| Previous Section | Index | Home Page |
21 Feb 2008 : Column 171WH—continued
My right hon. Friend also asked what sanctions have been taken in relation to breaches of data security or in cases where people who were not authorised to do so have accessed patient data. In response to the latter question, I am sure that he will be aware that disciplinary action is taken at a local level. We do not collect details centrally about action taken against people who have
accessed patient data without the right authorisation. However, we are aware of the case of a GP who was referred to the General Medical Council for inappropriate browsing of records. We do not know the outcome of that case.
We will check with the Information Commissioner about any actions taken against the NHS, but I will say that we are not aware of any actions by the commissioner against the NHS in 2006-07. Out of 14 actions that the commissioner took against public sector organisations in that period, none were against health service organisations. We have very good relations and regular contact with the commissioner, and that fact would seem to indicate that he is pretty content with the security of NHS records so far. However, as I said before, that does not mean to say that we are complacent on this issue, and we will stay in very close touch with the commissioner throughout the roll-out of IT in the NHS.
Mr. Barron: Does the Department keep records of actions that employers have taken against employees in relation to breaches of data security?
Mr. Bradshaw: We do not keep records of any actions taken locally. Such breaches of security are matters for local health management.
Mr. Barron: So the Department does not keep any such records. If it did, we would know that actions have been taken against individuals in response to the allegations that were put to me in the letter that I read out earlier—allegations that individuals share data with people with whom they should not be sharing.
Mr. Bradshaw: No, we do not keep records on such individual cases. If we were required to be informed of every single small piece of disciplinary activity that was taken in the whole of the health service or minor breaches of data security, it would not only overwhelm the Department but the health service itself. However, there is a requirement on the health service locally to inform strategic health authorities of serious breaches of data security. Indeed, that is how a number of breaches recently came to light—most of them had already been in the public domain for some time, but they were only publicised more widely because of the recent interest in this subject following the data issues with Revenue and Customs.
Moving on to the issues raised by the hon. Member for Wyre Forest (Dr. Taylor), he wanted more detail about how the IT roll-out was going. I can tell him that five out of the six primary care trusts involved have started informing the public. They are Bolton, Bury, Dorset, South Birmingham and Bradford and Airedale. As of 3 February, 26 GP practices had gone live with the summary care record, and more than 153,000 patients’ clinical records had been updated to form summary care records. A public information programme is in place in all the early adopter sites to inform people about the changes and the decisions that they may make regarding their records. As I have already said, public reaction has been very favourable, with only 0.64 per cent. of patients asked choosing to exercise their right to opt out.
The hon. Member for Wyre Forest asked about Bolton PCT in particular. It has issued 270,000 letters to patients, and 0.9 per cent. of the patients who were asked opted out of having their summary care record uploaded. Some 94,000 records have been created on the NHS national care records spine. Three or four unscheduled care settings can view the summary care records. Two of them are the accident and emergency department and the walk-in centre, and there is also the GP out-of-hours service, so good progress has been made there.
Jeremy Wright: Is the Minister not concerned about the point that the hon. Member for Romsey and I have made about the late arrival of the sealed envelope technology? He has just referred to a large number of patients who are now having their details put on to a summary care record. None of those patients currently have the opportunity to restrict access to any information that is there by implied consent, because the sealed envelope technology is not yet available. Is that not a serious concern?
Mr. Bradshaw: No, it is not, for reasons that I will come on to a little later, when I respond to the points that the hon. Gentleman has made about sealed envelopes.
The hon. Member for Wyre Forest also said that he would like the whole IT roll-out to happen more quickly. We share that desire, but at the same time we accept the recommendations of the Committee that there needs to be a staged and cautious approach to the roll-out, for the reasons outlined in both the Committee’s report and our response.
As I have said, just because we did not say yes to all the recommendations and non-recommendations in the Committee’s report, it does not mean that we did not support a lot of the statements—the hon. Member for Wyre Forest has referred to them as “commendations”. In particular, he specifically drew attention to paragraph 42.6, which is about support for the public. A great deal of work has gone on at local level in the early adopter sites in promoting local newspaper coverage and engagement with both the public and clinicians. If the Committee were to revisit those early adopter sites some time down the line, I think that they would find that that work has been very beneficial.
On the reasons for the delays with the summary care record, it was important that we tested and piloted it, because it is important that we evaluate it before we roll it out nationally. I agree with the hon. Member for Wyre Forest that we should keep the page simple and not make it more complicated—earlier, it was suggested that we would make it more complicated, but we will not do so.
The hon. Gentleman asked how the transfer of electronic communication between GP practices is working, and I have been informed that 3,500 out of 8,400 practices are using it. There are two basic systems, and they are working well. However, several practices use other software supply systems, and they are still in testing and production. There has been some delay there, which may be one reason why some of his colleagues to whom he has spoken are happy with it, while others are not.
