Select Committee on Health Written Evidence

Evidence submitted by the Royal College of Surgeons of England (EPR 26)


  The Patient Liaison Group at the Royal College of Surgeons of England has been monitoring the progress of this initiative, and their representative attended the Care Record Development Board Annual Conference in November 2005, which afforded the opportunity to ask questions. The impression taken away from this Conference was distinctly that of a project not sufficiently thought through from the beginning. Issues which should have been developed long before the project commenced were being dealt with as and when they arose, leaving all stakeholders uncertain about many issues. Such questions as how the use of the patient records would be shared with private medical care, and whether confidentiality clauses would have to be built into individual contracts of employment in the private medical sector remained unanswered, with the proviso that this was work which had yet to be developed. These are fairly basic considerations for a project of this kind. The Patient Liaison Group holds the view that the uncertainties revealed from the Annual Conference demonstrate a project which was not sufficiently piloted before large sums of money were engaged in the project. A more prudent and measured investigation should have been allowed to reveal the potential difficulties in a project of this magnitude.

  Whilst the benefits of an electronic patient record are generally accepted, this was an overly ambitious project untested anywhere else in the world. The haste with which the project was launched did not appear to consider whether the national record justified such expenditure or whether a more modest upgrade of existing local IT systems would not have delivered the same benefits.

  The conclusions of the Ministerial Taskforce on the Summary Care Record made recommendations retrospectively, which should have been part of the initial Project Plan. These include point 2 which states that problems, faults and practicalities are resolved before the system becomes widely available. Point 4 which recommends producing standards for good electronic patient summaries in general practice is again work which should have formed part of the early pre-project planning phase. Point 6 shows that a training package is only latterly being considered.

  We are very surprised that an independent IT agency or some other form of external expertise was not used to monitor the progress of the private firms undertaking the work, so that it could report back to the Care Record Board with early problems and to keep track of expenditure. The project suffered from the division between those who had some understanding of the IT systems side of the project and the project directors who appear to have no understanding of this, and had to rely on the IT firms without any means of auditing them. The lack of scrutiny in a project of this size appears to break the basic rules of project management. When contracts were agreed with the IT providers, there appears to have been laxity in allowing overspends to occur and no strictly fixed budget or one with slight flexibility was negotiated at the outset.

  The failure to engage clinicians in the NHS in the Project was another error and many GPs appear openly hostile to the system, coming at the same time as the disruption of Choose and Book.

  There have been so many reported problems that public confidence in the ability to deliver a safe and confidential system has now been shattered. It is therefore very important that patients are reassured with practical examples of how the record will operate to assure the confidentiality of their records.

  Our conclusions are inferred from our own experience when engaging with the Care Record Development Board Conference and the inadequacy of their ability to give clear direction when questioned. An idealised vision of the outcome and benefits of the care record appears to have been at the expense of practical delivery. However, we refer to the major criticisms of the Dossier of Concerns dated 2 February 2007 by 23 academics, who refer to poor project management and failure to pilot. Whilst we have been tracking the Project at some distance, our observations concur with this Report.

  The lack of easily-accessible public information about the electronic record is concerning. Any individual wanting to find internet information needs to know where to look—a simple Google search does help—and even then it is difficult or impossible to find up-to-date or helpful information. The Connecting for Health or Department of Health websites need a section for the public which gives a clear history of the project, planned delivery dates, issues that have been raised and links to key proposal and review documents.

  The Patient Liaison Group, based on a member's personal experiences, has concerns about the accuracy of the information that is being put on the record and, in the clinical setting, the ability of trainee doctors to interpret and use the information. Therefore in addition to checking and confirming a patient's ID, their past history be checked with the patient or their representative as far as possible.


