This site is intended for health professionals only

At the heart of general practice since 1960

Care Record move to ease fears over confidentiality

Connecting for Health reacts after internal report confirms GPs' concerns


Connecting for Health is to

add an extra level of security to the NHS Care Records Service

after an internal investigation backed GPs' concerns about confidentiality and patient safety.

A report commissioned by Connecting for Health concluded its existing plans for 'sealed envelopes' within the record containing all sensitive patient information posed 'the most significant breach of confidentiality risk'.

The risk was found to be greatest if this sensitive information was held on the national 'spine', rather than locally, because more people in the NHS could potentially share it in error.

For example, a clinician inputting information could inadvertently see confidential

data already in the supposedly sealed part of the record.

This threat could increase fear among patients that such information would not be kept secret, the report – Sealed Envelopes Risk Assessment Project – said.

Patients may then avoid seeking treatment, which could 'impact greatly on their health and the treatment they receive', it concluded.

The findings are a major blow to Connecting for Health, which has consistently rejected GPs' concerns about the increased risk of confidentiality breaches as a result of the Care Record.

Connecting for Health is now proposing that patients can have an extra 'sealed and locked' envelope containing the most sensitive information they do not want to be shared.

The envelope will only be able to be opened by the team of clinicians who created it. Even the existence of these envelopes will not be visible to other clinicians and it will not be able to be accessed by anyone else

even if the patient requests it.

Dr Gillian Braunold, GP clinical lead for Connecting for Health, said: 'The only way information would be transferred to another team would be explicit referral mechanisms, like in a letter, and then it would be sealed and locked in the other environment too.'

Less sensitive information which could have an impact on a patient's care, such as drugs being taken, will still be held in the sealed envelope, as planned. This could be opened with patient consent or in an emergency.

Dr Richard Vautrey, GPC negotiator, said the new proposal 'would certainly work better than the original sealed envelope scenario'.

But he added it would need to be tested and evaluated fully before the GPC gave its backing. 'These things often sound good in theory,' he said.

Dr Paul Thornton, a GP in Kingsbury, Warwickshire, said the extra level of security would not solve the problem.

He said: 'It's an added layer of complication.'

• GPs' slow broadband – page 22

The two-tier system to

protect confidentiality

Sealed envelope

• Holds information the patient does not want clearly visible –

eg, sexual or mental health conditions currently being treated.

• Information is likely to be clinically relevant.

• Presence is visible in the summary record but patient consent required to access contents.

• If envelope is opened without consent, alert raised to local 'information guardian'.

Sealed and locked envelope

• For extra sensitive information with no current clinical relevance, such as abuse or a past termination, the patient does not want shared at all.

• Presence not visible in the record to anyone except the health care team that created it.

• Cannot be opened by anyone other than team that created it, even if the patient were to request it.

Rate this article 

Click to rate

  • 1 star out of 5
  • 2 stars out of 5
  • 3 stars out of 5
  • 4 stars out of 5
  • 5 stars out of 5

0 out of 5 stars

Have your say