back to article GPs slam NHS England for poor publicity of data grab plan

The Tory-led government has failed to make a good case for its plans to share GP medical records with information that is already stored by NHS England, the Royal College of General Practitioners warned on Wednesday. Patients have, in turn, lost confidence in the so-called scheme, said RCGP's honorary secretary …


This topic is closed for new posts.
  1. Michael B.

    What leaflet?

    I'm fairly sure we didn't receive one. I've just hunted down the leaflet's pdf and I don't recognise anything like that coming through the door. We don't get that much post, junk or otherwise, so anything that goes through the door gets at least a cursory look.

    1. Anon5000

      Re: What leaflet?

      No leaflet here either.

      Luckily the internetz informed me about this scandal and I have downloaded opt out forms from

      Another aspect that has not been publicised is that the police will have complete access to your medical records now, even if you opt out.

      Any company can buy the medical records for around £3k (or something like that) and while your name is supposed to be changed for a number to keep your identity secret, it is trivial to work out who someone is as the data will contain your date of birth and postcode. The chances of someone else in your postcode having the same date of birth are very slim.

      1. Anon5000

        Re: What leaflet?

        There has been an update on that site since I last looked which throws the initial understanding out the window. When you opt-out all it does is remove your name and a few other identifying entries but the data still gets uploaded in the anonymised form. Not really an opt-out in that case.

        Also shows that ALL your details are shared if you don't opt-out. Previously it was thought the data was anonymised for all. One suspects the complete lack of information has been intentional.

        1. Gavin Jamie

          Re: What leaflet?

          That was the old policy. It seems to have changed now so that it will prevent any upload, althought this is relatively recent (and seems to have been announced on Twitter)

          <blockquote class="twitter-tweet" lang="en"><p>@C7RKY @sam_a_voice @clarercgp Hi. The 1st type of objection in FAQ 8 stops all flows of your data to</p>&mdash; Geraint Lewis (@GeraintLewis) February 12, 2014</blockquote>

          <script async src="//" charset="utf-8"></script>

      2. Juillen 1

        Re: What leaflet?


        You're getting horribly confused there, and the misinformation in your post is staggering. I think you've been reading a lot of scare stories, while not reading up on what is what.

        'Red' data (which is first line care only data) is the only one which contains a date of birth and a postcode. Those of course being 'identifying' information. Companies simply can't buy that. To get it, there needs to be a whole horde of legal steps that involve the patient directly..

        The first point that a company can begin to acquire information is the pseudonymised "Amber" data, which specifically, in every release that has ever been made about it, specifically mentions they replace the post code and date of birth with tokens. If a country wide research project reveals some worrying spikes in some demographic, that can be reported back to the NHS, who can then refer that back to identify the group at risk, internally (this info can't be passed back to the research group, as it would break the NHS Information Governance restrictions, but it is info the NHS has that is very useful).

        Part of the requirement is that any company accessing this needs to abide by an extremely punitive access agreement (the kind that would result in a company being sunk entirely, and the names associated with that company not really being able to work in the industry very easily afterwards).

        What you're thinking of is "Green" data, that is pre-aggregated, and contains large scale demographics, without anything that could identify someone (unless you're scared that reporting to your GP for a rash in Manchester in 2013 would uniquely identify you).

        Please, don't carry on the scare mongering. There are definitely things to think on about Amber data, and they are being considered.

        Now, that's not to say there aren't issues with pseudonymised data; there always will be (any information carries risk). The trick is to balance that risk so society, and its individuals, get the best return for any risk. That's the aim of this, and it's having a fair stab. The debate should _always_ carry on, but it should always be done with facts, not something your mate said in a pub that he'd heard from the dustman who'd got it from his son in the playground from someone who'd read it on facebook, so it must be true!

        Have a read of: for a quick overview. It's fairly easy to dig out the factual side of things from the official NHS sites, which publish what the data sets contain, and who can access what levels. There's really not a lot of excuse for getting it that badly wrong.

        1. Anon5000

          Re: What leaflet?

          The problem is that I (and anyone else I know) have had no information at all from the NHS, my GP or anyone else about this. We have had to hear it from other places. Then try and work out what it all means when different NHS pages have had conflicting information. Do we go and tell every individual in the country to go and do a few hours research on something most had not even heard about until a few days ago thanks to their friends or newspapers.

