Evidence submitted by Breakthrough Breast
Cancer (EPR 32)
1. INTRODUCTION
1.1 Breakthrough welcomes this inquiry into
the electronic patient record and its use. Our memorandum focuses
on the kind of patient information that should be held on the
electronic record systems; who should have access to such electronic
information; patient confidentiality; and how the data held on
the systems should be used for purposes other than the delivery
of care.
2. EXECUTIVE
SUMMARY (RECOMMENDATIONS
FOR ACTION)
2.1 Breakthrough broadly welcomes the development
of any system that will enhance breast cancer services and treatment,
improve the breast cancer patient experience and augment breast
cancer research. It is important that if an electronic records
system is developed, it must be of value for individual health
care and public health. However, the Department of Health should
ensure that patients are not denied the right to decide who may
access particularly sensitive information.
2.2 PCTs and all NHS staff should be supported
by the Department of Health in creating and maintaining systems
to ensure that information held on electronic patent records is
both accurate and up-to-date. Such accuracy is essential to both
safe and effective treatment, and to the validity of research
based on the information stored, and therefore also benefits both
the individual patient and public health as a whole.
2.3 The Department of Health should ensure
that all staff are fully trained in data security and patient
confidentiality, and that all and any access to data takes place
only in specified circumstances. It is important that only healthcare
professionals directly responsible for a patient's care should
have access to the full contents of electronic records, with support
and other staff being granted only access appropriate to their
role.
2.4 The Department of Health should ensure
that any electronic records system established is protected by
the most thorough and up-to-date security hardware and software
available, accompanied by effective systems to both limit the
damage caused by and inform patients of any breaches.
2.5 The Department of Health should permit
the use of anonymised electronic patient data in research, as
a valuable resource that presents no risk to patients. The use
of selected identifiable data should also be permitted, in both
circumstances where express consent has been obtained from the
patient, and where despite every effort such consent cannot be
obtained, but approval by ethics and other regulatory bodies has
been granted.
3. ABOUT BREAKTHROUGH
BREAST CANCER
3.1 Breakthrough Breast Cancer is the UKs
leading breast cancer charity and is committed to fighting breast
cancer through research, campaigning and education. Breakthrough
has established the UK's first dedicated breast cancer research
centre, in order to realise our vision: a future free from
the fear of breast cancer. Breakthrough campaigns for policies
that support breast cancer research and improved services, as
well as promoting breast cancer education and awareness amongst
the general public, policy makers, health professionals and the
media.
3.2 Breakthrough works closely with healthcare
professionals, patient advocates, and researchers. Our memorandum
incorporates the views of Breakthrough and members of its Campaigns
& Advocacy Network (Breakthrough CAN)which is made
up of over 800 individuals and organisations. Many members of
Breakthrough CAN have personal experience of breast cancer as
well as being involved in and working alongside their local NHS
to try to deliver better treatments and services for people affected
by breast cancer and their families. Breakthrough consulted Breakthrough
CAN members, healthcare professionals and breast cancer researchers
in the development of this memorandum and their views are reflected
in its content.
4. What Patient information should be held
on the new local and national electronic record systems, and should
patients be able to prevent their personal data being placed on
these systems?
4.1 Breakthrough broadly welcomes the development
of any system that will enhance breast cancer services and treatment,
improve the breast cancer patient experience and augment breast
cancer research.
"I am all in favour of electronic patient
records as it could help save lives. " Breakthrough CAN
member, Lancashire.
"...when patients are being treated in
hospital the experts need all the necessary information to give
the best diagnosis and treatment. Ideally 100% security of records
is needed. [I] hope that electronic records lead to more accurate
and efficient diagnosis, treatment and research. " Breakthrough
CAN member, East Sussex.
