I was also listening to this interview and immediately penned a note to the Today programme. I wish I could send the screenshot of my message - I can’t, of course - but ended it with these words: “. . . And get Rory Cellan-Jones on to talk about data protection and all things to do with health and IT. He knows.” I hope they do! Everything you say makes so much sense.
Investigating and honest reporting of the wider health + technology world is one of the strongest strings to your intellectual bow of curiosity, so thank you for that, and please keep it up.
Ive been a carer to my mum (94) for the last 10 years & she has had numerous falls & health conditions I wholeheartedly agree with need for the IT to be modernised. Whilst mum isn't really capable of using the technology now (despite using computers from the 80s) the limited tech available is invaluable to me BUT it needs to be much better. The lack of joined up data is staggering & causes huge communication issues. Ridiculous as it seems, when mum was last hospitalised , i knew better what tests mum was having than the nurses. There are numerous things the app could do/collect given the capability of smart phones.
I'm totally aware that there are a lot of people out there of my generation who find tech challenging but as time moves on & interfaces improve, along with security, I don't see how we can improve services without it.
As a sub note to all this id just like add that the current culture in hospitals to continually ask you what medical treatment you think you or loved ones should have is difficult. Yes permission should be sought but frankly as I said to a number of doctors, I am not qualified to make that decision, that's your job & to also explain why.
Perhaps the starting point is that we have a National Health Service and we therefore will have a National Health Record. The debate then becomes what are the conditions under which that record is held and what are the protections required that allow the most effective and efficient care but also safeguard the individual's data. The individual is not in the best position to decide what is shared but they should have their record protected from inappropriate access without legitimate need and sanctions for breach of protections may need to be clearer to all.
Use of anonymised information by private companies or researchers should incur a cost for the m ( and a benefit for the health service. Designing a system to do so fairly but without stifling innovation is surely not beyond the wit of man.
I have access to apps run by three different trusts, one for my GP and the NHS app. More than once I have provided information to medical staff caring for me that they could not access. I for one would welcome a National Health Record which gives staff caring for me the most comprehensive information that they need when they need it .
I would also favour a linked national ID card but that may start another debate entirely.... .
I agree with Mike’s suggestions. As a NHS Trust Governor I am dismayed by the fact that first class health data is often poorly managed and inaccessible. Data sumps are pointless. Anonymise and monetarise. Then reinvest in better technology.
There needs to be an option to opt out for those of us who are sceptical of the NHS’s ability to keep personal data private.
I have experienced 2 breaches of data protection law by NHS organisations within the past year. Both caused me significant distress. Both admitted. One caused me considerable financial loss and is the subject of current litigation. During the litigation, the same NHS organisation’s legal department committed (and admitted to) a further data breach.
My experience is that the NHS leaks personal data like a sieve. This could easily be resolved with competent management but is there such a thing in the NHS?
Many organisations have to manage the issues of who may and may not access customers’ records Utility companies do not allow staff to access their own or their family’s accounts for obvious reasons. The police are not allowed to access the police national computer to look up individuals without a good reason - which does not include not liking the look of the daughter’s new boyfriend or a row with a neighbour. So what makes the NHS any different? The key is proper management of the access: clear rules, regular automated checks of who is accessing what and clear sanctions for transgressors.
Sharing anonymised data with researchers is essential for finding new treatments. Is there an argument for non-anonymised data being available? Trusting the NHS to do this well is surely an issue which needs to be addressed. Not helped by GPs making a huge fuss about not recommending that patients should be willing to allow their data to be shared.
This is so true. I worked as radiologist in NHS snd academia for many years. Data protection paranoia has hampered development and patient benefit. Yes, some checks and balances are required but not nihilistic road blocks. Industry partners need access to pseudo-anonymised NHS data at scale to develop new drugs and technologies.
My NHS consultant orthopaedic surgeon couldn't see xrays and mri scan I'd paid for privately when I saw him privately. The nhs did xrays again. MRIwoukdve taken 3 months. So I had to contact the private mri clinic to get the mri scan and report which I then could pass to the surgeon. Even after all that on the day of surgery he didn't have any of this material. Nor had I received any information from the anesthetist which apparently was posted to me. The surgery went well.
