Intended for healthcare professionals


Undermining data privacy in health information

BMJ 2001; 322 doi: (Published 24 February 2001) Cite this as: BMJ 2001;322:442

New powers to control patient information contribute nothing to health

  1. Ross Anderson, reader in security engineering (
  1. University of Cambridge Computer Laboratory, Cambridge CB2 3QG

    Since 1910, doctors have been arguing with successive British governments over access to medical records. The compromise that has emerged over the years balances patient privacy, professional autonomy, public health effectiveness, and the needs of scientific research. Past attempts to disturb this balance have foundered—on professional resistance, patient rights, and the property rights of healthcare firms—but the side effects of these disputes have often been debilitating. And now an innocuous sounding clause in the latest bill on health is set to upset the balance again, with potentially damaging effects on both privacy and research.

    The last government attempt to extend its access to personal health information was the information management and technology strategy, which in 1992 talked of a single electronic health record, accessible to all within the NHS. But the strategy was not designed to facilitate the sharing of health data between clinicians so much as its collection in central databases. This put it on a collision course with the law. For example, the Venereal Diseases Act restricts identifiable data …

    View Full Text

    Log in

    Log in through your institution


    * For online subscription