Select Committee on Home Affairs Minutes of Evidence


Examination of Witnesses (Questions 326 - 339)

TUESDAY 20 NOVEMBER 2007

MR RICHARD JEAVONS, MR TIM WRIGHT, DR STEPHEN HICKEY AND MR STEVE BURTON

  Q326  Chairman: Mr Burton, Dr Hickey, Mr Jeavons, Mr Wright, thank you very much for coming to give evidence. This is obviously going to be a busy session and we have four witnesses from different Departments. What I thought would be helpful is if we could address our questions to each one of you. If there is a burning issue that you need to chip in on if you could do so quickly because I hope to end this session at about 12 o'clock. May I begin by asking Mr Jeavons the first question concerning the Department of Health taking the lead in government on these issues; what exactly does that mean?

  Mr Jeavons: I think the Department has taken a very long and strong interest in the matter of confidentiality and the protection of patients' interests with regard to information, and necessarily so because without public confidence in how information about patients is managed we risk losing one of the fundamental tenets of how the NHS can operate. With the introduction of the National Programme for IT in 2002, clearly the need to examine further how information governance policy and practice is delivered in the NHS became even more important, and a steady stream of activity since then has strengthened our position. I think it is a combination of the fact that this is so important to the effective delivery of patient care and the introduction of the National Programme for IT means that we have had to seek to try and raise our game continuously over the last few years.

  Q327  Chairman: What processes do you use in your Department to deal with breaches of security, in particular where errors have been found in records? How quickly are they corrected and how effectively do you deal with new processes in ensuring that those records are not defective?

  Mr Jeavons: Most patient records are not held in the Department; they are held in the individual NHS organisations, and the responsibility for information governance rests firmly with individual NHS organisations as part of their statutory responsibilities. We provide guidance and policy on dealing with information governance and dealing with potential breaches. I can give you examples of where the NHS has acted to deal with breaches that have come to their attention, and usually (and having a run an NHS organisation myself I can testify to this) this follows a formal disciplinary process because it inevitably involves individual members of staff.

  Q328  Chairman: How will the National Information Governance Board go about adopting and maintaining high standards?

  Mr Jeavons: The National Information Governance Board came into being on 1 October. We are hoping through the Health Bill to give it a statutory basis. This will effectively require every NHS organisation under its remit to provide an annual report on its information governance, it will review policy and practice and make recommendations on improving them, and it will report its findings to the Secretary of State on an annual basis, so it is an extremely high-level and visible statement of the accountability for information governance and it is directly connected both to policy and into practice in the NHS.

  Chairman: Ann Cryer?

  Q329  Mrs Cryer: Richard, could you tell us what strategies the Department of Health will be using to ensure that patients are able to make informed choices about how their information is held and stored?

  Mr Jeavons: Yes. The responsibility for ensuring that patients are reasonably well-informed exists already. It pre-existed the National Programme for IT. The route we have gone down is to reinforce and to clarify the responsibilities of individual organisations. If I give you a specific example, in last year's Operating Framework, which is the annual statement of what the NHS should do in its plans in the coming year, we gave an absolutely explicitly steer to NHS organisations about reviewing their information governance position and being able to answer simple questions that patients might ask them should they be approached. That would be an example of how we are really trying to make a very high-profile but very practical focus at the top of organisations for their responsibilities. Another example is public information programmes. We encourage and support the NHS when they are considering changing the use of information to improve patient care to run public information programmes to ensure that their population has the opportunity to engage in a discussion. For example, the Summary Care Record early adopter programmes in Bolton and Bury would be examples of what we are doing, and we are evaluating those. You can always do these things better: you can learn from Scotland, you can learn from Hampshire, you can learn from places that have done things, so it is a continuous process. We have methods that we are trying and evaluating and we are encouraging the NHS to do that as well.

  Q330  Mrs Cryer: Just to dig a bit further, can you tell us what sort of support and help will be available to clinicians as they give advice on patient choice and consent?

