.

        You'll find that most hospitals only throw out the chaff, like admin docs, copy letters, appointment issues notifcations, again, unless they use Lorenzo, then it is there unless it is removed.

        I'm telling you now, there is no way the full record will ever be able to be fully available to netizens.

  2. bill 36
    Big Brother

    Not another one

    I smell yet another expensive disaster.

    1. Thomas 4

      Oh definitely

      Because what patients *really* need is to see every little thing a doctor has written about their condition, then obsess over the tiniest details. For example, a hearing test shows a slight dip of 20dB at point. The experienced technician knows to write this off as insignificant, the patient on the other hand will trawl through wikipedia and a dozen other internet sites and convince themselves they have Imploding Ear Sydrome.

      I agree that a close eye needs to be kept on doctors and other medical professionals, and I say this as one. However, that eye needs to be one that knows what it's looking at.

      1. Anonymous Coward
        Anonymous Coward


        More worried about the Inevabability of all this being hacked and downloaded by the first drive-by hacker who comes along.

        Its pointless and dangerous, so why are we doing it again?

        1. PatientOne
          First concern is security. Before something like this is rolled out, it would be thoroughly penetration tested and hack tested. Yes, hospitals do routinely employ intrusion experts to test network security and to highlight any risks. The national system is likewise secured and tested to make it as safe as is possible. So, some script kiddy or drive-by hacker isn't going to get in easily. A professional hacker might get in, but it won't be easy, and they may well get detected. Even then, getting the data out is... well, let's just say 'normalised databases' and leave it at that. Oh, sorry, BIG normalised databases, okay? Not something you can download in a few minutes (or a few hours), anyway. So, hacking the portal itself (yes, this web access has been referred to as a Patient Portal - it's not a new idea): That's where the attention is, and the risk of hacking is to individual patient records, not to all patients. Someone might get in to see your record, but that person is probably known to you and will get in via your password/token/whatever. Celebrities would be targeted, but that's where the testing comes in: How easy is it to guess their account/password/token/whatever. So yes, there is a risk. Yes, hacking attempts are inevitable. No, that does not mean it will be easy, nor does it mean it will be successful. If it were, then banks would be a far better target for hackers than medical records...
      2. JohnMurray

        that would be what this bit is for then:

        "The Future Forum did warn that switching on patient access alone is not enough, and could be detrimental if support structures are not in place for patients so they understand and know how to use the information"

    2. despairing citizen

      smell yet another expensive disaster.

      ah, but Prize Wally and Cockup, along with the other usually suspects, smell money making scheme, non-refundable when it goes the way of the ID card project.

  3. Fat Northerner

    What a great thing.

    Good for men whose wives are getting the pill from their company doctor, and their husbands don't know about it, so they can find out, and sort her out.

    Or Muslim men who want to see if their daughter's had sex with a Jew, so they can restore their family honour.

    All very tongue in cheek, natch... but it will be interesting to see in Hello, which royals have had illegitimate children, which film stars have had the clap, and which male stars have had treatment for rectal collapse, without Rupert Murdoch having to get involved.

  4. Anonymous Coward
    Anonymous Coward

    This isn't a new thing

    Records have been available to patients suffering from diabetes in a certain Trust for a while through a web portal!

    We (sorry anon as I cant say who, although as el reg know its me!) have been working on making this facility available for a while now as an add-on to our current software.

    Some GP clinical systems also have this available to patients as well....

  5. Anonymous Coward
    Anonymous Coward

    My surgery

    Has disconnected itself entirely from the interweb. That way, nothing can leak out and no one can sneak in.

    It's a bit of a PITA because it used to be possible to renew prescriptions online and now we have to take the script into the surgery, but now I know the daily hail isn't going to be looking up the gory details of my piles operation !

    Putting any private information online is inviting the great unwashed to break in. I believe there are plans afoot for the DVLA to make driving licence details available for employers and hire companies. Time to set up my own investigation agency.

    1. PatientOne
      Paranoia doesn't mean there isn't someone out there after you. However, it doesn't make it inevitable they'll get you. No, a system like this isn't an invitation to others to look at your medical history. It's not an invite for hackers to get in to your details. Some might feel tempted, sure, and it may be seen as a challenge to those malcontents or those who thing they can prove something by hacking such a system, but that doesn't mean they'll be successful. Any system like this will be intrusion tested before patient information is put at risk. That testing will be by an accredited security company, and will be necessary simply from an insurance point of view. And access will be limited to the patient - or the person appointed by the patient to see such information. As to the DVLA - they're talking about opening access up, but they already sell drivers details to anyone who claims to have a valid interest (wheel clampers for example). This is an entirely different matter to what the NHS are aiming for.
  6. Michael H.F. Wilkinson

    To paraphrase Lord Vetinari's comment of crime (and its organization):

    "As we know they are going to get things wrong, we might as well do it efficiently"

  7. toadwarrior

    this will go well

    As we know the government never over pays for a late and broken solution. I'm sure this will go well.

  8. Pseu Donyme

    Sounds like an invitation for Russian hackers and whathaveyou with the net effect of making the information available to world+dog (for a small fee, perhaps). The nasty thing is that once something has been leaked it stays leaked, forever. Hence I'd much rather have these systems strictly isolated. Having a standard format for the info would make sense though so that the same could be, say, burned to a CD (*), sent as a registered, signed-for letter, added to the database and the CD dropped to the shredder when done. This on a per-patient basis when requested by the patient in writing.

    (*) encrypted with the public key of the receiving GP / hospital / ...

  9. Da Weezil


    Remote booking of appointments? Our Group practice (a monopoly in this area) is still clinging to its 08444 number despite this being deemed unsuitable by Government, The are very reluctant to give up their share of the NHS entry fee they have created (appointments can only be made by phone between 8 and 9 leading to huge long queues).

