Medicalprivacy’s Weblog

http://news.bbc.co.uk/1/hi/scotland/tayside_and_central/7414319.stm
It would seem that the NHS in Scotland are still not caring about looking after records. It is incidents like this that cause me to distrust health workers to look after my records. The hospital was in a 20 year shut down phase and the last thing they seemed to care about was patient confidentality.

It makes no difference if the records are on paper or on a computer if the person who is meant to be looking after it fails to do so. When patient confidentality is the last thing on your mind, you should not be allowed access to the records.

Following on from my comments about Poole Council spying on familes (including a 3 year old) it seems that this is not a rare event.

It mow emergies that the abuse of counter terror/serious crime laws are being about 1000 times a month by councils (last year they made 12,494, request for this abuse, almost double of that of the previous year). The police made about 19,000 request and one local goverment body admited that councils and other goverment bodies will would soon be carrying out more of this survailance than the police! These are the same scum that will have access to the child index, contact point, socail care records (with data extracted from the Summary Care Record), phone records, who we email, web sites we visit and an ever growing intrusion into our lives.

It would now seem that laws to protect us from terrorist and serious crime is now used to watch where your dog shits,  what are they claiming? That dogs are now a bio hazzard and pose a significant threat to our security? If they are, then heaven help us with all the crap politians come out with these days!

And still they ask us to trust them. Still they say new powers will not be abused. Still they ask for more powers to invade our privacy and Still they lie to us every day. Do you really want these scum to get the chance to get hold of information about you?

This is an example of how laws passed for one thing can be used for another. It seems that a council (Poole Borough Council) used laws for tracking terrorist to spy on a family to see if they really lived in a catchment area. It involved following the family in the daily business. I just hope none of them had to attend the local GUM clinic, doctors or any other health setting.

The law that was used, The Regulation of Investigatory Powers Act was meant to be used for fighting serious crime and terrorism. Under this they can intercept communications, carry out of surveillance and the use of covert human intelligence sources

When you consider the amount of data that is being shared with these people by the likes of the children’s act 2004, or the fact they are allowed to find out who we called people all over the UK should be worried.

We currently have the government saying that they intend to allow police to access the national NHS database for investigating terrorism and other serious crimes and they intend to share even more information for this reason. If this is their idea of serious crime, heaven help people.

This case just goes to show that councils around the UK, along with the police and every other government department are going to be looking into everything we do and be spying on people at every opportunity. If they are allowed to get away with this abuse then every council in the UK would be able to spy on applicants. Then again, this is just what the goverment, police, social services, council, jealth workers, researchers and every goverment department wants.

Whilst this council has admited 6 occations, it is not known from the article how many other councils will be abusing, sorry using these powers. Next time you tell the council something, just pray they dont use these powers on you.

When it comes to medical privacy there is often a lot of talk from those who want to share/access identifiable data about how data will be protected and they can control access. Unfortunatley these are often grouped into 3 different groups.

1. There are those who have a low standard of protection. An example of this would be most GPs. GPs often tell patients that what they learn in the course of their work will go no further and their records are protected, yet a lot will often start telling people about tye patient so the information can get into the patients records, as one of my ex GPs said “doctors do not do notes, that is someone elses job”. In other words, the min the patient leaves, the GOP will tell someone else. I have also found that most calldicott Gaurdians come under this group. As with GPs, their standard of aproprate sharing of data is often far lower than what patients think and when it comes to privacy, they rarely, if ever, will hear both sides of any complaint, usually deciding to side with their friends who also have a low standard. This is further complicated in that they are often paid by the people they are overseeing even though this creates a conflict of interest. Who have to ask whos interest they have at heart, their own or that of the patient? Unfortunatly I have found they have the interest of their own at heart and most would rather protect the reputation of health workers and the NHS than tell the truth. This group of people are the low of the low as far as I am concerned. they lie to patients to obtain data/carry out examinations and when patients do get told they ether attempt to make the patient think it is for their own good and those patients that see past this Bull are given 2 simple choices, ’share or die’. This group will also often share data so that it can be passed to others for targets or payments. In some cases it will be identifiable but even if it is not, the people accessing the records to get it will have access to the identity of the patient.
2. There are those who think they have a high standard by are not aware of what is being shared. An example of this are some Calldicott Gaurdians and some health workers (not all are scum, just most). Some will tell you that when it comes to the police and social services they will tell them to ‘get stuffed’. Whilst this seems good, they are often unaware of data sharing. for example data from the new Summary Care Record in the NHS in England will be copied in a way that police and social services have access. This means that when they tell the police or SS to ‘get stuffed’, the police and SS will simply access the data from somewhere else (such as SUS) or they will alreday have the information anyway. At the same time anti-privacy laws/legislation in the UK is being introduced faster, meaning any promise about privacy is no protection. Other groups of people that come under this are those who work in Sexual Health Clinics. These people are often unaware that identifiable data can be shared with researchers, but I have to say that some will know but simply not tell the patient
3. The last, and by far the smallest group, are those who do protect data. These people are far and few between. they will store data in a way that others can not access and they will stand up to those who demand it. Some will even not record data. An example of this are some therapist. If you wanted some therapy, you can often tell the person you are seeing that you do not want anyone else to know what you are there for. Whilst some will refuse to see you unless you ‘consent’ to notes being kept others will agree not to keep notes (the disadvatage of keeping notes is that they can be accessed under some UK laws by others. Although this does not happen often, it is staill a risk). Some of those that demand they make notes willl often make them very brief and a broad outline.

