The NHS's care records service should have built-in electronic mechanisms to ensure automatic compliance with patients' choices about how their personal data is used, an expert group has urged.
The care records service is being introduced as part of the NHS's £12.4bn National Programme for IT (NPfIT), but the shift to a national system of electronic records has been contentious, with doctors and members of the public raising fears about the confidentiality of patient data.
In response, the government has issued a care records guarantee, giving patients rights over the uses of their data and allowing them to prevent parts of their health records being shared by placing them in "sealed envelopes" on the computer system.
The recommendation for a built-in mechanism to ensure patients' choices are respected comes in a report by a working group, including doctors, looking at "secondary uses" of patient data – for purposes such as medical research, public health surveillance, service planning and the financial administration of the NHS.
Electronic mechanisms should record patients' consent – or otherwise – to the use of their data for these purposes and “ensure that the consent choices of an individual are automatically adhered to when providing data from their record”, the report submitted to NPfIT's Care Record Development Board says.
It adds that design work for the sealed envelopes must take into account “the need to ensure appropriate anonymisation of this information for secondary use purposes”.
The working group also proposed the establishment of an "honest broker" – a trusted data custodian with responsibility for data access systems and for “ensuring that the pseudonymisation and anonymisation processes are correctly specified”.
A small number of “safe havens” – designated physical or electronic areas providing security for sensitive and confidential information – should also be set up, the working group said. It suggested the model of research datacentres in use in many countries to give legitimate researchers secure access to confidential data.
Requirements for honest brokers, safe havens and a supporting regulatory framework should be published, the report says.
The report was broadly welcomed by Dr Vivienne Nathanson, head of science and ethics at the British Medical Association. “There is much that is sensible in this report, particularly the recommendations for greater transparency of governance arrangements, and greater patient and public involvement."
There may be benefits to public health in greater use of anonymised patient data, she added. But the principle of patient consent "must be central to the design of the new system", she said.
Dr Nathanson also warned that the security of the "safe havens" must be tested.
“We do have concerns about the central ‘safe haven’," she said. "Where medical records are held centrally, there must be robust safeguards on their security and confidentiality. The 'safe haven' must prove it can meet these requirements.”