NHS & Care data scheme

[I1L2T3]

I see what you're saying.

 

My point isn't meant to be difficult. The point I make is purely this:-

 

I've asked what "bad" can happen from this database - it seems to be that the only thing people can suggest is that medical insurers can obtain records to either raise quotes or refuse payments.

 

People who don't disclose their records might see lower premiums, but equally, failure to disclose is effectively fraudulent (it's obtaining a pecuniary advantage by deception certainly - lower premiums by hiding salient facts). That means that the insurer is right to demand the records pursuant to 35(2) on the basis that they need legal advice, given a fraudulent claimant.

 

If the quotes are higher, well that's because they're being quoted on all the knowledge, rather than what people might like to disclose.

 

As for whether the info is free - realistically, given the potential risk of fraudulent claims, and the anti-claimant stance at the moment, I'm certain Judges would approve such applications. You know as well as I do that Judges don't like costs being wasted, and when I make applications under DPA, my point is always that it was obvious that the application would be granted, hence my costs follow. The fear of costs against a practice makes managers very compliant in my experience. I've had schools give out pupils' educational records, in full, without any Court Order on a number of occasions.

 

---------- Post added 04-02-2014 at 12:14 ----------

 

 

Not wriggling at all. I just don't agree with you.

 

I am firmly of the opinion an insurer could get those records if they wanted, and have seen it happen on more occasions than I can count.

 

You disagree with me. I'm fine with that.

 

Because there already are legal avenues for insurers to get records it doesn't mean they can just have the records anyway. The legal safeguards are there for a reason. This potentially removes them.

 

---------- Post added 04-02-2014 at 12:28 ----------

 

Here is the leaflet:

 

http://www.england.nhs.uk/wp-content/uploads/2014/01/cd-leaflet-01-14.pdf

[L00b]

I see what you're saying.

Good, thx.

My point isn't meant to be difficult.

Agreed, but not so simplistic as portrayed: the issue at hand/being discussed here, is the ramifications of the proposed free paying-for-all approach, rather than the still-current due diligence approach.

 

In short: replacing statutory conditions (and a professional duty, btw) of stict confidentiality attaching to intimately personal matters (however temporarily removable with strings as they may be) by a simple price tag. With no real recourse for the persons directly concerned, and no accountability built-in in respect of any breaches/excesses/abuses that may later be proven to arise from this new approach.

 

You've asked for what 'bad things' can happen, and a recurrent example is that of health insurrers: that stands to reason, since they are the most obvious concerns to immediately benefit from the approach.

 

I've highlighted potential failure points and other eminently plausible scenarios before in this thread, and this is just another: it wouldn't it be long before that kind of personal data finds it way to prospective employers. Not as directly concerned as health insurers, and yet just as plausible for similarly obvious reasons...and to those who would say this will not happen, need I remind them about the construction industry's national black list?

 

Here's another: Mr Banker, I'd like to take a mortgage to buy this here dream home we have found. Well, Mr Smith, your deposit and earnings are more than sufficient, your financial history shows plenty of care and ability...but your health records and statistics both show that you might pop your clogs half-way through the mortgage term, so, er, bye.

 

There are countless more: where there is a profit-seeking will, there is always a way.

 

Opting out at this time is not about hiding the turth from insurers or depriving from their profits, or hindering medical research, or God knows what other spurious arguments. It's sending out a clear message to the powers that be, that there is a limit to their right of ingerence in everybody's life and private affairs.

 

And, practically (and so far as I'm concerned anyway), it's ensuring that data which should never leave the confines of strict confidentiality (but for legitimate legal purposes), stays confidential ad nitio: at least my data won't be accidentally lost/released/sold/misused/<etc.>, as it simply won't be in there.

[Moosey]

Because there already are legal avenues for insurers to get records it doesn't mean they can just have the records anyway. The legal safeguards are there for a reason. This potentially removes them.

 

Whilst I don't want to appear unprofessional, in practice, I have to be honest and say the current safeguards leave a lot more to be desired than you may think.

 

As mentioned, would you be happy if I had managed to get your child's entire educational records from age 4-14 without your knowledge, or without a Court Order? I've done that a few times. The same applies for people's credit records, which are very personal. I can get those for free by clicking a button on my browser - all I need is someone's name and address.

 

Not a database, admittedly, but access to the same, if I want it.

[I1L2T3]

As I've said Loob if this was being proposed as being for improvement to health services with cast iron guarantees on security and a regulatory framework provided then I would feel differently.

 

The thing that bugs me is how up front they are about the commercial angle to this. It's a thin end of the wedge situation IMO.

 

---------- Post added 04-02-2014 at 12:46 ----------

 

Whilst I don't want to appear unprofessional, in practice, I have to be honest and say the current safeguards leave a lot more to be desired than you may think.

 

As mentioned, would you be happy if I had managed to get your child's entire educational records from age 4-14 without your knowledge, or without a Court Order? I've done that a few times. The same applies for people's credit records, which are very personal. I can get those for free by clicking a button on my browser - all I need is someone's name and address.

 

Not a database, admittedly, but access to the same, if I want it.

