NO2ID

Well have now written 2 letters to the doctors, one about all the errors on my medical records.
1 to request that I be taken off the database immediately



At the time of handing this in the Doctors were in a meeting with the practice manager whom I made the complaint with.
as to information being sent out, that was picked up and returned within the hour after the complaint was made.

By the way I am not suicidal or depressed, although I am now begining to get a bloody migrane!

I work in an admin role in a GP surgery. Whenever we use the computer a pop-up box appears, before we are allowed to do anything (eg arrange a hospital referral). The box asks if I 'accept' that the patient has given 'implied consent' for their records to be uploaded to the Spine. We have been told by our employers we have to click 'accept', and indeed the computer will not allow us to get on with our work if not, saying it cannot proceed. Yet as we are told we HAVE to book hospital referrals this way clicking 'accept' is the only way to do it.

I feel very uneasy doing this because I know full well the majority of patients who I am 'accepting' have given consent really have no idea of what is going on. It takes GP's long enough during a consultation simply to outline the bare-bones of the Choose & Book system to a patient, let alone explain exactly what The spine means for them in terms of confidentiality. Also, I feel uneasy on a personal level because every time I click 'accept' this decision to accept is presumably being stored on my smartcard, and personally attributable to me. Does this make me liable if - and quite rightly so - patients for whom I have clicked as having given "implied consent" later object to that having been done on their behalf?

Interesting. Please can you elaborate under exactly what circumstances this "Implied consent" box pops up. Is it only for Spine-related options (like using choose-and-book), or does it also happen for non-Spine options, such as updating the patient's details on the local record, which (I believe) is still held only at the GP's surgery?

being a patient i would be very anoyed and would try make a complaint against you. Having said that, it would seem that as a member of staff you have the right to prevent the patient finding out that it was you that did it. I have been trying for close to 2 years to get the names of admin staff that have accessed my data but been refused to know this, even though the GMC want it as the GP may have breached confodentality by sharing the medical info.

Also Schedual 8 of the DPA 1998 would seem to allow you access patient medical info without patient consent. I had my medical records photocopied by admin staff I had made a complaint agaisnt despite there being a) no need, b) they had been denied access, c) I never wanted photocopies. They and the agnency in Preston used Schedual 8 to gain full access to my GP records without consent. Although a complaint and littergation manger at another trust said this should not have happened, it is up to the individuals boss to decide if they should have done it. Chances are if someone makes a complaint against you for sharing data, your boss can simply ignore it

Patients can not consent, even imply consent, to something they are ignorant of. If your boss is telling you to accepte, then you should be reporting your boss to the Information Commissobners Office and to the GMC (something you are required to do if you think data is being shared without consent).

I asked about this, who accessed and when... I was told there is no log.. the only time you can find out is when they log into your records to add / ammend. Their name date and time are entered onto your records.

I queried how a receptionist could log details into my medical records which were inaccurate, untrue and liabelous.. I also asked for clarification why no senior manager is not informed of these entries to check with the patient if they are indeed accurate, malicious or covering the errors of the receptionist / doctor.
My file reads like a cover-up with a junior doctor and a receptionist, the doctor made mistakes, the receptionist took 10 days to type a letter of refferal and yet the entries on the record, exonerate them of any mistake! and try to blame me - The patient has no right to see these entries unless they specifically ask for them!! - I hate to think what malcious content some of these over zealous demi Gods have written about some people! -
I criticised the practice for incompetence - and the only thing going in my favour at this present moment in time, is the receptionist in her bitterness typed in that I 'was slagging off the practice by calling it incompetent' - This use of the word 'slagging' raised an eyebrow with the practice manager and she informed me that she didn't like it and had already told her staff not to use it...

I imply from this that there may well be several patients whose records have the same allegations!!

I have a copy of my records, but it does not contain any information about who has accessed them and for what reason (it does contain 11 letters of complaint which for some reason never made it into a complaints file sent to the local PCT or Health Care Commission and other letters were missing). A practice manger (in aberdeen) did tell me that that doctors/nurses at her practice do not put any data into a medical record, they simply tell someone else (the secretary or anyone else they want to tell) all the data, i.e. sexual problems, rape/abuse and anything else and do allow other admin staff to go into patient records without patient consent. The GMC have already said that this is "unacceptable" but untill the GPs admit to it in writting, the GMC will not even talk to the doctors.

I have now managed to find a GP that has agreed to withhold data from others in the practice (there are very peersonal reasons for this and the GP agreed that there was a clear need for me to withhold data from others).

For those that have tried to opt-out, you might want to check out the link to e-health insider (http://www.e-health-insider.com/news/item.cfm?ID=2316). The DoH are in effect telling you where to stuff your opt-out request and they will carry out their proposed 'data rape'.