  Mr Jeavons: To go into the Summary Care Record early adopters, which is the most vibrant and real example at the moment, we are running a public information programme which involves a personalised letter to every person over 16. Those are backed up with access to an NHS Direct helpline. When people phone in, the staff in NHS Direct have been trained and given tools to help them answer the questions effectively. We are running information booths where patients can book to meet people in their practices and health centres. The staff who are providing the advice there are trained and we have provided an e-portal of training materials for general practitioners to use as well. To be fair, we are not at the stage where a lot of general practitioners are directly engaged with their patients in these discussions but that is coming in the next few months.

  Q331  Mrs Cryer: Therefore how will the Department of Health, just to take it further, interact with the National Information Governance Board as it seeks to "be ever watchful and in touch with public perceptions"?

  Mr Jeavons: The National Information Governance Board will produce an annual report to the Secretary of State. It will have a statutory basis. It will seek advice and accept views from anybody who wishes to approach it, so it will operate in a very open way. When it thinks it has got a set of questions it will seek, directly from the Department of Health's Information Governance Policy and related advice, to answer the questions and try to reach conclusions. In a sense, we have aligned the information governance capability and advice and policy support behind the Information Governance Board's roles and responsibilities, but it has to retain a strong element of independence.

  Q332  Mrs Cryer: So if I can just be informed and ask; whilst witnesses in our inquiry spoke of the use of patient information for research purposes as an example of one of the benefits of "surveillance", they also identified "a climate of suspicion" around the use of patient information for research purposes. Therefore what steps is the Department of Health taking to tackle concerns about the security of information used in this way?

  Mr Jeavons: Most recently we have had two quite major joint pieces of work which are now guiding what we are doing. Those pieces of work are the Joint Report with the UKCRC that was commissioned, which Ian Diamond led for us, and the recommendations of that were accepted, and the Boyd Report, which was commissioned by the predecessor of the National Information Governance Board, and again the recommendations were accepted. Those two reports made a number of recommendations about what needed to be done to bring greater clarity, to reduce ambiguity, and to sustain and develop confidence in the area you are asking the questions about. In response to that, we have established a research capability programme which has a work plan to work through those recommendations. Anonymisation and pseudonymisation techniques were raised as issues and we are reviewing those. We have looked at the current use and we have done an audit of the current use of some of the information in order to test whether we think the current practice is fit for purpose and is being sustained. We have a number of activities over the next 12 months which are aimed to respond and deal with those recommendations.

  Q333  Mrs Cryer: Just to dig a bit further and to refer to another select committee, the Health Select Committee apparently did a recent report on the Electronic Patient Record which registered concern about governance arrangements for the use of patient information for research purposes. The Secondary Uses Working Group has made recommendations on this aspect of the development of NHS care records. Are you able to give an indication of how the Department is taking these recommendations forward?

  Mr Jeavons: I think those recommendations are in the Boyd Report that I have referred to, and the National Information Governance Board have already agreed that they will ask the Department to demonstrate that they have delivered against those recommendations and those recommendations are being actioned through the research capability programme.

  Mrs Cryer: Right, thank you.

  Q334  Margaret Moran: It sounds as if it is all going terribly well when we know it is not. Just look at Computer Weekly's history on this subject and you can tell that is not the case. I have two questions. One of the issues around data-sharing is that even if you get the technology right, the problem is access by people and the use or misuse of data in that way. Given that there was not apparently a buy-in from front-line staff and there was not even proper consultation of front-line staff at the outset of this programme, how confident are you that there will not be breaches of data and confidentiality and privacy as a result of that?

  Mr Jeavons: You cannot stop the wicked doing wicked things with information and patient data, so you cannot say there will not be, and of course we have examples where staff do misuse their privileges and have to be pursued through disciplinary and other procedures. To speak to your point about confidence, there is absolutely no complacency about the extremely fine balance that we need to strike between public confidence, staff confidence and the huge potential benefits that electronic records and the use of data about patients for public health and other purposes has. This is an incredibly difficult balancing act and practice needs to change as information technology changes the opportunities that are available to us. The reinforcement with the NHS of their information governance responsibilities; the backing up of that with advice and tools; the reinforcement of the need to ensure that human resources policy and practice is aligned with information governance policy and practice means that we are putting in place all the things we can do to deal and to manage this as well as possible, but we are not going to stop those who wish to break their employment contract terms and break their local Human Resources policies and procedures and do wicked things. What we have to do is put in audit trails and be able to say to these people it is much more likely now that you are going to be caught, and if you are caught this is how you will be dealt with.