The hon. Gentleman asked about the progress with Cerner. The initial release is live in eight hospitals in the south and three hospitals in London. The next hospital
in the south is due to be Bath in May; the next hospital in London will be Barts, which is due in the next two weeks.
The hon. Gentleman and another hon. Member asked about the progress of Lorenzo. The first implementation of release 1 is due in June this year in Morecambe Bay, South Birmingham and Bradford. In the past four years, the programme in the north midlands and the east has introduced about 70 upgrades to existing hospital systems while Lorenzo was being developed. A Lorenzo demonstration will be available in Westminster in March, hosted by the Parliamentary Information Technology Committee, and I invite Health Committee members to attend, if they are interested.
The hon. Gentleman has challenged us to be more bullish about the benefits, which is quite difficult for us to do. We try, but the evidence base for the benefits is only just emerging, so it will be some time before we manage to satisfy the sceptics. However, we will work hard on that, particularly on confidentiality. On publicity, a great deal has been done in the early adopter areas, and it has been very successful.
On the comparisons with the French model, I hope that Committee members acknowledge the fundamental difference between the French and British health care systems, which we point to in our response to the Committee’s recommendation. On the positive elements of the French system, which the hon. Member for Romsey and others have highlighted, we are providing patients with absolute control of their summary care through HealthSpace. Several hon. Members asked whether that will mean that their record will be transmissible across boundaries. Yes, they will be able to see their own summary care record via internet access, and they will be able to challenge and correct any errors. Also, because it will be available through the internet, if a patient falls ill abroad, they will be able to make the summary care record available to someone who is treating them. The French system apparently cannot do that, so in many ways the British system is actually better than the French one.
Sandra Gidley: We were told that the French system can be used in other places. On HealthSpace, some concerns have been raised that individuals do not have direct access. They can see what is written about them, challenge it and suggest changes, but they do not have any direct power, and the changes that they suggest may not necessarily be made. Will the Minister clarify the situation?
Mr. Bradshaw: The hon. Lady is right in terms of phase 1, but the ambition is that patients will be able to change and control the information themselves when the system is bedded down.
The hon. Lady has asked about local ownership. Again, I do not want to read out the Government response, but the hon. Member for Southport (Dr. Pugh) summarised very well the tension between the need to save £6.4 billion through national procurement, and the need for local solutions, particularly when it comes to staff and clinical engagement, nurse and staff training and some of the concerns and issues raised by my hon. Friend the Member for Staffordshire, Moorlands and by the Royal College of Nursing in its briefing. As I have said, central procurement has enabled the needs of
the NHS to be aggregated to get best value. Ovum, the IT industry analyst, carried out a detailed study in 2006, and it calculated that central procurement has saved £4.5 billion, compared with the cost if the same solutions had been procured locally.
Health care IT involves a reasonably standard process, but it is applied differently in different care settings. GP IT systems have been in place since the early 1990s, and they carry out the same functions. Hospital IT systems are much more complex and interface with between 20 and 40 separate systems such as pathology, maternity and other “ologies”. Local systems therefore need to be integrated if the aim of making patient information available at the point of need is to work. That is why we have to get the balance right between a national approach with a national architecture, and control at the local level. We have responded positively to the recommendations of the Committee on that.
There was a question from the hon. Member for Romsey about the research capability programme. The new programme was established in 2007. It was initiated by the Department of Health director general of research in collaboration with the research community, and, after consultation, the chairman of the committee has now been appointed as has a programme director. The programme aims to attain anonymised data for research. It will provide the largest epidemiological database in the world, which will be hugely valuable.
The hon. Lady’s final question was on the departure of Richard Granger, and I can confirm that he left on 31 January. To our knowledge, it is not true that he has gone to run the Beijing congestion charge scheme, but I will research that point with some interest. On the terms of his departure, he was a civil servant, so he will have been subject to the rules usually applied by Cabinet Office, which is normally to serve three months’ notice. I hope that that is helpful to the hon. Lady.
Turning to the points raised by the hon. Member for Rugby and Kenilworth, first, I am interested to learn that the review that the hon. Member for Eddisbury (Mr. O'Brien) promised us at the time of the Opposition debate back in June was indeed launched then, and we look forward to reading the results with great interest. However, I am informed by my officials that there is no indication that any individuals who have detailed knowledge of the area have yet been interviewed, but I am sure that they will be in due course.
Jeremy Wright: If that is so, the Minister has a perfect opportunity to join the review.
Mr. Bradshaw: I am sure that if his party wanted to interview any of the officials in my Department or the experts involved, those people would be only too happy to oblige. Perhaps we can involve some members of the Select Committee as well in helping with the review. If his party were to publish their progress, I am sure that we would all comment on the review’s remit and so on.
