General practitioner England

Last updated:

Key role for doctors explaining data confidentiality

Doctors will play a key role in helping patients understand how their personal data can be used to improve care and help research.

Health secretary Jeremy Hunt said the BMA, NHS England and the Royal College of GPs will be raising public awareness of new data rights proposed as part of a wide-ranging review of information sharing.

Information: To Share Or Not To Share? The Information Governance Review, published today, makes 26 recommendations for England, which aim to strike the appropriate balance between the protection of the patient or user’s information, and the use and sharing of such information to improve care.

They include a commitment to respecting a patient’s objections to the sharing of confidential data for purposes other than direct care — something the BMA had worked hard to reach agreement on.

BMA medical ethics committee chair Tony Calland said: ‘Confidentiality is the cornerstone of the doctor-patient partnership and we must do all we can to safeguard it.’

‘Safe haven’ concerns

The association will press for its outstanding concerns in some areas to be addressed. These include the concept of ‘accredited safe havens’ – secure environments in which researchers can analyse potentially identifiable information.

The BMA warns that the use of any information that could identify individuals, such as their NHS number, could threaten confidentiality unless robust safeguards are in place.

Dr Calland added: ‘While health data is vital to improve health services and medical research, it is essential that the strict controls described in the review for safe havens are scrupulously adhered to and regularly audited by an independent body.’

The report recommendations also include:

  • An audit trail that details anyone and everyone who has accessed a patient’s record should be made available to the patient in a suitable form
  • Healthcare regulators must agree upon and publish the conditions under which registered professionals can rely on implied consent to share personal, confidential data for direct clinical care
  • Social workers should be considered part of the ‘care team’ which provides direct care to a patient and has a right to see relevant data
  • Details about data breaches should be in the quality reports of NHS organisations
  • All health and social care organisations should clearly explain to patients and the public how the personal information they collect could be used in de-identified form for research, audit, public health and other purposes. All organisations must also make clear what rights the individual has to refuse consent
  • The health secretary should commission a group to examine whether registries and public health functions apart from health protection and cancer should be covered by health service regulations.

Shared responsibility

Mr Hunt said the government would publish a full response to the review in the summer.

The review was chaired by Dame Fiona Caldicott who led an earlier review on the use of patient-identifiable data in 1996/97. This review produced six rules for protecting confidentiality, which became known as the Caldicott principles.

In her report foreword, Dame Fiona says: ‘Every citizen should feel confident that information about their health is securely safeguarded and shared appropriately when that is in their interest.

‘Everyone working in the health and social care system should see information governance as part of their responsibility.’