 

It still doesn't make it right. Currently you couldn't get my medical records without my permission or without going through a legal process. I don't want that to change.

[onewheeldave]

It's straw nothing.

 

Of course you can legally get records, if you have a legitimate interest. It's as simple as a Court application, for £80, or more often, a letter to a practice manager of a surgery who panics when they see a threat of costs.

 

I assure you, any prospective health insurer could get your records if they wanted them. S35 DPA sees to that.

Surprise, surprise, another strawman dude, please read the link so you've at least got some idea of what a strawman is, then you'll have a chance of not introducing even more of the little blighters.

 

No-one's denying that, in some circumstances, some companies can currently buy acess to your medical records.

 

This care.data scheme is going to make it easier, and cheaper, for more people to access private medical data.

 

(Attacking points that no-ones actually raising or defending, is the gist of what a 'strawman' is- you repeatedly are arguing against points that no-ones made. Like I say, we all know that currently our medical data isn't 100% secure- it's irrelevant to the case we're making).

[L00b]

As I've said Loob if this was being proposed as being for improvement to health services with cast iron guarantees on security and a regulatory framework provided then I would feel differently.

I wouldn't, I1L2T3. Considering the history/track record of successive Gvt's IT projects (especially where the NHS is concerned), accidental data releases, abuses of processe at the FoI/DPA junction <etc.> it's been a long time since I haven't trusted them with any personal data howsoever, and let them have/keep as little of it as the 'system' would let me get away with.

 

It's not misplaced paranoia (God knows how many relevant Google hits my full name already returns, many with photos as well, due to past and ongoing professional activities/events/presentations/etc.), I simply view it as diminishing of the potential for personal data-related incidents.

The thing that bugs me is how up front they are about the commercial angle to this. It's a thin end of the wedge situation IMO.

Viewed as a whole, that wedge started in anger some years ago, tbh. This 'fight' about medical records is one of the last to be had, where 'personal data' is concerned.

 

People have already 'surrendered' too much of personal information, and still do, mostly through ignorance. E.g. these days, when not through social media, many are busy giving their car insurers detailed GPS journey information, daily, for the sake of saving a few quids on their premiums (Google telematics, the future for car insurers, your mobile re-purposed through the insurer's App as a real-time black box/Big Brother in your car, soon enough you won't be able to get insurance without agreeing to it). The list goes on.

[onewheeldave]

I wouldn't, I1L2T3. Considering the history/track record of successive Gvt's IT projects (especially where the NHS is concerned), accidental data releases, abuses of processe at the FoI/DPA junction <etc.> it's been a long time since I haven't trusted them with any personal data howsoever, and let them have/keep as little of it as the 'system' would let me get away with.

 

It's not misplaced paranoia (God knows how many relevant Google hits my full name already returns, many with photos as well, due to past and ongoing professional activities/events/presentations/etc.), I simply view it as diminishing of the potential for personal data-related incidents.

Viewed as a whole, that wedge started in anger some years ago, tbh. This 'fight' about medical records is one of the last to be had.

 

Yes- prior to this we had the 'summary care record'- another scheme which made opting-out deliberatly difficult (no opt-out form with the info leaflets) which I also had to waste 2 hours of my life in opting out of.

 

And, if sufficient people opt-out of this one, I'm sure that in a few years time, they'll try it on again.

[esme]

And a bit more fuel for the fire

 

This is what happened in the US in 2009 when The Massachusetts Group Insurance Commission decided to release "anonymized" data on state employees that showed every hospital visit.

 

A graduate computer science student (Latanya Sweeney) obtained the data and also purchased the US equivalent of the electoral register for the region, combining the two allowed her to send a copy of the Governor of Massachusetts medical records to his office.

 

She was just proving a point, http://arstechnica.com/tech-policy/2009/09/your-secrets-live-online-in-databases-of-ruin/

 

A key point in the care.data upload is that it's not just a one time deal, as your medical records continue to be updated at your doctors the updates will automatically be uploaded to HSCIC.

 

So a hypothetical situation, you start feeling tired, have odd pains, perhaps a bit of a temperature and you feel full all the time so you go to the doctor, they do a few tests and ask you to come back, while you wait for your results the mortgage application you applied for falls through as the provider thinks you're suddenly a bad risk, then the results come back and you are a bit anaemic and run down due to a poor diet/slight food allergy plus you have a touch of arthritis.

 

However your symptoms could have matched the early onset of leukemia, your mortgage provider got the HSCIC data, matched it to you, saw the symptoms and refused you without waiting for the diagnosis which turned out to be completely benign.

 

Now OK this is a hypothetical situation and can be easily pooh poohed away with phrases like "that will never happen". you can't prove it either way really, but given that we know data about us is already abused I lean towards it being more likely than not.

 

I've already opted out

[*_ash_*]

Surprise, surprise: NHS admits it should have been clearer over medical records-sharing scheme.

 

The leaflets were apparently sent out last month. Has anyone received one yet? I haven't.

 

I got it last week in one property, but not the other.

[Cyclone]

I haven't had any leaflet AFAIK. However if it looked like junk then I probably binned it. They should be sending out addressed envelopes, they have our address in our medical records after-all.