    The LHB seem unconcerned and have fudged the assessment they were supposed to do early last year claiming that Mobiles and bundled call packages fall outside of consideration

    It seems each time they "improve" the service it gets worse or costs us something. Im sure all of this will rain yet more finds away from treatment and into the pockets of the usual multinational suspects who will produce a system that never quite works and costs us a whole lot more than was envisaged.

  10. Shonko Kid

    "What could possibly go wrong?"

    Smells like a competition to me, prizes for the most outrageous answers, and also for those that eventually come true, in 2017 when it finally limps into life only 200% over budget.

  11. Anonymous Coward
    Anonymous Coward

    Which records

    As per usual with this sort of story - which records ?

    Your demographic details from the spine ?

    Your medical record held at the GP practice ?

    Your emergency summary held in "the cloud" ?

    Your secondary care records held at the hospital ?

    Your records held in Scotland/Wales/NI which operate different systems/technologies ?

    1. diodesign (Written by Reg staff) Silver badge

      Re: Which records

      As per the linked PDF, the GP-held records are the ones pledged to go online.


      1. Alfred 2

        I hope

        that when the time comes they make it clear what information is goind online and who to contact about it being wrong.... ... though I doubt it ..
      2. Anonymous Coward
        Anonymous Coward

        How the hell can they promise that..

        ...when they don't control those records? I have my opposition recorded in writing with my GP. My GP is against the scheme too. So, if my records ever appear online I'll be stirring up all the trouble I can for those responsible and don't expect to be alone in this.
        1. Anonymous Coward
          Anonymous Coward

          Re: How the hell can they promise that..

          Same here,

    2. Anonymous Coward
      Anonymous Coward

      #which records

      Who cares - it's just another Political Statement with absolutely zero substance to it. It's sole purpose is to be mentioned in some speech by a member of the government when they have their backs to the wall. The truth is it already exists in someform somewhere so the fickers don't even have to do or spend anything to get the kudos.
  12. tmTM

    Big NHS IT projects

    Don't work, have proven to be a massive mistake, shouldn't be attempted again. This plus HS2 will be the big money wasters of this government.
  13. Anonymous Coward
    Anonymous Coward


    If you read the PDF its quite clear that this isn't planned as a central IT project but more about getting providers to enable the technology and making the Trusts and GP's play along.
  14. Bluenose

    Don't need to see my records

    I have enough other things to read without starting to get het up over my medical records. What with having to manage my pension ('cos work won't) to sorting out my other finances, to trawling round web comparison sites to see which one can offer me the best deal for power, heating, car insurance, pet insurance ad infinitum and after all that I still have to work up 9 or 10 hours a day on my work for which I get paid, how on earth am I going to find time to read and manage my medical records. Because at the end of the day. the Govt will save money in the NHS by making us poor people responsible for managing our records so they can get rid of the administrators. My local surgery already lets me book my appointments online, provides details of my blood tests (and yes I have some apparently, blood that is) and I can get my repeat prescriptions on line. So as far as I am concerned I don't need no big Govt funded IT investment by the NHs. What I could do with though is the opportunity when I go in to hospital to fill in a form once and only update the details should I have to return if they have changed. Up to two forms on every visit one of which substantially duplicates the other, its a nightmare.
  15. voice of unreason
    Thumb Up

    No decision about me without me?

    Have you een the time taken to log into the spine lately? It's fine for a webpage to take 10 seconds to lead. But a GP has ten minutes to see you, and of that, 5 minutes is to listen. 3 minutes to type. 1 minute to decide. 1 minute to tell you. 1 minute to get the old lady out the door before she manages to get her THIRD medical condition into one consultation. That's....oh. So, anoif 230 million people (healthy) are obsessively checking their medical records online, and the records take 30 seconds to load, what it actually means is that the ill people get no diagnosis, and they get sick and die. No decision about me, until the hypochondriacs have finished DDOS'ing. Oh, and by the way, I do NOT want to know the 23 things that might have been wrong with me, and after careful consideration by a professional turned out not to be. All I want, is that the professional gets as much time as they can, to make a careful judgement and do their best. Because really that's all any human being ever does.

  16. Anonymous Coward
    Anonymous Coward

    No decision without me?

    I can see the value in my medical records being 'in the cloud' so that if i end up unconscious in A&E the doctors there at least know what my medical condition is called, even if they don't know what it means (though, in fairness, they were honest about their ignorance and asked those with me for info). However, I'm not going to access my medical records on the web, in the same way as i don't access my bank on the web (paranoid, i know). As such, I'm hoping that the database running this will be a copy of the one that the NHS is using internally, and that there'll be some way of opting out of being copied over in to it. It would seem unwise to run a security risk, however small, for no gain.

  17. Cucumber C Face

    Coercion not hacking the main threat

    For non-celebs IMO the main security and confidentiality risk faced by patients is being forced, cajoled or fooled into disclosing records to people who do not have their best interests at heart.

    Dodgy employer - "If you keep throwing sickies you're going to have to prove you're really sick."

    Jealous partner - "If you really loved me you'd show me your medical record"

    Bullying parent - "You're on the pill you little sl*t. If not show me your medical records"

    Impatient heir [How much bloody longer has granny got?] "Granny - we need your medical record login or you won't get your pension"

    Electronic voting over the web is a crap concept for the same reason: only we never hear it!

  18. All names Taken

    Dullwit go to town opportunity

    The trouble is that maybe a lot of people especially in UK do not wish to be personally responsible for stuff like this much preferring some state employee to sort it out not realising that ownership of the data are lost?

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2022