My father-in-law recently spent 10 days in a comparatively modernised hospital. In the first ward he was on, after a couple of days, they took my husband’s contact details as next of kin - even after they’d been together at the time of admission. Father-in-law was then moved to another ward a couple of days later, literally the floor above in the same hospital, & somehow in between all the information about next of kin & previous treatments/illness had vanished off the records they had! No hope of getting joined up patient data if they can’t get the basics right within the same building is there?! Having been through this countless times with my own parents, I too am frustrated by the lack of patient data available to those who need it to provide the best care. I also looked at the NHS app recently & it says we can apply to manage a relative’s patient profile with the relevant permission from GP & patient … but only if you share the same GP surgery! Surely there’s only a relative minority of people who could actually make use of such a feature in this day & age. Keep up the good work, Rory! Without your public profile & persistence, our views would go unheard by the decision makers.
It's not paranoia. There are two big elephants in the room:
Consent and the fact a lot of people don't trust the NHS with their data.
The NHS blatantly refuses to ask people for consent to share their data, and makes it difficult to object. And when you do opt-out, the NHS changes the definition of the word 'anonymous' to ignore people's choices.
And there was care.data. And GPDPS or whatever it was called. Both failed because the NHS keeps proving time and time again that it cannot be trusted, and doesn't want patients to have autonomy.
How many thousands of lives could have been saved if the NHS went down the road of consent years ago when sharing became a dream?
Ross Anderson (RIP) wrote a good piece on govt. IT security in 2009 (https://bit.ly/3UgAit4). Ben Goldacre at OpenSAFELY has demostrated how to safely use patient data for research. I'm not clear why the govt (this and prev) don't seem to understand the issues.
As for building a centralised operational db of patient data, this is a much bigger task than I think is appreciated. Much seems to hang on Palantir's technology, which is not aimed at this sort of usecase at all - it doesn't care about (in)consistencies between different systems' view of the world.
The ambition could be interpreted as good, but I far from clear that anybody in govt/civil service/nhs has the faintest idea of what is involved, and so they're unlikely to be able to manage suppliers, change their own processes/systems, etc. And I don't think that they've got anyone in place to tell them this. (I'm for hire if they do want someone who understands the issues).
I was also listening to this interview and immediately penned a note to the Today programme. I wish I could send the screenshot of my message - I can’t, of course - but ended it with these words: “. . . And get Rory Cellan-Jones on to talk about data protection and all things to do with health and IT. He knows.” I hope they do! Everything you say makes so much sense.
Betsy Everett
Investigating and honest reporting of the wider health + technology world is one of the strongest strings to your intellectual bow of curiosity, so thank you for that, and please keep it up.
Ive been a carer to my mum (94) for the last 10 years & she has had numerous falls & health conditions I wholeheartedly agree with need for the IT to be modernised. Whilst mum isn't really capable of using the technology now (despite using computers from the 80s) the limited tech available is invaluable to me BUT it needs to be much better. The lack of joined up data is staggering & causes huge communication issues. Ridiculous as it seems, when mum was last hospitalised , i knew better what tests mum was having than the nurses. There are numerous things the app could do/collect given the capability of smart phones.
I'm totally aware that there are a lot of people out there of my generation who find tech challenging but as time moves on & interfaces improve, along with security, I don't see how we can improve services without it.
As a sub note to all this id just like add that the current culture in hospitals to continually ask you what medical treatment you think you or loved ones should have is difficult. Yes permission should be sought but frankly as I said to a number of doctors, I am not qualified to make that decision, that's your job & to also explain why.
Perhaps the starting point is that we have a National Health Service and we therefore will have a National Health Record. The debate then becomes what are the conditions under which that record is held and what are the protections required that allow the most effective and efficient care but also safeguard the individual's data. The individual is not in the best position to decide what is shared but they should have their record protected from inappropriate access without legitimate need and sanctions for breach of protections may need to be clearer to all.
Use of anonymised information by private companies or researchers should incur a cost for the m ( and a benefit for the health service. Designing a system to do so fairly but without stifling innovation is surely not beyond the wit of man.
I have access to apps run by three different trusts, one for my GP and the NHS app. More than once I have provided information to medical staff caring for me that they could not access. I for one would welcome a National Health Record which gives staff caring for me the most comprehensive information that they need when they need it .
I would also favour a linked national ID card but that may start another debate entirely.... .
"The individual is not in the best position to decide what is shared"
In whose opinion? The information belongs to the patient (or it should do). Other people's opinions (because that is what they are) are just opinions.
Your attitude stinks, belongs in the 1950s, and is why sharing isn't as good as it could be
I agree with Mike’s suggestions. As a NHS Trust Governor I am dismayed by the fact that first class health data is often poorly managed and inaccessible. Data sumps are pointless. Anonymise and monetarise. Then reinvest in better technology.