          Do we trust the NHS pages that are using a bit of 'nudge' theory to convince us that everything is ok and there is nothing to worry about? Naming PDF's "Better information means better care" and such like is only to convince us to accept our privacy is being destroyed. Yes there can be some good done from sharing some anonymised data but we are at a point where we no longer trust external parties with that data. Not only will the information be abused, we won't have to worry about the data being hacked as too much access will be given from the start anyway.

          Think of those in the mental health system who have confided in confidence subjects to their doctor but now that information will be available to the Police at least and possibly others. People will start shunning mental health services if they do not believe there is any confidence.

          Having visited my GP recently the receptionist advised that they had seen a lot of opt-out letters in the last week, which surprised me for this quiet leafy suburb. GP's, politicians and generally everyone is concerned about this. Everyone except the NHS and those who want to get their hands on the data at some point. Obviously everyone is concerned for no reason...

      3. dogged

        Re: What leaflet?

        @Anon5000 - I doubt you're reading that correctly.

        For a start, it's wholly illegal under the DPA and also under EU law.

  2. Graham Marsden
    Big Brother

    The first I knew about it...

    ... was when I read this document that I got this document forwarded to me:

    I thought I'd done enough by opting out of the Summary Care Record and similar nonsense, but this is something completely different and I'd urge everyone to opt out ASAP because this data doesn't even make an attempt at the fig leaf of being "anonymised" and you'll be giving your information to Cameron's Cronies in perpetuity for them to use in any commercial way they want!

  3. wyatt

    I got one, slipped into a Farm Foods leaflet. Normally they're just chucked but thanks to el Reg I was expecting it. It doesn't mention anything about, only SCR. Even doctors don't think this is a good idea so I'll be asking for my personal details to be withheld:

    1. djack

      Thanks for that link - most informative. A couple of things jumped out at me ...

      What information will be shared? : Your NHS number and date of birth, your postcode.

      Some reasons why you might choose to opt out: There is a small risk of your data being traced back to you. You cannot be sure which companies may have access to your information in the future.

      So.. one item of data that uniquely identifies you and two others that, when combined can almost certainly identify you only pose a 'small rsik' of identification?? Oh, and you have no idea where this data is going to end up - who in their right mind can think that this situation is acceptable?

      the fact that there is no standard, straight-forward way of opting out of this speaks volumes.

      1. Just_this_guy

        They seem to be claiming that the 'identifiable' data will only appear in a 'bridging' database:

        "Your date of birth, full postcode, NHS Number and gender rather than your name will be used to link your records in a secure system, managed by the HSCIC. Once this information has been linked, a new record will be created. This new record will not contain information that identifies you."

        So the stuff that is offered on the open market will be 'less' identifiable. (The black market is another matter...)

      2. Juillen 1

        Wrong, wrong wrong. That's "Red" data, which is for front line emergency care (i.e. if you're having a major op in a Bupa hospital or something).

        you're thinking of Amber and Green data, which do have those things removed. It's in all the published information about it, and it's strongly worded in the Information Governance requirements for the NHS (which the ICO can fine a hospital or organisation hugely for breaking).

        The sheer amount of misinformation, and lack of reading of readily available factual information in this thread is staggering. It seems like Facebook is becoming the source of "this is a fact" information these days, and nobody wants to put in the effort to read the readily and easily available facts (a simple Google search would have disproved what you've just written by reading the NHS published information on what goes where).

        1. Skoorb

          " "Red" data, which is for front line emergency care (i.e. if you're having a major op in a Bupa hospital or something)."

          Bupa will not get a damn thing that falls under "Red" data, even if you go into cardiac arrest in one of their hospitals; is not for front line care at all.

          Read or ring 0300 456 3531 and ask specific questions (like "will the police get my data"; wait for the stunned silence when they can't quite decide if you are being serious or not).

  4. alain williams Silver badge

    I did not get a leaflet

    I always look through the rubbish that comes through the letter box - just in case.

    I had heard about this (here or on slashdot & friends emailed me) so I wrote to my GP, to be asked to fill in a form that contained the same information that I had given them in my letter. I had previously written to my GP to opt out of a similar scheme in 2010.