Yes, the pop-up box for "Implied Consent" appears as far as I can recall, just when using "Choose & Book". It just says something to the effect of "Patient gives implied consent" and the choices are "Ok" or "No". If you click 'no' then you cannot proceed with the referral. So my employers and the trainers have said we must always say "Ok". This really makes me uneasy. I hate saying "OK" to something I feel is very NOT "Ok". I have decided to bring this up with my employers, at the risk of being blackmarked, as I feel it is too important an issue to simply carry on accepting it.

Separate to the "implied consent" pop-up, however, other things are going on whenever my smartcard is in the cardholder.... whenever I pull up a patients name on the computer a little message at the bottom of the page tells me that the patients 'demographics' are being downloaded from the spine. Then a minute or two later it tells me "demographics received". This suggests to me that a lot of the demographic information is already "out there". I do not know enough of the technical side of it, but I have a feeling whenever my smartcard is in-situ the spine is somehow gathering demographic data in the background whenever I pull up a patients name within our surgery database.

Now and again the Spine throws up a pop-up box querying a patient's demographic details and asking if it corresponds with our database. Usually it is just a small error such as a patient may be listed on the Spine as "Barry John Davies" and we have them as "John Barry Davies". But the fact the Spine is querying details here makes me think a large amount of demographic info is already on there.

Another worrying thing - I perhaps should not be saying this - but the talk about all the supposed confidentiality is a load of rubbish. I had to do a referral on a patient who was fleeing from domestic violence. When I went onto Choose & Book to enter the referral details, the Spine threw up one of these pop-up boxes querying the patient's name/address. On the left side of the screen (our database) it gave the patient's assumed name and supposedly secret address, on the right side it gave her old name and address (the spine database). So somehow The Spine had made the link and 'knew' this was the same patient. I don't know how it 'knew' - ? her NHS number perhaps or date of birth? Well, if I had clicked 'amend' then her new 'secret' name/address would have been uploaded to the Spine! Fortunately I had the forethought to abort the whole system, but are the other 249,999 people with smartcards all going to be that careful? This whole thing is so wrong.

I would not blame you for being annoyed. At present I am being put in a position of having to click 'ok' that a patient has given implied consent, because of my job and that is what my employers have told me to do. Yet I do not believe it is right or fair to the patients for me to be doing so.

Aside from the moral issue, what concerns me on a personal selfish level is I do not want angry patients coming at me in months/years to come, demanding "who gave you the right to say I have given implied consent"?! My GP employers may well try and reassure me, saying "Don't worry, you are working for us so the buck stops with us" etc. How can I know 100% they would support me though if litigation arose? At the end of the day the act of agreeing a patient has given their implied consent is being attributed to MY personal smartcard, not my GP employers smartcards - so it is me and the other thousands of lowly admin staff at the bottom of the NHS heirarchy who are at risk of being in the firing line. I don't want to be a scapegoat for a government experiment, and I do not think it is right we are being put in this position.

On the positive side, supposedly the whole point of the smartcards is that there is no way for a member of staff to be able to 'hide', become untraceable, or protected - as the smartcards record every bit of data that the cardholder enters in a record. We had to sign a form stating that we were personally responsible for our card and basically whatever that card is used for is legally down to us. This aspect I think is a good thing if it means more accountability and patients being able to track who has accessed or altered their record. Personally I don't want to 'hide' from patients. I want to be accountable for whatever data I enter on a patient's records, confident in the knowledge that what I am doing is 100% correct, both in terms of data entry and ethically. This is why I feel so uneasy about the "implied consent" matter, because it totally goes against my ingrained training and respect for the importance of confidentiality and consent.

The reason the names and address pop up is because the demographic data has already been uploaded to the spine. The patients name would have come up if you put in their NHS number.

It is highly unlikely that patients will find out about what you do as you have more rights to remain nameless than the patient has to keep data from you or decide who should be given copies of their data. Your boss can also claim at a latter date that you should not be named in case a patient gets angary and decides to come after you. If they do not know who yu are, then that makes you safer. I am one of thse people that will not do something simply because I am told to do it. If I worked at the practice and the box came up I would always click "no" and if that meant I could not make the referal, then I would simply tell my boss I cant do it as it undermines my ethical and moral standards. If your boss tries to sack you, you can take it to a tribunrail on the grounds that you refused to carry out an act that you thought was imoral, unethical and has the possiblity to land you in court.

Doctors are not legally required to use chose and book and the patient can refuse to allow this, so next time you can simply ask the boss to use other rrangements.

As a member of the NHS you are also required under the NHS code of practice 2003 to take action if you have reason to believe a breach of confidentality has taken place. It is never nice going up against your boss but considering data is being shared without consent, then you may have no choce unless your boss changes his/her attitude

Anyone know what the other political party's thinking is about not being able to opt out this NHS database?

