This site is intended for health professionals only

At the heart of general practice since 1960

NHS trying to access GPs' patient records by stealth

By Steve Nowottny

NHS organisations are attempting to use data extraction systems to access patient records from practice systems without the permission of GPs.

Pulse has learned of a series of incidents across the country where GPs have been forced to take action to prevent their records from being accessed remotely.

It comes just a week before the end of Connecting for Health's consultation on the Secondary Uses Service.

In Cornwall, mental health provider Outlook South West had planned to upload data on mental health service uses - including NHS numbers – to a central computer system operated by the Improving Access to Psychological Therapies programme.

Patient data was to have been extracted from practice systems on an implied consent basis and shifted onto the PC-MIS information system based 350 miles away at the University of York.

But Dr Matthew Stead, chair of Cornwall & Isles of Scilly LMC, said local GPs were opposed to data being sent without explicit patient consent.

He said: ‘The issue is about information being transferred from local institutions up to a central server. We took quite a strong view that we didn't think implied consent was adequate.

‘There is huge pressure - with the threat of withdrawing pump-priming money - for those records to start being uploaded.'

A partner at Outlook South West told Pulse while no data from Cornwall had so far been sent, PC-MIS had begun collecting data in other parts of the country.

A spokesperson for Cornwall and Isles of Scilly PCT said patient data had only been collated in paper form at surgeries, and would not be shared until GPs' concerns had been ‘fully explored'.

Elsewhere Manchester LMC has sought advice from the Information Commissioner over similar concerns relating to PCT plans for secure data extraction from GP systems.

The LMC warned it had fears over ‘risk of sabotage', ‘the ability of the PCT to follow the rules of access' and ‘mission creep, if the PCT begins to think it owns the data'.

GPC leaders warned in a separate incident in Shropshire, a practice had discovered its system was being accessed externally by several healthcare workers without its knowledge.

Dr Fay Wilson, a GPC member and GP in Birmingham, said: ‘If people can just tap in when they feel like it, without letting us know, it could be happening all the time.'

NHS organisations using data extraction software to access GPs' patient records remotely

Rate this article 

Click to rate

  • 1 star out of 5
  • 2 stars out of 5
  • 3 stars out of 5
  • 4 stars out of 5
  • 5 stars out of 5

0 out of 5 stars

Have your say