  5. Bob Dunlop

    We have not received a leaflet.

    When I presented the health centre reception with a written opt out request letter for the data protection official they didn't seem to know what to do with it or who that person might be. I suspect it was filed in the bin, I've certainly had no confirmation that it's been acted on.

    Zero information about data-protection or this latest attempt to sell our personal data in any of the health centre public spaces.

    1. Anonymous Coward
      Anonymous Coward

      no confirmation that it's been acted on

      Best thing to do is phone your Surgery and ask if the relevant codes have been entered into your file.

      This requires them to dig out your records and look.

      If they have they will be able to tell you the codes, if not? well you tell them to do it ASAP.

  6. David M

    Did get a leaflet

    My surgery had evidently made up their own opt-out form - they'd forgotten to provide anywhere to sign it, so I had to sign in a random blank space. They did seem supportive of the opt-out, though, so there's a fair chance that it may work.

    1. Juillen 1

      Re: Did get a leaflet

      There's a GP toolkit on the official website.

      GPs are a commercial entity (subcontracted to the NHS). Them not spending the time (5 minutes, from the reception desk, where I often have to wait because they're chatting to each other about TV programmes when I come in on an evening session) to grab the document from the official site is a bit lame.

  7. Grant 5

    Awful underhand government policy again

    I haven't received a leaflet but fortunately found out by word of mouth. I've had a letter back from my GP confirming that my data will not be uploaded.

    I simply don't like the fact that once it has been uploaded you can't have it removed you can only ask for a half ar$ed anonymization. Oh and the fact that I wasn't asked permission for ''My personal'' medical records to be sold off (I know technically they haven't been sold off.......yet!!!).

  8. This post has been deleted by its author

    1. Graham Marsden

      @Smarty Pants - Re: Not received the leaflet

      I suggest you read the link I posted above: This data is *NOT ANONYMISED*!

      1. This post has been deleted by its author

  9. Just_this_guy

    Well, I'm torn.

    There must be huge epidemiological research potential in collating that data, and if it was rigorously anonymised, heavily encrypted, credibly secured, transparent and accountable in operation, with a formal, unified, straightforward opt-out process, and with a cast-iron guarantee (backed by legal sanctions) that it will never leave the NHS, I'd be all for it.

    But since instead it seems to have been deliberately slipped under the radar, with inadequate anonymisation, slapdash opt-out, all the usual hallmarks of government failing to take security seriously, and an overt intention to sell the data on(!!!), this fantastic research opportunity has been turned into an IT, PR and political train-crash.

    Data greed kills clinical need. *Sigh*

    1. David Pollard

      epidemiological research potential

      Perhaps it won't be that long before data capture becomes a fairly standard part of illness management for many conditions; such things as blood pressure, temperature, pulse and a range of other more subtle measurements. Many diabetics, for example, routinely keep a fairly close watch on their insulin levels, and those with bad lungs monitor blood oxygen.

      With open source software and data formats there should be sufficient uniformity for results to be pooled completely anonymously via the experts who provide personalised treatments; that is to say identifiable only as far as the medical practitioner in charge of treatment. Data logging could both improve the treatment for many conditions and directly collect data for research.

  10. Tony Green

    Something else we need to know

    Who is getting the contract to handle the database?

    Bad enough if it's serial incompetents like Crapita, but if like the census it's being handed over to a Yank company, then that's a serious problem for privacy.

    1. PhilBuk

      Re: Something else we need to know

      It's worse - Atos.

  11. Anonymous Coward
    Anonymous Coward

    No leaflet

    Not received anything. Piss poor communication

  12. Lobrau

    No leaflet, confused receptionist

    As per title; no leaflet through the door, unless it was tucked into the local rag. When I phoned the health centre to opt out the receptionist had to go and ask someone what it all meant. Poor girl sounded like she hadn't even heard of the scheme.

    Not had any confirmation that my records have been made exempt so may well still end up on the register. Has there been any info on deleting the data once on the DB in line with the DPA?

  13. Chris 3

    No leaflet here

    East London - nothing as far as I know.

  14. AndyM

    Another Aspect

    Been reading a lot about this and have opted out, you ask GP to add a code to your your records.

