Using personal health information in medical researchBMJ 2006; 332 doi: https://doi.org/10.1136/bmj.332.7534.130 (Published 19 January 2006) Cite this as: BMJ 2006;332:130
- Tom Walley (firstname.lastname@example.org), chair, Research Governance Group
- Royal Liverpool and Broadgreen University Hospitals, Liverpool L7 8XP
Recent growth in the regulation of research involving patients or their personal data in the United Kingdom—such as research governance, the European clinical trials directive, the Data Protection Act 1998, the Human Tissue Act 2004, the Mental Capacity Act 2005, and guidance from the General Medical Council—has caused delays, higher costs, and sometimes cessation of research projects.12 Rules around privacy, confidentiality, and consent have become particularly complex and confusing.
The people appointed to protect personal health data sometimes seem to feel no need to facilitate research. These include Caldicott guardians (board members and senior health professionals appointed by each health authority, NHS trust, and primary care group to safeguard the confidentiality of patient information) and data protection officers who often work with medical records departments. These guardians and officers and their organisations are averse to risk and often restrict or deny access to personal medical data, interpreting the Data Protection Act as insisting that patients must consent directly to participate in research or that patients' data must be completely anonymised.