"Data grab" of NHS GP patient records SOON

[Saracen999]

A thread was posted about this a few months ago, but the implementation was delayed, due mainly to pressure from medical professionals that patients were insufficiently aware of what was about to happen.

The implementation was delayed until Sept 1st. However that is now approaching fast, and if you want to opt out, you need to do so before September, 1st.

If you don't opt out, your patient data (or a large chunk of it) will be "sucked out" of your GP records on or shortly after that date, and for at least the last 10 years. It will then be added to this central database "in near real time" until/unless you subsequently opt out. Also, once that initial 10-year "suck" occurs, you lose any ability to subsequently restrict use, apparently. A lter opt-out will prevent future sucking, but not affect anything already sucked.

The data "sucked" won't (it seems) include GP notes on conversations but will include

information on patients' physical, mental and sexual health, including details of diagnoses, symptoms, test results, medication and immunisations.

This information is for "planning and research" purposes, and can be disclosed to third parties, including university researchers, charities and private companies.

It will, we are assured, be anonymised (to some degree) but then, we are required to trust that that degree will not able to be de-anonymised later, by combining with other data sources.

It's no secret round here that I err firmly on the side of privacy, and even I can see that there are ways such data can be legitimately used for good purposes .... like Covid immunisation. Opting out could hve real-world consequences. But so could not opting out, given that you then apparently have zero say in how your data is later used.


I've tried to present this in a neutral way, and it is certainly a persona choice as to whether you want to run the potential risks to failitate the potential benefits. Personally, I don't, but what I do feel strongly about is that there is still apparently not much public awareness of this, and in order for us all to legitimately either give or withhold permission, we need to be aware it is about to happen.


Want to opt out? Do it SOON.

Don't want to, or don't care? Do nothing.

[Smudger]

https://your-data-matters.service.nhs.uk/ just in case...

[Ferral]

I had completely forgotten about this so thanks for the reminder.

Both me and Shelley have opted out as you just know that your data will end up in the wrong hands or with private companies eventually

[Saracen999]

....

Both me and Shelley have opted out as you just know that your data will end up in the wrong hands or with private companies eventually

That's a big worry. What we do know, for sure, is that it at least might end up in the wrong hands. It also wouldn't be the first time data has been left in a cab, on a train, stuck into an envelope and posted, never to be seen again, and so on. That leads me to a question and a conclusion.

The conclusion is that they can't lose what they don't have. The question is whether it was really lost in the post, or sold and that used as a convenient cover? Either way, they can't either lose or sell it if they don't have it.

But as I understand the arrangements, those with a suitable 'reason' can request data, which will be supplied in anonymised or pseudu-anonymised form whch is at least potentially un-anonymisable and, yeah, they can't unanonymise it if they don't have it.

Once it's gone, once it's been sucked, we have lost all ability to then think "Errr, y'know what, I'd rather not risk it".

One more question pops into my mind .... how many of us know, as in have checked, what our medical records say? Not what they should say, but what they do say? And is it both complete and accurate? After all, even doctors are human, and as we know, to err is human (and to really screw up takes a computer).

[spacein_vader]

That's a big worry. What we do know, for sure, is that it at least might end up in the wrong hands. It also wouldn't be the first time data has been left in a cab, on a train, stuck into an envelope and posted, never to be seen again, and so on. That leads me to a question and a conclusion.

The conclusion is that they can't lose what they don't have. The question is whether it was really lost in the post, or sold and that used as a convenient cover? Either way, they can't either lose or sell it if they don't have it.

But as I understand the arrangements, those with a suitable 'reason' can request data, which will be supplied in anonymised or pseudu-anonymised form whch is at least potentially un-anonymisable and, yeah, they can't unanonymise it if they don't have it.

Once it's gone, once it's been sucked, we have lost all ability to then think "Errr, y'know what, I'd rather not risk it".

One more question pops into my mind .... how many of us know, as in have checked, what our medical records say? Not what they should say, but what they do say? And is it both complete and accurate? After all, even doctors are human, and as we know, to err is human (and to really screw up takes a computer).

I'd wager if you did check your full medical record you'd still not be able to tell for 100%certain how accurate it is unless you are medically trained. Many reports, scans and observations are made in shorthand and use acronyms. Further still involve interpreting numbers that just don't mean anything to a layman. Still more may contain things you disagree with but aren't factually inaccurate.

The most common request we get to "correct" records are where we mention alcohol or other controlled substances being present in the blood. "remove that, I'm not a drunk". We didn't say you were, we just said there were x parts per million of alcohol in your blood when we tested it. The fact its enough to knock out a small horse is circumstantial.

