The Department of Health has accepted concerns raised by MPs about the lack of sufficient safeguards to protect privacy and security of electronic patient records.
The Health Select Committee published its report in September on the automation of patients’ healthcare data, setting out a slew of recommendations.
In its response, published this week, the Department has agreed to comply with most of the Committee’s recommendations.
The Summary Care Record (SCR) will include a single standardised front screen to display key health information that can be accessed in “unscheduled settings,” such as emergency care, walk-in centres, and out-of-hours services.
If information beyond basic allergies, known adverse reactions to drugs and other substances, and prescriptions in the past six months is to be added, this will be agreed with the National Clinical Reference Panel, it has pledged.
The Department also reiterated that patients will be fully informed before SCR is rolled out, that they have a choice as to whether they want to have an SCR.
Patients will also be allowed to specify what it includes, who can see it, and they will be entitled to view it through the Webspace website, which is behind access controls.
Patients will be able to restrict access to those parts of their SCR that they consider to be particularly sensitive with the use of “sealed envelopes,” and access to this information can only be provided with the patient’s consent.
But the government did not accept that this information should be not be available for “secondary uses,” such as research, as recommended by the Committee.
“Patient consent to the use of anonymised or effectively pseudoanonymised data is not required by law, and the use of such data for secondary uses…is both accepted and actively promoted by the relevant professional and regulatory bodies, “it said.
The Committee also had serious concerns about the planned security systems to be used by BT, calling for independent evaluation, for this to be made public.
The Department said that it already operates this system, but it has refused to make the information public, on the grounds that this could itself pose a security risk and stood to become the target of criminal exploitation.
Government response to Health Committee Report on the electronic patient record. www.dh.gov.uk