    But reading further you can't opt out of the police accessing the information that leads me to think, that even if you do opt out your data is still being sent to the central DB, it just has an additional field that flags that you do not with your data to be allowed for the commercial use.

  15. Adrian Midgley 1

    I'm a GP

    I didn't get a leaflet.

    I'm opted out.

    I'm rather keen on IT in medicine and healthcare.

    But not this instance of this class of scheme operated this way.

    NHS England is quite ... new.

    Similar schemes were pushed in 1990-2002 IIRC and we rejected them.

    At that time the idea of effective end to end encryption was resisted - successfully - for reasons unclear to us then.

    This is presented as the first effort and only way to achieve various goods.

    It is neither.

  16. Anonymous Coward
    Anonymous Coward

    No Leaflet

    I had some knowledge about this but have had no leaflet. I will be filling out the form at , thanks for the link.

    It's quite sad when I think about it, this sharing of information could have resulted in better care for patients by GP's comparing the results of treatments to see the effectiveness, however I can't trust any government or corporation with my personal data not to use it for their own gain or mismanage the security.

    I find the following statement on the website quite worrying though as they could just claim to have already pulled your data though the website claims they don't start till March and I'm pretty sure last time I checked that sql has a delete command? DELETE myrecords FROM UNSECURE_CORPORATE_TWATS;

    "But do not delay, because once your data is uploaded you can never get it removed from the HSCIC databases."

    The following statement from the website is a classic,

    How much is costing the taxpayer ?

    No one knows. The HSCIC has refused to detail the full costs of the programme to date.

    A business case for the programme has not yet been submitted to HM Treasury.

    It is likely to cost in excess of £50 million though.

    Here's the honest answer to that,

    No one knows, were not telling, you've given us the go ahead anyway and were going to rinse you for at least 50 big ones.

  17. Tom Chiverton 1 Silver badge

    Two upcoming events in Manchester :

  18. Anonymous Coward
    Anonymous Coward

    Haven't seen the leaflet. GP's secretary said she'd received plenty of opt-out letters!

  19. Cam 2

    I can't think of a legitimate reason for there being identifiable records available for non-care purposes.

    For any data mining or research purposes the first half of the postcode should be accurate enough and even that should only be released if deemed necessary.

    What I have read about the scheme causes much concern, there seems lots of scope for privacy breaches. I have opted out although I understand this is a pretty feeble action to take - the records are still being uploaded and will still be accessible.

    1. Juillen 1

      That's because there isn't.

      Non identifiable information is available for non-care purposes. Identifiable ("Red" in all the blurb that's been released) is for primary care purposes only. The other variants (pseudonymised, and outright aggregated unidentifiable information) is the only info that's available, with the pseudonymised protected by pretty draconian requirements for obtaining it.

      1. This post has been deleted by its author

  20. Anonymous Coward
    Anonymous Coward

    No leaflet received

    I definitely have not received the leaflet as I've been looking out for it and know what it looks like, so assumed it had not been rolled out yet and was surprised to find it was supposed to have been done in January. I don't know of anyone who has received this, either in London or in the North where family live. How are they intending to give us four weeks notice and yet still roll out the system in March then? I have already opted out with a personal letter and advised friends to do the same.

  21. HereWeGoAgain

    Data slurp

    They (the establishment) are going to slurp all our data and sell it to who they want, and provide unlimited access to the plod. Get over it.

    Those who opt out will be considered to be suspects for crimes unknown.

  22. Anonymous Coward
    Anonymous Coward

    Junk mail

    I get the genuine mail on top and the junk mail folded together below, usually within a Co-op flyer. The Co-op flyer (or the Domino's flyer or whoever's it is that day) and everything within it goes straight in the bin.

    Essentially only know about it from The Register articles.

    Looking forward to opting out! In that sense it has been handled better than the last lot's ID card scheme. Except that got dropped, of course. But given this lot's record, I expect it'll be back.