[Saracen999]

I'd wager if you did check your full medical record you'd still not be able to tell for 100%certain how accurate it is unless you are medically trained. Many reports, scans and observations are made in shorthand and use acronyms. Further still involve interpreting numbers that just don't mean anything to a layman. Still more may contain things you disagree with but aren't factually inaccurate.

The most common request we get to "correct" records are where we mention alcohol or other controlled substances being present in the blood. "remove that, I'm not a drunk". We didn't say you were, we just said there were x parts per million of alcohol in your blood when we tested it. The fact its enough to knock out a small horse is circumstantial.

I entirely take your point(s).

For reference, I would be surprised if anything beyond trace alcohol was in my bloodstream, as the only alcohol I've had in a good few years in wine, when used as a cooking ingredient, and therefore alcohol evaporated off. And if my bloodtests show non-prescription drugs, they're there from the '70s and even then, in minute quantities.

But for sure, I take the "shorthand" point. Not just for the purposes of being short, but also in the interests of medical CYA.

I'm not a medical person, but if I need a 'translator', I'm spoilt for choice, from a senior ICU nurse, to consultant surgeons.

[watercooled]

I'm fairly neutral on the matter overall; I understand the concerns people will have with their data being moved around, but in terms of data security (as opposed to anonymised access) it's not necessarily *that* much different to the status quo as I understand it. Medical records are already accessible remotely to some extent e.g. between GP and hospital.

As is the case with many things, it's all about implementation. I'm very much still learning about the platform myself, but I admire the intentions of such a system in terms of research - the sort of which would be much harder if not impossible to conduct as-is, and which the NHS appears somewhat uniquely positioned throughout the world to conduct.

In agreement with the OP, I think it's something people should research and consider, but I would also urge people to not knee-jerk one way or the other without proper consideration. While people may benefit from such research despite opting out, also consider whether you would be suitably represented if enough people also decided to opt out.

One aspect of the system as I understand it, is OpenSAFELY. I would encourage people to check out the FAQ's to see if they answer any concerns they may have. https://www.opensafely.org/

[neonplanet40]

"Sorry, your details do not match what we have in our records
This may be because your GP practice does not have the correct details for you."

Not working for me. Is it because I am in Scotland? My details are correct and my GP also has all my latest details and address etc.

[Xuse]

Yes, it's because you live in Scotland. I don't think it applies to us.

However, I lived in England for 3 years and I get the same error.

[Saracen999]

"Sorry, your details do not match what we have in our records
This may be because your GP practice does not have the correct details for you."

Not working for me. Is it because I am in Scotland? My details are correct and my GP also has all my latest details and address etc.

It may well be different for Scotland. As I understand it, health is devolved in Scotland so presumably this would be too. But I don't know for sure.

Re: the online opt-out, I ran that and for me, it worked, and confirmed I already was. I am "registered" wiyh my GP for online access, and they have my email. That system needed either email address or mobile phone number for a 2FA type check. I ran it for the wife (at her request) and got that error message, because she isn't registered for online access. I understand the critical bit to be whether you are registered with the GP for that, or not.

It also seems that during lockdown, GPs could set up online access by phone, but now, they can't. It has to be done in person at the surgery, and on production of proper photo ID (alternatives exist if you don't have photo id). Or at least, that's what ours said.

[Saracen999]

... but in terms of data security (as opposed to anonymised access) it's not necessarily *that* much different to the status quo as I understand it. Medical records are already accessible remotely to some extent e.g. between GP and hospital.

That's certainly true. None of his changes that existing access, though. Opting out of this doesn't affect the ability of hospitals and GP surgeries to electronically communicate, and that won't change if you do opt out. It's about sucking the data out of GP rcords for the purposes of populating this system, and the "research and planning" functions, including where that data may end up.

To be clear though, I'm not advocating that people should or shouldn't opt out. That, in my opinion, is both nuanced, and a personal judgment call.

What I am advocating is that, first, everybody should definitely know about it, and second, if they care, they NEED to act soon, or the decision will be irrevocably made for them by inaction.

I'm pretty sure quite a lot will be happy for this to happen, and probably most won't give a hoot either way. But for those that do care and do object, pull yer finger out.

[The Hand]

Thanks for the heads up, my choice seemed to go through ok. I sent friends and family the link too, thumbs up guys

[Galant]

I live in Gibraltar now but was 21 years in England. I can't access the site directly - not available to people outside the UK.
There's an email to write to, so I might try that.
Shouldn't really have to use a VPN for this.

[spacein_vader]

It's worth remembering that they'll still be able to used deceased patient data to help with planning and research, and they'll be able to add those who opted out to the dataset as they die too. So it's hardly as though they'll have no data to work from.