The hon. Gentleman has asked about the patient demographic service. Yes, it does have an audit trail. It is available to the privacy officer, and it can be requested by a patient or their privacy officer—the so-called Caldicott guardian, a concept of which he will be aware.
The hon. Gentleman has also asked about the patient’s ability to block out the giving of information about particular prescriptions. He mentioned antiretrovirals, but I am informed that GPs do not prescribe those. However, we are progressing with a core dataset of all drugs and allergies to be evaluated. We recommend that patients choose not to share such information routinely, but to give consent to its being viewed in such circumstances.
The hon. Member for South Norfolk has mentioned the cost of the procurement of the overall original IT project, and I refer him to the NAO report of June 2006. The Public Accounts Committee’s recommendations were slightly at variance with that, but the report was very positive. John Oughton, the chief executive of the Office of Government Commerce, said in his submission to the PAC that he thought that the procurement process for Connecting for Health was exemplary: it was run to a tight and rapid time scale; it started when it was intended to start; it was completed when intended; and it produced a very good result. He said:
“I do not think that any of the suppliers were disadvantaged in that process.”
That procurement was supported by a 900-page output-based specification that informed suppliers about exactly what was required. The shortlist of suppliers also provided proof-of-concept prototypes to demonstrate that they understood the requirement. That point has also been mentioned by the hon. Member for Southport.
We have had a constructive and measured debate, and I hope that I have answered most of the questions asked by hon. Members.
Jeremy Wright: The Minister has not dealt with my point about the potential for sharing information on the NHS database across Government. He will recognise that that is of concern to a great many people who may be prepared to supply the information to the NHS, but may be concerned about which other Departments might use that information and for what purpose. What intentions, if any, do the Government have in respect of sharing that information across Departments?
Mr. Bradshaw: I will write to the hon. Gentleman to clarify that. However, I am not aware of any suggestion that the NHS would be sharing such information across Departments. As I said in my opening remarks, the privacy and data protection rules in the NHS data system are far higher, because of the nature of the material involved. I am advised that the only area in which there may be an exception to that is the child index. However, I will write to the hon. Gentleman with more detail about that, because there may be good reasons for it.
We have had a good debate. Most hon. Members accept that for far too long the NHS has operated with a disparate paper base in a fragmented system. The consequences of that were inefficiency and avoidable clinical risk. Up to 10 per cent. of appointments were not attended, and around 1,200 people died every year as a result of medication errors. Some 5,000 patient procedures a year were cancelled because of lost X-ray films and paper records for patients that were manually maintained and held at a cost to the NHS of about £120 million a year. The huge investment that the
Government have put into the NHS has enabled not only the recruitment of record numbers of clinicians, but the rebuilding of the NHS estate, the roll-out of new IT systems and the long-overdue modernisation of the health service.
The health service is moving from being an organisation with fragmented or incomplete information systems to a position where national systems are integrated, record keeping is digital, patients have unprecedented access to their personal health records and health professionals will have the right information at the right time about the right patient. As the Health Committee has recognised in its report, the roll-out of new IT systems will save time and money for the NHS and staff, save lives and improve patient care.
5.24 pm
Mr. Barron: Both the hon. Member for Wyre Forest and my hon. Friend the Member for Staffordshire, Moorlands mentioned the Royal College of Nurses and the electronic record system. The hon. Member for Wyre Forest spoke about the RCN’s engagement with the system, including training. I agree that the RCN should have been involved; it is an integral part of care in the NHS.
My hon. Friend the Member for Staffordshire, Moorlands also made a telling point. I think she said that two thirds of nurses said that they did not think that the system would be any better than it is now in terms of confidentiality.
Charlotte Atkins: It is 30 per cent.
Mr. Barron: Sorry. That is in respect of current paper record access. The telling phrase that my hon. Friend used was that people leave no calling card when they look at a paper record, but in this system they would leave a calling card if they looked at somebody's records but should not have done so. That system is audited and traceable and, hopefully, although my hon. Friend says that records are not kept centrally, we can all ask our strategic health authorities what action is being taken by employers in respect of employees and breach of confidentiality. I have no doubt that such things may have been going off for many years in GP practices, perhaps with other people—not GPs, I should add—looking at records of somebody who lives up the street. By the way, I did not say that cleaners have access to the system in GPs’ surgeries; I said that six administrators had access, alongside the five GPs. We have to deal with such issues in any human system like this, be it in health care or other sector.
“Those that are using EPRs are generally more favourable towards it than those who have not. This achievement requires greater investment in the engagement and education of nurses.”
Clinicians who have engaged with the system from the early years are a lot more involved and want it to happen more than those who have been sitting on the side and have not been brought on board, for whatever reason.
| Next Section | Index | Home Page |