Completely agree with you, Rory. At last a balanced view rather than one sided hysteria.
There needs to be an option to opt out for those of us who are sceptical of the NHS’s ability to keep personal data private.
I have experienced 2 breaches of data protection law by NHS organisations within the past year. Both caused me significant distress. Both admitted. One caused me considerable financial loss and is the subject of current litigation. During the litigation, the same NHS organisation’s legal department committed (and admitted to) a further data breach.
My experience is that the NHS leaks personal data like a sieve. This could easily be resolved with competent management but is there such a thing in the NHS?
Many organisations have to manage the issues of who may and may not access customers’ records Utility companies do not allow staff to access their own or their family’s accounts for obvious reasons. The police are not allowed to access the police national computer to look up individuals without a good reason - which does not include not liking the look of the daughter’s new boyfriend or a row with a neighbour. So what makes the NHS any different? The key is proper management of the access: clear rules, regular automated checks of who is accessing what and clear sanctions for transgressors.
Sharing anonymised data with researchers is essential for finding new treatments. Is there an argument for non-anonymised data being available? Trusting the NHS to do this well is surely an issue which needs to be addressed. Not helped by GPs making a huge fuss about not recommending that patients should be willing to allow their data to be shared.
This is so true. I worked as radiologist in NHS snd academia for many years. Data protection paranoia has hampered development and patient benefit. Yes, some checks and balances are required but not nihilistic road blocks. Industry partners need access to pseudo-anonymised NHS data at scale to develop new drugs and technologies.
My NHS consultant orthopaedic surgeon couldn't see xrays and mri scan I'd paid for privately when I saw him privately. The nhs did xrays again. MRIwoukdve taken 3 months. So I had to contact the private mri clinic to get the mri scan and report which I then could pass to the surgeon. Even after all that on the day of surgery he didn't have any of this material. Nor had I received any information from the anesthetist which apparently was posted to me. The surgery went well.
Ask any nhs dr about GDPR. That in itself is reason enough never to rejoin the EU.
https://www.bbc.co.uk/sounds/play/p0jz0hqy?partner=uk.co.bbc&origin=share-mobile
My father-in-law recently spent 10 days in a comparatively modernised hospital. In the first ward he was on, after a couple of days, they took my husband’s contact details as next of kin - even after they’d been together at the time of admission. Father-in-law was then moved to another ward a couple of days later, literally the floor above in the same hospital, & somehow in between all the information about next of kin & previous treatments/illness had vanished off the records they had! No hope of getting joined up patient data if they can’t get the basics right within the same building is there?! Having been through this countless times with my own parents, I too am frustrated by the lack of patient data available to those who need it to provide the best care. I also looked at the NHS app recently & it says we can apply to manage a relative’s patient profile with the relevant permission from GP & patient … but only if you share the same GP surgery! Surely there’s only a relative minority of people who could actually make use of such a feature in this day & age. Keep up the good work, Rory! Without your public profile & persistence, our views would go unheard by the decision makers.
Jackie Ford
It's not paranoia. There are two big elephants in the room:
Consent and the fact a lot of people don't trust the NHS with their data.
The NHS blatantly refuses to ask people for consent to share their data, and makes it difficult to object. And when you do opt-out, the NHS changes the definition of the word 'anonymous' to ignore people's choices.
And there was care.data. And GPDPS or whatever it was called. Both failed because the NHS keeps proving time and time again that it cannot be trusted, and doesn't want patients to have autonomy.
How many thousands of lives could have been saved if the NHS went down the road of consent years ago when sharing became a dream?
Totally agree with you Rory. Nothing frustrates me more than medical staff not seeing my records.
My provider in US has a system that allows me to release to outside of system providers/ researchers.
Ross Anderson (RIP) wrote a good piece on govt. IT security in 2009 (https://bit.ly/3UgAit4). Ben Goldacre at OpenSAFELY has demostrated how to safely use patient data for research. I'm not clear why the govt (this and prev) don't seem to understand the issues.
As for building a centralised operational db of patient data, this is a much bigger task than I think is appreciated. Much seems to hang on Palantir's technology, which is not aimed at this sort of usecase at all - it doesn't care about (in)consistencies between different systems' view of the world.
The ambition could be interpreted as good, but I far from clear that anybody in govt/civil service/nhs has the faintest idea of what is involved, and so they're unlikely to be able to manage suppliers, change their own processes/systems, etc. And I don't think that they've got anyone in place to tell them this. (I'm for hire if they do want someone who understands the issues).