Amazing piece of PR from the Conservatives this morning that for me, epitomises the Tory project. The story in the Times - “Google or Microsoft could hold NHS records” is a hoot. It’s basically a boring outsourcing story wrapped up in a shiny, cool social media type facade. PR genius. And so post-bureaucratic age. Not sure I’d want my medical records held in the cloud though.
Copyblogger theme design by Chris Pearson | Hosted by ENTANET
13 comments ↓
As it’s not Apr 1, I can only assume that it’s a slow news day for the Thunderer, who could find nothing else to fill the space reserved for “Murray First Wimbledon Champion since 19canteen”
Mind you, Google and Microsoft seem to lose rather less data than the Government does
I did think of cracking that gag but under the circumstances thought better of it.
To be fair Tom, I think there’s a little more to it than ‘a boring outsourcing story’.
The proposal isn’t just bringing in Google or Microsoft, individually, to handle records management. It’s the idea that it could be both, and others too, allowing you some degree of choice, promoting some kind of competition, and crucially, avoiding the risks inherent in a single national database.
This is a question of trust. People don’t trust government IT projects – not without justification, it must be said. But look at the brand research: Google, Microsoft and Bupa are consistently in the Top 10 most trusted brands in the UK. (Note: new Superbrands report next week.)
Personally I don’t have a problem with personal data like this being ‘in the cloud’. All my money is already ‘in the cloud’. My mortgage too. We have a small number of data stores (ie banks), and a system for exchanging data (ie cash transactions) between them. I choose the bank which I trust most, which gives me the best deal, the greatest convenience, the best customer service.
The modern world is all the better for the growth of electronic money transfer. We’ll reap the same benefits if, or when, we crack the problem of identity management. The answer has to be a federated system… and maybe this is the start of it.
Of course, large parts of the NHS are already sending confidential patient referral letters and results to India for typing, so concerns about passing data on-line have clearly been solved.
As discussed today at reboot britain – would like to hear more about plans for how we can manage our own data – cloud computing is likely to become the norm, whether google, microsoft or other – key then will be the t&c’s around how we manage this and who else has access! Along with more crucial aspects of digital literacy, digital inclusion and core literacy skills.
For all the anti-Google/anti-Microsoft rhetoric, it’s a decent enough idea (though I’m not sure I’d trust any Government to implement it possibly). As stated above, the key is that it COULD be Google. Or Microsoft. or somebody else entirely. Or a combination of them. And that it’s not somebody countersigning a contract in Whitehall that decides, but the individual.
The NHS PfIT has been a disaster start to finish, with most IT Professionals looking on with a combination of abject horror and sheer bemusement and the figures and timescales quoted at each stage of the way. It looks even worse when you consider that by necessity in the US (thanks to having many different healthcare providers), electronic interchange of health records (controlled by the patient) has been a reality for some time now.
If we can choose who we trust to hold our medical records and can authorise sharing on a case by case basis then I’m all for medical records in the cloud.
We would of course need a secure open standard way of interchaging our data and for exchanging ‘consents’.
Well can they do any worse a job than the other government favourite for data outsourcing Capita?
At least companies like Amazon, Google and Microsoft can build a large complicated database on budget and on time.
While I would welcome these companies expertise to the NHS care records project as some of the functionality I have seen is excellent I have significant concerns regarding the ideas released so far.
1. Giving patients absolute control over their health records as Google health does and abolishing NHS health records departments is not a good idea. I am all for people having increased access to their records but in no way should individuals be able to decide what to include or not include in their records. This would not be good for patients care nor the general health system. There is also the case that medicl records are used a lot in medical research. A central record should be maintained by the NHS.
2. The idea of outsourcing has been positioned as a cost saving measure. While abolishing medical records departments would save money, this as I have said is not a good idea. The NHS national IT programme includes provision for giving people access to their health records through an online portal however I believe this does not represent a significant portion of NPfIT’s budget. But Googles and Microsofts functionality could be useful additions. An important point here is google health and such formats rely on digital records and it is this the implementation of digital records and associated software with NHS Trusts that has cost a lot of money in the NHS and these will always be needed as trusts and GP’s will have to record patients history either for a central record or to just make available to patients to access on Google Health.
3. Another significant cost perhaps not even included in NPfIT’s budget is the digitisation of historical medical records i.e. those created and updated before digital records are implemented. This could potentially be a significant cost pressure that Google or Microsoft would not alleviate. Digitisation of historical records is essential for improved service to patients and increased efficiencies in the NHS.
In short I do not think what I understand of David Cameron’s idea will save much money for the NHS, could create a lot of problems if a central record was not maintained. I do welcome the functionality googles and the likes could bring to giving people greater access to their information and using it to link up with pharmacies or share with carers etc.
It’s a bit disingenuous – as medical records physically and digitally can and are stored outside the control of the NHS. I recall a lot of the JR Oxford Hospital patient files were stored at Upper Heyford airfield, no doubt quite securely, by a records management company.
Contracting out much reponsibility whether witin the Uk or eslewhere has been quite a hallmark of the last decade+, and accelerated under the present Gov’t. So there’s no question of principle here, surely.
Current data storage contracts that the NHS has are with private suppliers – most if not all – and the network is run by another privat(ised) company – BT – over which all that data passes, or is intended to pass. In an IP environment that can of course be routed anywhere around the world – in a helluva big cloud
.