  Membership is made up of 12 lay people and six surgeons, with two other ex officio surgeons. The lay chair is an invited member of College Council. The Group has a full-time administrator funded by the College, access to advice from other College staff and is able to link with the President as required. Lay members are recruited nationally via the press and formal interview. They have direct extensive experience of being surgical patients, family carers of surgical patients and/or membership of patient organisations. Maximum membership of five years ensures regular new members but is long enough for members to develop extensive knowledge of College work and of health policy.

  Lay members represent the Group on approximately 35 other committees and working parties, inside and outside the College. The Group is strongly supported by its surgical members who provide extra insight into the NHS and advice. The Group frequently responds to consultation documents, both under its own name and as contributions to College responses. It develops some of its own work to further its aims, for example a review of research into communication skills and a forthcoming guide to help surgeons improve their patients' journeys. It belongs to and works with the Patient Liaison Group of the Academy of Medical Royal Colleges. It produces a bi-annual newsletter as an information link and source of feedback between the Group, patients and the College membership.


What patient information will be held on the new local and national electronic record systems, including whether patients may prevent their personal data being place on the systems

  1.  Patients may not wish certain illnesses to be on the spine, but difficult decisions and rules will need to be made where the disclosure of certain conditions will be necessary to protect healthcare workers, in the event that they care for the patient in an emergency situation. This would include perhaps HIV status and mental health status, where the patient might pose a risk to staff. Some of these sensitive diagnoses might also need to be included as they would affect possible medications which could be given in an emergency.

  2.  The "sealed envelope' had not been fully thought through at the Conference in 2005. Page 6 of the 2005 Care Record Review Document states that "there will be limits to a person's ability to reduce their participation. They will not be able to restrict entries when to do so would put others in danger or put public health at risk. For example, an accurately recorded history of violence towards health workers would be included in both the Detailed Care Record and the Summary Care Record regardless of the person's wishes'. However, patients can opt out of the electronic record system, and, in these circumstances, an alert would record that there was missing data. It would be up to the person to agree to share the information with the healthcare professional treating them. This appears contradictory if the system is to protect healthcare workers. Full, or at least fuller, development of the sealed envelope by now would have enabled more confidence in the confidentiality and effectiveness of the whole system.

  3.  Information is to be stored anonymously using an NHS number, and there is potential for errors. Where some communities share the same surname, the use of electronic access to records must not substitute the additional check of confirming the identity of the patient who presents for treatment.

Who will have access to locally and nationally held information and under what circumstances

  4.  It is stated that those accessing a patient's records must have a "legitimate relationship' with them which means they are directly involved in the care of the patient. Another problem which emerged at the Conference was the issue of patients being moved around the hospital to other wards, who then took over the legitimate relationship or of tests arriving at the old department which the patient had just left.

  5.  The NHS Connecting for Health Shared Care Record Review Document—Revised Version for Discussion released on 29 July 2005 was suitably vague on the use of the Record by other agencies, stating on pagg 3 that: "However, for more complex care, it will sometimes be necessary for several organisations to access all or parts of each other's contributions to the Detailed Care Record and perform other functions that are made easier by shared access to the Detailed Care Record such as ordering tests. This wider access will require explicit consent at first; in time it may be agreed that some such access can be implicit." This is typical of the vagueness of language which tells stakeholders nothing of what might actually be envisaged.

  6.  It is to be noted that the above document at 4 2.2. states that the summary care record may include components from a dental practice and so on. There is also mention of input from an optician, where early signs of eye disease were detected. This latter input seems inappropriate as they should refer the patient to a GP and onward to an Eye Clinic if they suspect eye disease.

  7.  There will always be concerns that governments will grant access to electronic data to bodies other than those originally intended to have it, and that databases store data they don't necessarily need. There should be stronger reassurances and liaison with the public and a body which represents the public's interests so that use of information is agreed to. Individual permission must be sought from members of the public if data is to be shared for example with insurance companies, but also use of anonymised group data, or traceable group data, must be agreed by a group representing and accountable to the public, and must follow legal process.

