Using patient-identifiable data for observational research and auditBMJ 2000; 321 doi: https://doi.org/10.1136/bmj.321.7268.1031 (Published 28 October 2000) Cite this as: BMJ 2000;321:1031
Overprotection could damage the public interest
- Rustam Al-Shahi, MRC clinical training fellow. (firstname.lastname@example.org),
- Charles Warlow, professor of medical neurology. (email@example.com)
- University of Edinburgh Department of Clinical Neurosciences, Western General Hospital, Edinburgh EH4 2XU
Across the world rapid changes in the law, technology, and society are reshaping the way identifiable information about patients is handled. In Britain, doctors' longstanding common law duty of confidentiality to their patients has been supplemented by restrictions on processing electronic and paper based records in the Data Protection Act 1998, which came into force on 1 March 2000. This month the United Kingdom's Medical Research Council (MRC) is the latest of several professional organisations to respond to these developments by updating its guidance on confidentiality and the use of personal information (see table on BMJ's website).1-4 The MRC has provided invaluable, balanced guidance but there is still a real risk that strict and selective application of the other directives could jeopardise audit, clinical governance, and observational epidemiological research. This would compromise patient care and the public interest.
Britain has long had the opportunity for high quality observational epidemiology and health services research, using unselected samples of routinely collected data from hospital and general practitioner databases. Important advances in our understanding of aetiology, risk factors, and prognosis have been made through the use of population surveillance, disease registries, longitudinal cohorts, and case-control studies. These have inevitably involved using data about large numbers of people, sometimes without their consent. To our …