I asked the Lib dem guy down at Morecambe/lancaster but not heard anything back.

The labour MP for Morecambe (Geraldine Smith) seemed to have the attitude that if you are not prepared to tell every doctor, nurse, admin staff and have it put on the spine then you should not abe allowed accesse to health care. Then again, with all this publicity about it she might have noticed that she is backing something that will see patients die if they patient refuse to allow their data to go via the spine.

Just so those that are covered by NHS-Grampian are aware, you are not allowed to restict access to your records, even a receptionoist is allowed to know you have been raped, abused had sexual problem and anything else the doctors/nurses decide to tell each other. You are not allowed to prevent this even though the GMC say you can.

I know this is a different subject to the NIR but it is this sort of thing that should send alarm bells ringing. If you have no right to restict access to your most sensitive data such as if you were abused, then I dread to think what they will do with the data n the NIR.

I received this letter today from the Practice Manager of my GP’s surgery after sending them the Letter format recommended by the-big-opt-out.

“I refer to your letter dated 22nd November 2006 exercising the right to opt out of the electronic database.

The only database opt out we can currently remove you from is the Emergency Care Summary, which allows any doctors who treat you when the surgery is closed having access to your records. If you were to call NHS 24 you would be asked for your permission for the doctor on call to access your emergency care summary. Please confirm if you wish to withdraw your consent for the Emergency Care Summary.”

From that presume that my records have already been uploaded onto the NHS spine. I will be asking for conformation of this and will post their reply on this thread for those of you who are interested.

I told my GP employes I was unhappy with having to say "ok" to the question of "implied consent". It did not go down very well, although they said they too have similar concerns. However, they told me I would not be held liaiable, even if patients were angry I had said "ok" - because apparently as it is a government decision the government are the ones who will take all the responsibility.

I am still not happy with saying 'ok' though and have found that if I click the 'X' box at the top of the pop-up it will make the box disappear without me having to say either 'ok' or 'no', and I can get on with the referral. So from now on I shall do that. I expect sooner or later it will be discovered that I am no longer saying 'ok', but I would rather deal with the fall-out of that than be guilty of saying 'ok' that patients give their 'implied consent'.

OK, obviously records should not be uploaded without permission from the patient and there don't seem to be the needed safeguards, but what would the implications be as far as future treatment is concerned of sending an opt out letter to your GP?

I think the best way of looking at it is this.

For many many decades the NHS has been running efficiently, we have been treated in a variety of hospitals without the need for doctors to access our records.

Being that full diagnostics are taken on a patient prior to surgery anyway, what good are the records?

Surely if you have an allergy to peneciilan, nuts, etc it is easier to wear a medical bracelet!

The point of this database is not as is suggested to help in treating people, as you go to the doctor for general medical complaints, you go to hospital for more serious!
I think the medical records are being put on this SPINE quite simply so that the Gov't can claw back money my allowing access to these records by insurance co's/ employers etc..

It is the only reason I can think of for allowing it in the first place!

In the past if your GP sent you for a referal, then it was possible for that data to be sent (currently coded data can be automatically lifted out meaning you have to ensure that they de-select the coded data that you do not want sent. If you dont and they forget, then it could involve the hospital getting told about all coded data, including abortions). What will happen in the future is that this will also be sent to SUS in identifiable format and if you say no, then you do not get the referal, no operation and virtually no access to health care. If enough people tell them that this is not good enough, they will be forced to provide the alternitive and let your data go directly to the hospital.

A&E will normally be too busy to read your records to find relevant data and will use normal protocols when dealing with accidents. If you are diabetic ect, then you should carry info on you in case you get in an accident. All that will mean is they know about the fact you are diabetic but will not know 3 months ago you had a bad case of thrush or that 10 years ago you had depression.

Excuse me if I interject with an important sevice announcement...



I'm very sorry, freedom seeker - it appears the situation in Scotland is different.

As often sems to happen (Poll Tax, anyone?), it seems that Scottish folk were offered their 'opt out' - actually more meaningless than what we're using down here - ahead of the rest of the UK. The 'Emergency Care Summary' for NHS 24 is something similar to the proposed English 'Summary Care Record' for NHS Direct, but the move to centralisation has already taken place, or is at least in the process of doing so.

I apologise for any confusion, and will make sure that TheBigOptOut.org website is changed to reflect the different situation in each of the nations.

Unfortunately, you can begin to see the line that the NHS is likely to take in England if we don't nip this in the bud...

Well they can still gain access to and use paper records surely cant they? I mean what if the computer system goes down - they would have to fall back on paper records then.