"For the most part I would support the
notion of electronic patient records in that [they] provide (a)
greater continuity of care with all members of the multidisciplinary
care team able to communicate with each other and have instant
access to decisions made by other carers regarding individual
patients. This is particularly important when hospitals are split
over several sites, or where radiotherapy or chemotherapy is held
at a regional centre but the local unit is responsible for local
care; (b) it avoids the issue of notes getting lost in transit
between sites. " Consultant breast care nurse, Hampshire.
4.2 Although we understand that the initial
patient electronic record, or Summary Care Record, will contain
basic information (such as details of allergies, current prescriptions
and reactions to medicines), it is important that the eventual
complete electronic patient record includes all clinically useful
information. For example, past and current medication, significant
past medical problems, diagnostic test results, allergies, general
health and lifestyle information (such as height, weight, smoking,
alcohol consumption) and demographic information, including ethnicity.
Details of any information prescriptions or signposting to further
information and advice that a patient has received should also
be included in their electronic records once this information
scheme has been rolled out.
4.3 It will be important to ensure that
the data held on any patient record is up-to-date and accurate:
"The disadvantage of allowing [electronic]
data to be more widely available is that the information is more
likely to be relied upon in, for example, emergency situations.
At present a GP would be contacted directly and the contents of
the records confirmed or verified. With electronic patient records
this is unlikely to happen." GP, London.
4.4 A balance must be reached when determining
the level of control a patient has over the content of his/her
electronic patient record. Some patients would ideally like to
have the right to prevent their personal information being placed
on an electronic patient records system, although there is recognition
that this could lead to delays in accessing records and treating
such patients. However, it is also important that if an electronic
records system is developed, it must be of value for individual
health care and public health:
"My personal view would be in general
to favour [individual health care and public health] provided
there is no harm done to the patient. The more that individuals
can prevent their data entering, the more the whole system becomes
unusable, particularly for public health, but also for individual
patient care. Thus, I would be in favour of at least some data
being present for everybody, even if there are degrees of detail
that individuals could prevent." Epidemiologist, Surrey
4.5 Breast cancer patients would also like
to see the provision of a "sealed envelope" so that
every patient can determine who should access sensitive information
contained within their electronic record:
"If a patient has medical conditions
or treatments that [they] do not want others to know about they
should be able to have that information kept private and not kept
on the electronic record." Breakthrough CAN member, Lancashire.
"I... have some concerns regarding delicate
information being includedsuch as in-depth psychological
assessment, sexual health etc. But in terms of general
diagnostic information and care necessary for treating the patient
in a multidisciplinary way I support [electronic patient records]."
Consultant breast care nurse, Hampshire.
5. Who should have access to electronic patient
information and under what circumstances?
5.1 Health care professionals directly responsible
for a patient's care should have access to the relevant electronic
health care records. Other staff needing access to a patient's
data, for example medical secretaries or GP receptionists, should
have levels of access appropriate to their role. It is important
that all health care professionals receive adequate training in
data security and patient confidentiality.
5.2 There is concern that the electronic
records will be accessible to parties that do not have an interest
in patient care:
"GPs and hospital doctors only [should
have access]. Not insurance companies, police (without court order),
social services or any other party without express consent."
GP, London.
"No relatives, friends or acquaintances
of patients should have access without prior consent by the patient."
Breakthrough CAN member, Lancashire.
"There needs to be prevention, however,
of outside individuals walking up to hospital computers and being
able to look at other people's records." Epidemiologist,
Surrey.
It is therefore important that electronic patient
records can only be accessed by appropriate parties, under specified
circumstances.
5.3 Breakthrough CAN members and health
care professionals have told us that they would prefer a simple
system where all patient data (apart from that in the "sealed
envelope") can be shared by relevant clinical staff, unless
a patient chooses not to have an electronic record. A system that
requires patient consent each time an electronic record is shared
is likely to be complex and cumbersome:
"...this would seem impractical and could
lead to mistakes. I think patients do not need to have the right
to choose who has access to information if it is only [clinical]
staff with that right." Breakthrough CAN member, East
Sussex.
