Care.data 'will allow police access to patient records without informing GPs'
Care.data will enable police to access a patient’s medical records without GPs ever knowing, if required as part of a serious crime investigation, it was claimed today.
As it stands, police would need to obtain a court order then approach their GP to obtain a suspect’s record. However, after the introduction of care.data they will also be able to approach the national database, it has emerged.
In a written response to a question about the scheme from Tory MP David Davis, health minister Dr Dan Poulter said: ‘In terms of information which identifies a patient, NHS England’s “Better information means better care” leaflet sets out how people can ask their GP practice to note their objections, which will prevent confidential, identifiable data about them being used by the care.data programme, other than in a very limited number of exceptional circumstances.’
‘As examples, existing public health legislation may require data to control the spread of specific infectious diseases or the police may require information about an individual patient when investigating serious crime. Decisions are made on a case-by-case basis and must balance legal requirements, the duty of confidentiality owed to the patient and the accepted public interest in a confidential health service, all against any benefits that may arise from the disclosure.’
Mr Davis told the Guardian, who first reported the concerns about police access, that: ‘The idea that police will be able to request information from a central database without a warrant totally undermines a long-held belief in the confidentiality of the doctor-patient relationship.’
To date, concerns over the implementation of the NHS England’s flagship data scheme have largely stemmed from the requirement of patients to opt out rather than consciously opting in, and criticism of the Government’s public awareness campaign.
Under the scheme, patient records will be extracted from GP systems to the Health and Social Care Information Centre (HSCIC) and linked with records from other parts of the NHS. Unless patients opt out of the scheme, these will be extracted along with ‘identifiers’ including postcode, date of birth and NHS number.
Patients who have opted out of the scheme will still have their records sent to the HSCIC stripped of identifiers, but in some cases knowing details of a patient’s medical history could be enough to identify them.
A DH spokesperson said: ‘There are strong legal safeguards in place to protect patients’ confidentiality. If people do not want their data to be shared, they can speak to their GP and information will not leave the surgery.’
‘Any release of identifiable data without consent would only be in a very limited number of exceptional circumstances, where there is a clear basis in existing law – such as for the police to investigate a serious crime.’
However Tim Kelsey, national director for patients and information at NHS England, insisted that there was ‘absolutely no change to how police can access individual GP records’ as a result of care.data, and said: ‘For cases about an individual, police would still go to the hospital or the GP practice rather than the HSCIC.’
A spokesperson for the HSCIC added: ‘Under Section 29 of the Data Protection Act the police can ask for personal confidential data if they are investigating a serious crime. However they need a court order in order to insist on its release and the HSCIC will not release clinical information unless this court order exists. Information can also be requested under the Children’s Act to safeguard vulnerable children who are at risk.’
The development comes as an online petition calling for the scheme to be halted reached more than 100,000 signatures.