Whether patient confidentiality can be adequately protected

  8.  Whilst the Care Record Guarantee Document gives broad statements in safeguarding patient privacy and confidentiality, it remains a theoretical document.

  9.  When attending the Care Record Development Board Annual Conference in 2005, it was noted that confidentiality, privacy and security were issues of importance to patient representatives in attendance. However, there were no practical demonstrations of how this might be assured in the working environment. No demonstrations were given by IT experts. Participants were assured that the firewall and audit trails for misuse were in place. This was not convincing and we had to take this on faith with our questions remaining unanswered. Confidence has now been eroded to such an extent that the onus lies on the Care Record to prove itself a safe and confidential system of holding and exchanging information on patients.

  10.  The use of a smartcard by healthcare staff with chip and pin and personal identification number appears to have no safeguards which would prevent the sharing of cards and security codes between staff in a busy department. The audit trail (Caldicott Guardian) would not be able to identify misuse by this means where a card was shared between individuals. The July 2005 Care Record Review Document Page 5 states that "although there has been considerable work in this area already, there needs to be further work in order to define more clearly who will be able to see what." Recent press reports of healthcare staff sharing computer logins for access to patient data are disturbing and undermine confidence. There is no point in having levels of access for different staff, sealed envelopes and audit trails if logins are shared.

  11.  A National Information Governance Board was launched in December 2006 to look at the quality of information governance and give advice on confidentiality and security of patient information. Again, this should have been dealt with much earlier in the project.

How data held on the new systems can and should be used for purposes other than the delivery of care eg clinical research; and

  12.  The Patient Record does allow great opportunity for the accumulation for research purposes of anonymised patient data on medication use etc. Anonymised data should be used without the need to gain permission from patients. However, if research is not anonymised, then patients should give permission for disclosure by the process of informed consent. An audit trail should be in place for data extraction and retention for research purposes.

  13.  The records also have a role in tracking public health issues and alerting doctors and patients to forthcoming vaccination and test dates.

  14.  Please see concerns raised in paragraph 7.

Current progress on the development of the NHS Care Records Service and the National Data Spine and why delivery of the new systems is up to two years behind schedule

  15.  There are many issues which remain underdeveloped as this project progresses. The summary care record or spine will be in text and then transferred over to codes. There may be problems with codes in their ability to be interpreted in the same way by differing healthcare professionals. They may also not reflect the complexities of clinical information. This was discussed but no resolutions proposed at the Conference. It may be that time has been spent in resolving this problem?

  The examples used always refer to the positive aspects of the Care Record for particular patients, and not where difficulties might arise.

  16.  At the Conference in 2005 questions on the impact of system failure were brushed aside with assurances that there was a good backup system. We can only wonder why stakeholders were not given more detailed explanations of the back-up system, and whether the project leads might have taken the assurances of the IT companies on this issue at face value.

  17.  Training issues for the input and use of the system must have slowed up the project. The record will only be as good as those who input the information accurately. We would pose the question as to whether this aspect of the project was sufficiently addressed and planned earlier on in the project, in the light of the data loss which has occurred.

  18.  The core question appears to focus on the supervision and monitoring of the ability of the IT companies to deliver so complex a system.

  19.  The delivery of the system is now dependent upon publication to the public of their right to view their record. If patients take no action in this regard, it will be assumed that implicit consent has been given for their details to be held on the spine and detailed record. This is a worrying precedent for all issues of consent with regard to the holding of data on an individual. We also wonder whether, in fact, assent by inaction is giving valid informed consent as the patient needs to be fully informed. Some patients may be abroad or miss the publicity announcements. We would like our concern to be noted.

Liz Symonds

Chairman, Patient Liaison Group,

Royal College of Surgeons of England

15 March 2007

previous page contents next page

House of Commons home page Parliament home page House of Lords home page search page enquiries index

© Parliamentary copyright 2007
Prepared 25 April 2007