The NHS’s care.data scheme: what are the risks to privacy?BMJ 2014; 348 doi: https://doi.org/10.1136/bmj.g1547 (Published 17 February 2014) Cite this as: BMJ 2014;348:g1547
- Jon Hoeksma, editor
- 1E-Health Insider, London, UK
Among the pizza flyers on your doormat last month you may have seen a leaflet called Better Information Means Better Care. If you read the leaflet rather than throwing it out with the two for one pepperoni deals, you may have realised that the clock is ticking on plans to create one of the world’s largest patient databases, care.data.
The leaflet, sent to everyone in England, says the new database will not be used for clinical care but instead focus on secondary uses such as supporting commissioning, planning, and research. For the first time hospital and general practice data on individuals will be linked.
Full patient medical records will not be loaded, but individuals’ diagnosis and treatment codes and unique patient identifiers, such as postcode and date of birth, will be. A wide range of approved organisations will be able to buy access to the database, including to patient identifiable data, with a scale of fees.
However, the publicity campaign has attracted criticism from privacy campaigners and the Information Commissioner’s Office for not making it clear that patients have a right to opt out of the data collection scheme. Privacy campaigners have also warned that the database poses a threat to patients’ confidentiality and privacy and have voiced concerns that its scope may creep.
What is care.data?
Care.data is being developed and will be run by the Health and Social Care Information Centre (HSCIC), a quango that has been instructed to establish the service by its main customer, NHS England. It will use a monthly extract of data from every general practice patient record system in England and link these data with data from hospitals …