Jan 2005
The spy in the GP's surgery
Alice Miles

FOR SOME reason, there has been a lot more fuss about identity cards than
about the electronic patient record.

The what? Quite. The NHS's electronic patient record is already up and
running. It contains basic demographic data - name, address, date of birth -
for every person in the country. This year the system will "go live", area
by area, with more and more of a patient's personal medical record added to
it. It will be far more intrusive than an ID card. And hundreds of thousands
of NHS employees will have access to it. Wave bye bye to patient

No system with that many users can be secure.

You may not even know it is happening. Local advertising campaigns will
alert patients that the system is starting up in their area. If you fail to
notice the adverts, your GP is under no obligation to inform you that he is
about to post your most private details online.

The patient record programme - which will include new information, but not
existing records - is part of the 6.2-billion IT system being built to
cover the whole NHS. It is the biggest civil IT programme in the world,
could eventually cost up to 30 billion and will link 240 hospitals, 8,000
surgeries, 100,000 doctors and 380,000 nurses on the internet, enabling
computerised appointment bookings, an electronic X-ray archive and online
repeat prescriptions (eventually, maybe). The electronic patient record
forms a major part of the system. It "sits on the spine", as one official
put it.

Officials at the Department of Health and seconded techies from the private
sector are building in a range of "security" measures. Hospital staff will
have to prove their identity, for example, before being registered to use
the system, and they will need a password to gain access. Anyone who reads
or changes a patient's record will automatically be logged. Which doesn't
sound any more secure than your average company IT system, with their
"spare " log-ins and generic passwords. Given the number of temporary staff
employed by the NHS, this system will sooner or later leak like a sieve.
Family doctors' leaders have already said that they fear patient
confidentiality will be compromised and that their workload will increase.
GPs, like everyone, hate change.

It should work like this: the GP will make his or her notes, parts of which
will then be extracted on to the "spine" - major conditions, prescriptions,
allergies, etc. All hospital treatment will go on to the spine as well. This
should mean a faster, more efficient service for patients: fewer referral
letters, no more brown envelopes overflowing with medical records, X-ray
results available online, and repeat prescriptions issued at the touch of a
button. That is if - and it's a big if, given the Government's lamentable
record with large IT projects - it works.

Thankfully, if you don't trust the system you can opt out. You will, though,
be automatically included unless you say you want to opt out, in which case
all your records will remain with your GP. Hence the importance of catching
the announcement that the electronic record is starting in your area.

A further security system is planned. All patients will be allowed a "sealed
envelope" into which will be placed any information that they want to be
kept confidential. It can be opened only in the event of an emergency: for
example, when a patient is incapacitated and unable to give consent. What
will you put in your envelope? And how pleased is your doctor going to be
when you, the patient, decide that you are happy for one piece of
information to go on "the spine" , would like another one in the "sealed
envelope", but prefer your conversation with the GP to be kept in his notes
only? And at which point in the chain - when you go to your GP, when he
takes a swab, when the results are returned (electronically, presumably) -
do you, the patient, decide that, actually, that's a little embarrassing.
Could I put this whole episode into the sealed envelope, please? An
unresolved issue has already arisen over whether a patient may put in the
sealed envelope a condition - for instance, being HIV positive - which it
may be a danger to other people, such as a surgeon, not to know. Who, in the
end, owns a patient's notes?

The security will rely not only upon thousands of hospital workers, many of
them temporary, but upon GPs and their staff to co-operate with patients'
wishes. And if there's one thing a GP hates more than a government diktat,
it's an order from a patient.

There is an alternative that would give patients flexibility, control and
choice. This would be to put records on to an electronic card that could be
read by NHS computers around the country, keep a back-up for safety - then
let the patient carry the card with him. He wouldn't be able to change it,
but he would own it. And with it he could visit any surgery, instead of
being tied to a single one that doesn't open in the evenings and is nowhere
near his office.

It would be up to the patient not to be moronic and to take the card with
him when he has a hospital or doctor's appointment (to deal with the
objection of one GP who suggested that patients are too stupid to remember).

Senior ministers are desperate to break the grip of GPs over the NHS.
Unreformed family doctor services run for the convenience of GPs and not
that of patients are responsible for much dissatisfaction with the health
service - unsurprisingly, as there are between 6 and 7 million operations a
year, some 12 million attendances at accident and emergency and 300 million
GP appointments. But ministers, afraid of confrontation with GPs, are
pussyfooting around the threat of allowing the private sector into the
family doctor's surgery.

So why not let patients make the choices for them? Give them their records
and they can take their business where they wish. The visit can be logged
electronically and charged to the primary care trust responsible for that
patient. Information is power. Which is why government and the NHS will
always try to hug it all to themselves.