It would seem that the goverment want to back down on it’s plans for sending people to jail for breaching our privacy.

Comming at a time when the NHS are planning on sharing records online with even more people, you would think the goverment would want to take action.

The plan was to allow people to be sent to prison for breaches of the data protection act as at the moment all they get is a fine. What this means is that if someone steals your medical info, all they will get is a fine. Sending someone to prision would not undo the damage done to you, but it would be a deterent for reporters and others. Giving them juwst a fine is an insult and it goes to show that when it comes to privacy, the goverment do not take it seriousley.

To make things worse the goverment have been increasing the amount of people who know our information for years without the public knowing about it. Now that data is set to go national, they want to protect it even less. Whilst it is good to hear Harry Cayton complaining about the backdown it was dissapionting to here the goverment appoint patient rep (which makes him seem like a goverment rep) talking about how the NHS protects patient privacy, yet we all know that this is a load of bull and the NHS have been expanding the amount of data they share for years. It is not much use talking about legal protecting data when the goverment are doing away with privacy at a much faster rate.

And some people wonder why I take extra steps to secure my medical records. Here is a tip for those that store private data PROTECT IT! In the US and other countries you can be executed for commiting murder, that does not stop murder so why expect a fine or even sending people to prision will stop data theft?

http://www.guardian.co.uk/society/2008/apr/02/nhs.privacy

http://www.e-health-insider.com/news/3614/patient_tsar_backs_tougher_data_theft_laws

http://www.guardian.co.uk/politics/2008/apr/01/media.privacy?gusrc=rss&feed=networkfront

It is not very often I back a goverment/NHS body, but when they do something worth backing, I think it is right to back them.

It has been reported in the news that the Common Services Agency  (CSA) in Scotland are refusing to share patient data with the public. The CSA are going to the House of Lords to stop people who are meant to protect our privacy from sharing data which could lead to patients being identified. What chance do we have of privacy when even those that are meant to protect our privacy, such as the Scottish Information Commissoner are willing to risk our privacy so MPs and the public can get hold of confidential data?

http://news.bbc.co.uk/1/hi/scotland/south_of_scotland/7327914.stm

It seems that Connecting for Health (people behind Englands NHS database) have decided to yet again lower the already low standards they have about access.

It has been reported that they are now agreed to allow people without qualifications, such as healthcare assistants, to access the patient Summary Care Record in full, not just the basics such as name and address or info they need to carry out blood presure readings. It was also claimed that admin staff were printing the information off, but it seems that CfH are now saying that this is not the case.

This just goes to show that when it comes to honesty and transparency CfH can be trusted about as much as an MP, and that is not saying very much.

The idea of spending £12-£20 bilion on the computer system was the paper records were meant to be less ’secure’. What we have now is data being shared with the Secondary Use Service, police seraching the database, researchers demanding access (which they will proberbly get with a Section Sixty), NHS staff being allowed direct access to identifiable data held by SUS and to top it off they are printing out paper records they claim are not secure enough! The list list of those with access is increasing all the time, yet patients are told sod all about it.

Some links to check out (dont forget the forum there is on the NO2ID website at http://forum.no2id.net/viewforum.php?f=58 where I post under the name ‘medical privacy’)

 http://www.civilservicenetwork.com/news/article.html?tx_ttnews%5Btt_news%5D=31742&tx_ttnews%5BbackPid%5D=107&cHash=d0f84cfec8

http://www.computerweekly.com/blogs/tony_collins/2008/03/no-qualifications-needed-to-ac.html#more

http://news.bbc.co.uk/1/hi/uk_politics/7274773.stm

It seems that those of us that were worried about the police etc having access to the national NHS database are proven to be right to worry. It seems that the police have been given permission to access the database.

http://www.computerweekly.com/blogs/tony_collins/2008/02/police-will-be-allowed-searche.html

How long will it be bfore they and possibly the SS do searches for all possible knife/bullet wounds, all those under 16 on the pill, all those who access A&E twice or more in 3 months, rape victims, parents on drug rehab, parents who drink over a set limit of alcohol a week, those under 18 who admit to consuming alcohol, under 16s above/bellow a set Body Mass Index, parents on anti-depressants, parents in therapy. the list is possibly endless and the amount of people the info can be shared with (including local councils, SS, schools/teachers etc) is vastly more than people are told and vastly more than at any time in history and vastly more than any other ‘free’ country in the world. It seems that doctors and health workers in general realy are set to become ‘agents of the state’ but at the same time continue to lie about privacy and access to our most sensitive of information.