  Q335  David Davies: Mr Jeavons, what work have you undertaken with other government departments in relation to the sharing of databases? In particular, can I ask you whether you work with the Border and Immigration Agency or the Department for Work and Pensions, to ensure that non-EU citizens do not access incorrectly out-patient care to which they are not entitled?

  Mr Jeavons: Our main areas of interaction are with the Department for Children, Schools and Families and with Contact Point. We contribute and participate in cross-government policy and Transformational Government activity. We respond to requests for information that have a legal basis. However, our basic opening position is that NHS information and information about patients is confidential to the NHS and to the patient and therefore we work on a "persuade us if you can or provide a legal basis" mandate.

  Q336  David Davies: But would you not use the databases that are already available to other government departments to ascertain whether or not people are getting access to care to which they are not entitled?

  Mr Jeavons: I am not aware that it is the case that we do that and it is not clear that that is necessary. We do not deny emergency care.

  Q337  David Davies: No, we would not do that under the law anyway, would we, because the law is quite clear; emergency care is available but out-patient care is not. The question is purely about out-patient care and whether you are doing anything to tackle the billions of pounds that are being lost because out-patient care is being provided to people who are not entitled to it?

  Mr Jeavons: Clearly if we had evidence that there were billions of pounds being lost through inappropriate use of NHS services that would need to be tackled. If the opportunity were there for example to use other means to check the identity of people before they access those services, then those would be looked at, but I am not aware that those opportunities are there and, if they are there, it is not obvious how to implement them effectively in the NHS at the moment.

  David Davies: The evidence is certainly there, is it not; the question is whether or not the NHS are willing to make use of other databases that already exist in government departments, but I think you have answered the questions.

  Chairman: Thank you, Mr Davies. We are now turning to questions to Tim Wright. You are welcome to sit there, Mr Jeavons, because there may be other issues that members of the Committee will ask, so do not feel we are ignoring you. It is just we want to get the other Departments to give us their comments as well. Janet Dean has the first question to Tim Wright.

  Q338  Mrs Dean: Mr Wright, could you estimate the proportion of DCFS activity that depends on information-sharing and the impact that the Every Child Matters strategy has had in this respect? In doing so, could you say whether the majority of activity is aimed at child protection or child welfare?

  Mr Wright: A very significant part of the activity of the Department now is geared around data-sharing. We are quite a small central department operating within a very large, very profuse education sector, so there are many agencies and bodies that operate within that sector who will need and wish to use and share information. A number of the programmes that we are working on at the moment operate in that sphere and are quite central and quite key to supporting the Government's policy to improve choice for learners and enable individuals to move round, if you like, within the education system and take with them their personal records and details and be able to track their attainment and so on. On the second part of your question—my colleague here already mentioned Contact Point and of course I would draw a distinction between the purpose of Contact Point, which is really early intervention to ensure the protection of young children, with the sorts of systems that we are operating, which are purely in the educational space which are trying to engage with people in education. There is quite a split and quite a wide range of activities that are there. I would not hazard to put percentages on that because there is a very significant effort from the Department, certainly around Contact Point, and that is the largest single IT programme that we have on at this time.

  Q339  Mrs Dean: I will come to Contact Point in a minute but could you say first of all how the Department goes about assessing the need for each new database that it creates or commissions and then drawing up the protocols for sharing information with other departments or agencies?

  Mr Wright: I look after a team of information technology professionals and certainly we work extremely closely with the policy directorates of the Department to understand how technology might be applied to improve the opportunities for learners and children. It is quite a tight engagement, quite a tight partnership, between the technical professionals that provide and support the information systems and the infrastructure, with those that are actually in the front-line of delivering the Government's policy. There was a second part to your question, I am sorry?


 
previous page contents next page

House of Commons home page Parliament home page House of Lords home page search page enquiries index

© Parliamentary copyright 2008
Prepared 8 June 2008