  23. Anonymous Coward
    Anonymous Coward

    A comprehensive range of awareness raising activities

    "The household leaflet is part of a comprehensive range of awareness raising activities, which also includes: leaflets and posters in every general practice in England; articles in newspapers; information on the NHS Choices website and via social media; as well as information cascaded via 350,000 patient groups and charities"

    Ok, so lets break this down:

    - leaflets and posters in every general practice in England: Which will miss the vast majority who for reasons of generally good health will not need to attend their local GP regularly. Those who do attend are probably so used to the banal NHS propoganda posters that you find on the walls of GP practices that they simply won't get read.

    - articles in newspapers: Which newspapers? Nothing seen in either of the morning/evening commuter papers I read daily.

    - information on the NHS Choices website: Who actually visits that? Again, only people visiting the site for some specific purpose will come across this information. It will not be noticed by anyone else.

    - and via social media: Ah ha. You mean inside the private internet that is Facebook, where it will be inaccessible to anyone who doesn't have a Facebook account ... or do you mean Twitter, which requires 'following' the relevant stream to receive such information ... if you even have a Twitter account that is.

    - information cascaded via 350,000 patient groups and charities: Which are niche groups, populated by a tiny subset of the 60+ million inhabitants of this country.

    ...and no I've not received this alleged leaflet either in North London.

  24. nsld

    Anonymised my arse

    With postcode and date of birth its really game over on that front.

    In a highly populous area you might have a chance but where I live there are three properties on our postcode so its a piece of piss to link the data with postcode, date of birth and gender.

    Opt outs will be going to my surgery asap.

    As for the police having access, for what reasonable purpose does the police force need to know about your confidential medical records?

    1. Anonymous Coward
      Anonymous Coward

      Re: Anonymised my arse

      If the police are called to an incident where your name has come up, they could check up on your medical records on route. If they see you have heard voices in your head in the past, they can make the choice of shooting you first, ask questions later if you survice, as intel showed you could be a cop killer...

    2. Juillen 1

      Re: Anonymised my arse

      Why, oh why, is everyone harping on about "Postcode is the killer on this, with date of birth", when those two are explicitly not available to commercial entities (unless it's a "private hospital" like Bupa or such that will be performing your operation in the private sector, who will need your medical record to not kill you while they perform the primary care activity, for which this data is reserved).

      All the commercially available info does not have date of birth, postcode, or any identifying information. A basic search through the released information tells this plainly, but nobody seems to have read that (just the 'scare stories' running round Facebook).

      1. Anonymous Coward
        Anonymous Coward

        Re: Anonymised my arse

        @Juillen 1: Have you never seen the Electoral role lookups or the data has? Organisations have these types of databases and are able to reverse search based on any fields they want. There is no doubt they will have data analysts write some code that matches up as much data as possible.

      2. nsld

        Re: Anonymised my arse

        @jullien1 You don't know much about databases do you?

        Anonymous data in one database can be cross referenced against other data bases for patterns which can then be used to make identifications.

        If the data has no postcode area, gender or age its just a list of illnesses and not much use as a data set. No money in that for Camerons mates......

  25. telecine

    No leaflet here in Ealing

  26. Jemma

    Just called Essex Police...

    and they say they don't have access - given that they've lied to me in the past I'll believe it when Satan goes to work on a snowmobile..

    The problem with this is compounded because there are several conditions where it is ILLEGAL under UK law to inform anyone of a persons medical status without their permission and there would be precisely zero chance of me granting same especially not to the Police.

    This has to be stopped - its going to end up costing lives. Example: Police know a protester has Diabetes - deny them food 'by accident' then claim they were 'drunk & violent' (hypogycaemic) as an excuse for tasering or shooting them "in self defense"...

  27. teebie


    I got the leaflet, but not before I had read about it repeatedly on the register and social media, and already printed of the opt-out

    1. Juillen 1

      Re: Eventually

      But you didn't got to any of the factual sites that explicitly stated what was, and wasn't included in the various tiers of data? You know, like the ones that the NHS has put out there for information?

  28. Faye B

    Making it difficult to opt out.

    Instead of allowing you to fill out the form online, like so many other things can be done, they really are trying to put people off opting out. First you have to print out the form (or write your own version from scratch if you don't have a printer) then fill in the details remembering to tick both opt out boxes but worst of all is you have to get your doctor to action it. How many people believe their overworked GP is going to spend their precious time entering all these requests from patients. As others have said 'they haven't had any confirmation of it being done'. This is the escape clause for the government. By the time you have found out that your opt out request "hasn't been actioned", it will be too late to object. The information will have been uploaded and no amount of whinging (to who?) will get it removed again.

