Letters Care.data

Care.data: how Northern Ireland is doing it

BMJ 2014; 348 doi: https://doi.org/10.1136/bmj.g2380 (Published 03 April 2014) Cite this as: BMJ 2014;348:g2380
  1. Brendan O’Brien, consultant clinical informatics specialist1
  1. 1Health and Social Care Board, Belfast BT2 8BS, UK
  1. brendan.obrien{at}hscni.net

McCartney’s feature article accurately describes the Northern Ireland Electronic Care Record (NIECR).1 The NIECR is for direct care purposes only. The robust access controls and audit trail in the NIECR give confidence to patients that their identifiable information will only be viewed by those providing direct care. Patients are asked for their explicit consent by health and care staff before staff access the patient’s record.

In the context of care.data it is more relevant to consider the plans Northern Ireland has for using data from GP clinical systems for secondary uses such as commissioning, risk stratification, and public health surveillance.

This year more than 90% of Northern Ireland GP practices have signed up to provide a pseudonymised at source extract from primary care to inform risk stratification. The Health and Social Care Board will receive pseudonymised data that it will analyse on behalf of the GP practice to generate a practice level risk stratification report. Only the GP practice that provided the pseudonymised data can decrypt the pseudonym key to re-identify the patients.

The data will also be used to plan health and care services and inform public health interventions. However, to further minimise the low risk of patients being re-identified in the pseudonymised dataset via a jigsaw attack the data will be aggregated before being shared with health service commissioners and public health staff.

Longer term, Northern Ireland is planning to establish an on going extraction process similar to the Scottish Primary Care Information Resource (SPIRE). The Data Quality in Practice Project (DQIP) will have an agreed pseudonymised at source minimum dataset and an editorial board to oversee requests for additional extractions. Identifiable data will only be extracted where there is a legal basis for doing so such as patient consent.


Cite this as: BMJ 2014;348:g2380


  • Competing interests: I am a member of the project board for DQIP. I am also a council member of the UK Council for Health Informatics Professions (UKCHIP).

  • Full response at: www.bmj.com/content/348/bmj.g1702/rr/688086.


View Abstract