"...the administration of this might
be impossibly complicated and if that is the case it would be
better to have a simple opt in or opt out system only. "
GP, London
"With regard to whether patients should
be able to control who has access to [their record], I think that
clinically it would be too complex if each record had different
access provisions... so there should be reasonable... provisions
that allow access by relevant clinical care staff. "
Epidemiologist, Surrey
6. Will patient confidentiality be adequately
protected?
6.1 No computer system is entirely immune
to hacking and both Breakthrough CAN members and health care professionals
are extremely concerned that an electronic patient records system
will be vulnerable to security breaches:
"Confidentiality will probably not be
as good as when all records were paper and locked in the records
office. But hopefully the benefits of clearer and quicker to access
records will outweigh this potential disadvantage. "
Breakthrough CAN member, East Sussex.
"I feel that there is a potential of
people's medical history being cloned and false identities being
easily created. " Breakthrough CAN member, Hampshire.
"I think the NHS electronic record system
is open to widespread breaches of confidentiality. The system
is in no way secure and there are far too many people with the
potential to access records far too easily. " GP, London.
"The only concerns I have are in relation
to confidentiality and access... mechanisms should be in place
to protect individuals from potential invasion of privacy."
Consultant breast care nurse, Hampshire.
6.2 If an electronic records system is established,
it is essential that it is protected by the most rigorous security
software and hardware possible. All security measures must be
kept up-to-date and provisions must be in place inform patients
and their clinicians if the security system is breached and to
limit any potential harm this may cause the patient.
7. How should data held on the new system
be used for purposes other than the delivery of care?
7.1 Breakthrough CAN members have told Breakthrough
that they support valid research to enhance breast cancer services
and treatments, improve patients' quality of life and investigate
the causes of breast cancer. Some health care professionals and
Breakthrough CAN members feel that if the electronic data is to
be used in research without the express consent of the patient,
all identifying information should be removed:
"...as far a[s] cancer is concerned all
research is good and therefore information should be available
for medical research... without the patient being identified."
Breakthrough CAN member, East Sussex.
7.2 Health care professionals and scientists
that undertake breast cancer research agree that anonymised patient
data is an extremely valuable resource:
"Provided no harm is done to the individual,
I favour the Scandinavian assumption that individuals owe it to
society to some extent to allow their data to be used for a public
health benefit... For anonymised data there is no possible harm
to the individuals, so I think individuals should not have to
consent [to] anonymised uses. " Epidemiologist, Surrey.
7.3 However, in some research studies it
may be necessary to include selected identifiable patient data
and it may not always be possible to obtain the express consent
of every patient involved, especially in large scale studies.
While Breakthrough believes that every effort should be made to
obtain patient consent for such research, if this is not possible
and the research is deemed suitably important, identifiable patient
data should be used without consent as long as the research has
the approval of an ethics committee, the relevant Caldicott Guardians[33]
and bodies such as PIAG[34]:
"Your information will go to the cancer
registry without your permission. Relatives cannot change what
goes in the death certificate.
Research is done in all these areas, and some
has been very beneficial to the health of the nation."
Genetic oncologist, London.
"If active consent was required, then
large scale research would become very difficult, and potentially
selected and hence biased, which would seriously damage the validity
and hence value of doing the studies... For identifiable data,
I think ethics committees should decide whether there could potentially
be harm, and whether, on a case-by-case basis, individual consent
is required. " Epidemiologist, Surrey.
Vicki Nash
Breakthrough Breast Cancer
15 March 2007
33 Since 1999, each NHS Trust has had to appoint a
senior member of staff to act as a Caldicott Guardian, responsible
for overseeing the use of personal health data and ensuring that
patients' rights to confidentiality are respected. Back
34
Patient Information Advisory Group (PIAG). This body was established
by the Health and Social Care Act 2001 (England and Wales) to
advise the Secretary of State for Health about when patient consent
can be set aside and under what circumstances. Back
|