  29. Anonymous Coward
    Anonymous Coward

    This an NHS IT project.

    I worked on one of those.

    There's going to be no data going anywhere.

  30. Tom Cooke

    No leaflet

    ... and I've been into my surgery recently, as has my wife and my Mum, no publicity etc etc.

  31. Martin Gregorie

    Dont forget to opt out of too

    Yes, I got the NHS junk mail. It was obviously an anodyne piece of pap that told me precisely nothing useful.

    I got all the useful stuff by following up URLs in a comment on a previous El Reg article: you need to read both the following:

    and follow up. I've opted out completely from because allowing my data to go forward offers absolutely no benefit to me or the NHS. Its not at all obvious that the cash they get from flogging my data will benefit the NHS: its apparently not ring-fenced. IOW theres nothing to stop the govt from grabbing it and deciding that it could be best used by giving it to GCHQ, restocking the Commons Members Bar, or repainting the Downing Street railings.

    I've also opted out from allowing to include anything apart from the data items they've explicitly listed.

    Note that once data starts to be collected, you can't change your data access consents for either or and that, although summarycare data will initially be for NHS use only, this can be changed without further notice, presumably as soon as the powers that be see that they can profitably flog the summary care data as well.

  32. Anonymous Coward
    Anonymous Coward

    The information leaflet sent out is only about Phase 1, while Phase 3 of is a totally different setup. Under Phase 3, the identifiable Summary Care Records and will be merged, giving a database with fully identifiable medical records. Forget the smoke and mirrors of different types and levels of unidentifiable data, there will be only one record available. These are the full, identifiable medical records that will be sold on request to anyone such as insurance and any private companies for a few quid each. Think DVLA, without any legal restraints.

    If there is a serious medical mistake in your records it will not be corrected, instead a one line, short note MAY be added to say that the information MAY be wrong. Once your fully identifiable records are in the database they will not be deleted, this was added to prevent patients finding out later about the scam and objecting to their identifiable medical records being sold on and their insurance being 'adjusted upwards' due to the information being sold.

    Once these records have been sold on, they become the property of the buyer who can do what they please with the information. There is only one proviso, this is that the buyer 'affirm' that they will TRY to keep the data secure, even though they will not be asked details of their security (if any), and they will not be inspected to ensure compliance, as there are no rules or legal requirements to comply with.

    GPs, Hospitals, A&E, Health Professionals, Pharmacists, Paramedics, or any people who actually care for you, etc. will NOT have any access to your records on

  33. Anonymous Coward
    Anonymous Coward

    The full HSCIC price list - the "menu" - is here.

    Aggregate data (Green), published on the HSCIC website as "Open data" is, obviously, free.

    A statistical table of aggregate data (Green) costs approx. £800 - £1200.

    Pseudonymised (Amber) data extracts cost approx. £900 - £1800.

    Personal confidential data (Red) extracts cost approx. £1700 - £2000.

    Certain PCD (Red) extracts can cost as much as £12000.

    The HSCIC state that they will not make a profit from selling your data, although clearly many of the companies that they sell your data to will be profit-making.


    Red and amber data for sale doesn't exactly fill me with confidence at all.

  34. Will Godfrey Silver badge

    No information at all here in Rochester. If I wasn't a techie reader I'd have no knowledge that was even being thought of.

  35. Anonymous Coward
    Anonymous Coward

    Looks like your data *will* be sold

    First, the answers to Kelly Fiveash's questions:

    Yes, did receive leaflet (misleading, no mention of

    Yes, read it.

    GP surgery (rural Cambs) did know about this and was happy to accept opt out by e-mail.


    Although we are being told that any data is all anonymous this does not appear to be true. For example we have (according to the Beeb) Tim Kelsey, NHS England's national director for patients and information, saying "Can I be categorical? No one who uses this data will know who you are."

    However, if we look at NHCIC's (who will own the data) web site we can see it's scale of charges, which includes "Standard extract – containing personal confidential data" and a price of £2,782. It also lists "Patient status and/or tracking" as a "Product".

