BMA Ethics committee respond to Caldicott Review on information governance.

Patients give staff in health and social care personal information about themselves all the time and they trust that we will protect the information they give. As we move to a more electronic age, where information can be shared more easily, and across many more types of organisations,  there has been an urgent need to review 'information governence' and the balance between protecting patient information and its sharing to improve patient care.  Information is collected in data bases which are used in a variety of ways for research.

When I served on an NHS research ethics committee we were always concerned that information about patients in trials would be protected and that they should be able to give informed consent to the information being used.

With publication today of the Caldicott Review, the Health Secretary Jeremy Hunt has said that 

1)any patient who does not want personal data held in their GP record to be shared with the Health and Social Care Information Centre will have their objection respected; and

2 where personal data has already been shared from a GP practice to the Information Centre, a patient will still be able to have the identifiable information removed. 

But this is very much an 'opt out' rather than an 'opt in' strategy and it is difficult to see how patients can give consent to any specific use of information held about them. 

Caldicott recommends that patients should

•  have the right of access to your own personal records within the health and social
care system.
•  have the right to privacy and confidentiality and to expect the health and social
care system to keep your confidential information safe and secure.
• have the right to be informed about how your information is used.
• have the right to request that your confidential data is not used beyond your own
care and treatment and to have your objections considered, and where your wishes
cannot be followed, to be told the reasons including the legal basis.

The NHS and adult social services should also commit:

• to ensure those involved in your care and treatment have access to your health and 

social care data so they can care for you safely and effectively;

• to anonymise the data collected during the course of your care and treatment and use it 

to support research and improve care for others;

• where identifiable data has to be used, to give you the chance to object wherever 

possible;

• to inform you of research studies in which you may be eligible to participate; 

and

• to share with you any correspondence sent between staff about your care.

Responding today to the Caldicott Review -‘Information to share or not to share’ - a comprehensive report about sharing health information in England, Chairman of the BMA’s Medical Ethics Committee, Dr Tony Calland, said:

“The Caldicott Review has involved a great deal of effort by Dame Fiona Caldicott and her team, especially given the scope and complexity of the issues, so it is important that we recognise this.

“We are very pleased that there is a commitment to respecting patients’ objections to confidential data being shared as this is something the BMA has worked hard to reach agreement on. Confidentiality is the cornerstone of the doctor/patient partnership and we must do all we can to safeguard it.”

The BMA has some outstanding concerns about how “safe havens” will be implemented. These are areas where researchers and commissioners can carry out analyses under secure conditions and should be kept to a minimum, believes the BMA. The use of any information that could identify individuals, such as the NHS number, could increase a risk to confidentiality, unless robust safeguards are in place.

Dr Calland, added:

“While health data is vital to improve health services and medical research, it is essential that the strict controls described in the Review for safe havens are scrupulously adhered to and regularly audited by an independent body.”