So is the big opt out still on then for the main database? Taking into account what Hewitt said recently.

I don't think anyone is arguing that medical records shouldn't be computerized or that there should not be electronic communication between doctors. Any transfer of a patients medical history electronic or otherwise should be relevant to the treatment they are about to receive, a full disclosure should not be made.

It is a universally accepted standard amongst medical professionals worldwide that the doctor patient relationship is confidential. This central database destroys that confidentiality. The governments own advisers are telling them records should be kept locally (on your doctors system) but will they listen... no prizes for guessing the answer.

From what I've read this entire 'upgrade' was obsolete before it left the drawing board and will be a £12bn white elephant. This whole IT project will probably be used as an example of what not to do with networks and databases for generations of IT students to come. We can boot the architects of this balls up out of office but we can't get our money back.

I suppose we could always demand to see TB's NHS files to see if he is actually fit to run the country!

It is probably filed in the 'danger to the community' category!

moderation note: great chunk of irrelevant argument about merits of NHS as a system, and its funding, moved to "Everything Else"

Have just called my doctors to ask if my records have been taken off the computer as I had asked....

No. But we're looking into it, we've had to get in touch with the IT company who are in charge of the system as we cannot delete a patients records.

Can someone tell me this - Do Outside contractors now have our medical records on their ststems?

Have been contacted by the doctors I'm to go to a metting next week to discuss the IT situation and the databases!

Any one got any questions they want asking?

Depends where you are. I you are in England then you could try the following questions:
1) Will any identifiable data be available to anyone other than a doctor? The reply should be yes. SUS, admin staff, mangers and in the futer possibly your local chemist will have access.
2) Will I be able to see a doctor and whithhold it from others doctors/nurses, SUS ect? Chances are it will be no. I have been in practices in Aberdeen where nurses from an asthma clinic are allowed to sit down and go through patient records and know about things like rape, abuse, abortions, STDs/STIs, sexual problems and everything else and patients are not allowed to prevent it. If they can claim that they have a right to ignore the patients request, then what is to stop every doctor/nurse you see from doing the same thing?
3) What would admin staff and managers get to see? Be specific. For example you caould ask "Would they know that I have/had emotional probles, chest infection or had been persribed sildenafil? Thats Viagra to you and me. Again I have been in practices where even admin staff are allowed this level of access.
4) If I refuse, will it still be possible for me to access things like operations or have blood test? Chances are the reply be no and I have the emails from CfH to prove it.
5) Will I be allowed to know the identities of everyone that has accessed my record and the audit trails and know what medical conditions they know I have/have had? Again the reply will most likely be no. I have been trying to get this for close to 2 years I have been denied the right to know who knows what about me.
6) Can my records be accessed without my consent? The reply is likely to be yes. I have had this done on many occasitions, includin staff I made a complaint against accessing my records where she had been denied access and a Complaints and Littergation manager in another NHS trust said "should not have happened".
7) Will I be allowed to decide what goes on the spine? Again the reply is likely to be no. Once again I can provide emails backing this up.

Be weary about what they claim is 'confidential'. Things like NHS numbers are meant to be confidential, but it would seem that in Scotland Community Health Index numbers are being put on some bus passes without patient consent.

Chances are they will try and get you to accept the 'need to know' thing they like but at the same time they will refuse to say who this means.

If you want to stop some people, such as admin staff, knowing your medical info, you have to tell your GP to withhold the information, otherwise it gets shared even if you are not aware of the sharing (I meeet a GP recently who pointed out that 90% of his patients "have no idea" what data is shared or with whom it is shared). You could always ask them to print out a 'screen shot' everytime your records are accessd by people other than your GP and who it is being shared with. You would need to pay for the printing, but at least you would know what they seen (just be sure to tell them a scren shot should be taken everytime a new bit of the record is brought up).

In Scotland there is the ECS but this is entirely voluntary, although it did take me a bit of arguing to make sure I did not have one and still metting people that did not know about it, even tyhough their data has been uploaded. Even this limited data is not that private and is often accessed without there being a need. For example reception staff will get to know your current medication and medication taken in about the last 8-12 weeks even though them not knowing would not endanger your life. NHS Scotland plan to have a national database by the year 2010, but might pull back from doing the same 'data rape' the DoH, NHS and CfH are planning in England.

After wards you could always ask them if you will need to have your biometrics taken in the duter as part of the ID card system (pointing out that the fact you were there will be shared with others to find out if you are a criminal).

Anyone with access to the database can potentially access your records but that does not mean the contractors will know, unless they want to delte info, in which case they might need to see something. Best to ask you practice (get contractors to do a screen shot of everything they see)

Sorry, but not sure about Wales, but think they are getting an ECS soon.