I’ll paraphrase some other general, and often made but repeatable for all that, comments:
I can contract with an offshore company to store my data and it will therefore have responsibilities directly to me.
If my data is shared or passed to a third party whether on or off-shore, by someone or organisation that purports to own it, I have no control, and there may be incentives on both to evade domestic data protection.
Companies, especially tho’ they are not alone big US corps.,, are subject to pressure from their shareholders, gov’ts and theirs agencies within whose jurisdiction they operate, and from competitors.
Just bear in mind what happened when Facebook was suspected of playing dodgy games over customers’ rights.
There is a change detectable in views on protection of data, and individual privacy, not least in the Western world.
There is increasing competition in commercial applications and services for secure on and offshore data storage with encrypted data and access mechanisms so that increasingly intrusive governments and their agencies, and hostile governments, and indeed commercial interests, can be kept out.
In the consumer area Googlemail/Gmail is considering an encrypted interface as the default setting. Microsoft and others are building secure(r) access allows anonymous authentication, isolsated verification of specific facts and even double-blind calculations.
Government (and it has to be said the politicians advised by the civil servants relying on the consultant/salespeople on behalf of the vednors) is still in the 1960s, at best. Its core administrative concepts date back to the 19th century, and its socio-economic views from the 1930s.
Only the spin is modern.
http://www.e-health-insider.com/news/5006/upmc_team_displaces_royal_berks_staff
Royal Berkshire NHS Foundation Trust has handed redundancy notices to its entire electronic patient record team as it prepares to implement a Cerner system with University of Pittsburgh Medical Centre.
Royal Berkshire broke away from the National Programme for IT in the NHS to do the deal with UPMC, which is already delivering a Cerner system to Newcastle Hospitals NHS Foundation Trust.
It said it could not wait for the national programme, which has been without a local service provider for the South cluster since Fujitsu exited in May 2008.
Here’s an example of what has been achieved under the present Government. The present rather large cloud of the present NHS.
http://www.pulsetoday.co.uk/story.asp?sectioncode=35&storycode=4123229&c=1
A massive security loophole in an NHS database containing the addresses and personal details of millions of patients was exposed this week, after a senior GP successfully accessed the personal data of patients at other practices without being detected.
NHS bosses have admitted they have no idea how many inappropriate or unauthorised accesses there could have been to the Personal Demographics Service, a national electronic database which contains demographic information such as the name, address, date of birth, NHS number and contact information on almost every patient in the country.
Dr Paul Golik, secretary of North Staffordshire LMC and a GP in Norton-in-the-Moors, Stoke on Trent, highlighted the concerns after a patient asked about NHS IT security, and Dr Golik discovered it was possible to access his own demographic record even though he was registered at another practice.
Dr Golik subsequently accessed the personal details of a number of other patients registered elsewhere, including, with their consent, staff at his practice – all without being detected.
And while no clinical information is contained in the Personal Demographics Service, Dr Golik said he was ‘appalled’ that such information was at the fingertips of tens of thousands of NHS staff with smartcard access.
(This what the good doctor could get access to:
NHS Number – The unique patient identifier
Patient Name Including any previous names, aliases and preferred name, e.g. Chris rather than Christopher
Date of birth – The patient’s date of birth. Get more information on new births and the PDS
Place of Birth – The patient’s place of birth
Additional birth information – The delivery time and birth order for multiple births
Date of death – The patient’s date of death. Get more information on recording deaths on the PDS
Death notification status – Indicates a formal death certificate has been issued for the patient and the death has been registered
Gender – Administrative gender
Address – Includes main, temporary and correspondence addresses
Alternative contacts – The patient’s legal guardian, proxy, family/close contact
Telecommunication contact details – Contact details such as telephone number, fax number and email address
Preferred contact times – Patient’s preferred contact times
Preferred contact method – The patient’s preferred contact method, e.g. telephone contact by proxy, no telephone contact, sign language required in face to face contact or minicom
Preferred written communication format – Specialised patient contact requirements, e.g. large print, Braille, audio tape
Preferred language – Information on patient’s preferred language of communication
Interpreter required – Indicates that the patient requires an interpreter
NHS Care Record consent to share status – Indicates that the patient has agreed to share their health record
Nominated dispensing contractor* – The patient’s nominated dispensing contractor that could include a community pharmacy, dispensing appliance contractor and a dispensing doctor.
Reason for Removal – Indicates that the patient is not registered with a GP
Previous NHS contact indicator – Indicates that the patient confirms they have had previous NHS treatment. This allows the PDS National Back Office to check for a duplicate of a record
Patient call-back consent status – Indicates that the patient is willing to be called back from a Choose & Book call-centre
Shared secret – An encrypted password used to validate a patient’s identity when contacted from a Choose & Book call-centre
Sensitive record indicator – Indicates that either the record is not accessible to PDS users or that the content of the record is being reviewed to ensure the data is correct
Primary Care – The GP Practice with whom the patient is registered
Date of Registration – The date the patient registered with the GP Practice
Back office location – The back office location associated with the GP Practice where the patient is registered, used for the administration of primary care
Serial change number – The mechanism for synchronising local and national records
HealthSpace status – Indicates that the patient is registered to use HealthSpace
NHAIS Information – The PDS holds certain information to allow it to interact with the NHAIS system that administers primary care. This information is not routinely accessible by the NHS
from NHS Connecting for Health
http://www.connectingforhealth.nhs.uk/systemsandservices/demographics/pds/contents/index_html
Leave a Comment