    Not that we should be surprised at this, or that we appear to be being lied to, given the way our country is run these days...

  36. e38500

    Old surgeries & changes to patient confidentiality

    1) Do I have to send the opt out form to all my old doctor's surgeries?

    2) I'll be writing to my MP about this change to the law regarding patient confidentiality. Disgusting.

    3) Can I request that my MP not enter anything into his computer when I go for an appointment? Nothing entered=nothing uploaded surely?

  37. Anonymous Coward
    Anonymous Coward

    It's worrying

    I learned about through The Register. Although I've seen the leaflet online, I never saw the paper version; my landlady picked it up and binned it, although she contacted her GP practice immediately to opt out when I explained what it was about.

    The talk about anonymous data use is only to "build trust", as the privacy impact assessment document puts it. Once the records are loaded into the HSCIC database there are no commitments not to release identifiable ("red") data to researchers and others in the longer term, as is already regularly done with "red" data from hospitals . This release of identifiable data is known as a section 251 release and it's what they mean when they talk about only releasing identifiable data where "allowed by law"; since hardly anybody knows about section 251, the NHS leaflets are not properly explaining the potential future use of the data.

    The police are to have access

    There were at least 5 NHS data protection breaches a week in 2008-2011, although those were only the breaches which were identified and admitted, and many NHS Trusts didn't release data on breaches:

    Over 40% of GPs in a poll said that they were going to opt out of

  38. Peter Prof Fox

    No leaflet here

    And today I was having my ears washed out so a complements slip with I "I want to opt-out of data crab' with signature and date was handed over the reception counter. PANIC! I'd have to fill in a form. No I wouldn't. They'd call IT upstairs. They came back saying I had to fill in the form. I said they had to write to me to tell me why "I opt out" wasn't clear enough. As this was today I can't tell the hilarity that might follow. So (1)No leaflet (2)Must jump hoops. Really?

  39. Anonymous Coward
    Anonymous Coward

    The opt-out loopholes and the DPA

    Even if you do opt out, your "anonymised" data will still be grabbed from your GP. The idea is simply that it won't be accompanied by (e.g.) your NHS number, so won't be associated with you personally.

    However, if you also opt out of having your personally identifiable information sold by (this is to prevent them selling the hospital data they already have), then they will also GRAB YOUR NHS NUMBER from your GP. That's so that they can identify who it is whose data they're not allowed to sell. So basically, they'll grab your data without an NHS number and then grab your NHS number. What can possibly go wrong?

    You can find all this in the privacy impact assessment:

    which makes for rather interesting reading. Amongst its gems is the following:

    "Whilst it is possible for patients to object to the processing of personal confidential information under section 10 of the Data Protection Act 1998, this new code allows patients to exercise, to a large degree, choice more easily: they simply need to ask their GP to enter this code into their GP practice record. Put simply, patients who are concerned about their privacy can now control the flow of confidential data both out of their GP practices and out of the HSCIC."

    Now IANAL, but that seems to be saying that all this opting-out (which, as we've seen, still contains a number of loopholes so they can still process your data) is just an alternative to protections under the DPA that still apply. So I suspect that if you write to your GP and/or HSCIC and forbid them to process your data under section 10 of the DPA, they'll have to do just that - no loopholes, nothing. If enough people did that, it might bring the whole thing to a grinding halt until they put a proper opt-out system in place - one that actually opts you out!

  40. Andrew Meredith

    No clear information

    @"Juillen 1"

    As you are the self appointed shill for the medical industry, I have read your posts with interest. Several commentators have pointed out that there is a selection of official information out there that roundly contradicts each other. This is more than likely down to internal changes of plan that have not been followed through to the web pages documenting same.

    This is a badly planned and executed mess. It does *not* inspire confidence in their running of the data after they have stolen it. I also note with some concern that you cannot get your data removed if you initially decided to trust them and then changed your mind. I thought the right of deletion for personal was enshrined in law ??! ..and you can't get a great deal more personal than this data.

    If the bureaucrats at the NHS are getting all annoyed at the pesky patients mucking up their nice shiny plan, they can only look to themselves and their previous record.

This topic is closed for new posts.

Other stories you might like