Other links

http://news.bbc.co.uk/1/hi/health/7250589.stm

You would think everyone who handles medical records new the importance of keeping the info confidential. It seems that nobody has told Bolton PCT how to do this.

It has been discovered that they dumbed the medical info of over 3,000 patients in the normal rubish bin and they were found at a landfill site. The records were disposed of because they were being copied into a computer.

Making the data ’secure’ would have been easy. All you need to do is instruct anyone of those pesky admin staff people like me cant stand that they should shred the paper copy as soon as they have put the info into the computer. The fact that the records were being read by others that would not have needed to gain access to them if they were not being transferred to a computer only goes to show how much more electronic records are shared more than those kept purely on paper.

Be careful of the comment from Connecting for Health who claim electronic records will be more secure. The new system they are planning will make more info available to far more people and that will make it less secure

http://news.bbc.co.uk/1/hi/england/manchester/7255463.stm

http://www.bolton.nhs.uk/

I only heard about this via the media, so I contacted the Scottish goverment about it. To my suppsrise I got a prity full reply (not often that happens!).

From what I could make out from the reply, there are good and bad points about it (some of the questions/issues are still not sorted).

Good. This is a single phone number that people can call if they are not sure who to call. The people on the other side of the phone will be able to direct people to the relevant department/service. That means if the SS (social services) are the best people to contact, then they will be directed there, if it’s the police, then they will be directed there. This should save time in getting things sorted and it makes sure the right people are contacted. It should (if it works OK) mean that children can be saved/protected more than they are just now.

BAD?. There are few things in life that are all good, and this is no exception. In theory there will not be a creation of a national database of accused, but with the goverment looking to creat things like the childs index, then it means there is a database be default. It also means that that anyone with access to the child index (SS, police, schools, local authorities, fire service, health authorities etc) will be able to find out the family are being investigated. Some of them should know, but why would the fire service ‘need to know’? In theory those accused will be able to clear their names, but that is easier said than done (dont forget that forced adoptions have increased 3 fold in some areas after ‘targets’ for adoption were brought in and the SS are famous for miscarages of justice and operate under secrecy to the extent the concept of a ‘fair trial’ is not a garantee). There is also no way of knowing if their file will be deleted if they are found not guilty (remember even children never charged or cautioned have a ‘police record’ and have their DNA stored nationaly). It could (even if this is not the aim) mean that a national network of accused is set up due to the ‘joined up’ thing the goverment is keen on.

There is also the issue about people own perecption of what is right. There are people that think you should never drink when you have children, so could they report people that fail to meet their own personal standards? The theory is, they accused would be investigated but as I pointed out above, this has it’s own problems. There is also the issue of double reporting. That should be sorted out quickly, but the fact that some others have been brought in, such as the SS, could mean it appears on their childs record available via the child index. Having never done drugs, I dont know if people seeking help are always reported to the police or SS. This new scheme seems to garuntee they would be brought in.

There is also a question mark about how you check people are drinking too much or taking drugs. Would all accussed be forced to have a edical exam to test for drugs or conditions that could be caused by drinking? Would they be required to have a breath test for alcohol on a random basis? With goverment having a ‘nothing to hide, nothing to fear’ card for everything, would this be used against parents? Would children be asked about the acctivities their parents get up to? Would the accused be allowed to chalange claims made by others, such as neibours?

Would info get into the accused medical records? This is something the reply does not full answere. It is important that the choice about having the info stored in the medical record of the accused is only done with explicit consent, yet that is not a garuntee. Dont forget who will have access to this record. It is not just the GP, there are all the doctors/nurses and a large amount of admin staff at the practice (and future practices) who will have access. There are insurance comapines, employers can ask for it and with the goverment looking more and more at national records. I have managed to avoid some of these problems (cant do anything about insurance comapines or employers as the Scottish goverment could not care less about the level of access these scum have), but that was only after being treated like dirt by NHS Grampain and other PCTs, by me endgaering my health and by me not giving in to scum. I dont know of anyone else who has that protection/privacy, yet info could be getting put in their records without their explicit consent.

I fully support the idea of protecting children, but there is so much secrecy (this only protects doctors, SS, creates distrust, causes serious misscarages of justice and allows SS to do what ever it takes to get children. See links bellow).

There does seem to be better ways of helping drug users and people with other problems. The only problem is, this would need to be a truly confidential service and the goverment would ratehr spend money on paying locums £1000 a day or spend money on out of hour services to justify spending hundreds of millions (£20 billion in England) on national medical records that are less secure that the goverment claims. They could spend more money on having enough social workers, but again, they dont seem to fancy that idea. They seem to think it is better to set up a net work where neibour spies on neibour and thos who object to be spied on are simply told ‘nothing to hide. nothing to fear’. At the same time, they complain if they are monitoured talking to a suspected terrorist. I am not saying nothing should be done, but is a national phone number the best way to proect children or would it be better to help the people this number is targeting (suspected drug and alcohol abusers)?

Some links you might want to read:

http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2007/07/15/nadopt115.xml

http://www.forced-adoption.com/introduction.asp

http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2007/08/05/nadopt105.xml