Always biting off too much to chew
Requirements:
Patient opt-in system
Patient must be able to opt-out after opt-in
Identify patient
Get Patient's GP's phone number
Encryption, access control and access/change logging etc. implemented from day 1
Extendable system but no *requirement* for any other data <otherwise every health professional wants all their data file formats to be "standards" in the UK-wide database - never going to happen; queue massive bun-fight and resistance and another £8m down the drain>
Set up a charity to hold and manage the data, who's charter is inviolate and does not permit sharing data outwith the NHS *ever* (ever isn't possible really, but using a charitable "buffer" makes it harder for some future douchebag parliament to play fast-and-loose with the data)
Get that system working reliably and then come back for more if you make it...
Biting the hand that feeds IT
