[Previous] [Contents] [Next]

PROTECTING PATIENT CONFIDENTIALITY

13 SUMMARY OF CONCLUSIONS AND RECOMMENDATIONS

CHAPTER 3 CONCLUSIONS

• The Data Protection Act 1998 places a legal duty on data controllers to process data fairly and lawfully, to use no more data than is necessary for the task and to retain it for only as long as it is needed.
• The Human Rights Act 1998 guarantees respect for a person's private and family life. Under the terms of the Act, this right to privacy may be overridden, but only when there is a lawful reason to do so.
• The common law further reinforces the need to obtain patient consent before sharing information.
• Professional guidelines require clinicians to ensure that patients are informed about how information about them is used and that consent requirements are met.
• A substantial organisational framework for protecting the use of patient identifying information already exists in Scotland.

CHAPTER 4 CONCLUSIONS

• There is a need to weigh-up individual rights and claims to confidentiality against the rights and claims of individuals and the whole community to better health and to protection against threats to ill health.
• The use of information about patients is necessary for treatment and for the operational management of NHSScotland. When used for management purposes the information can often be provided in a form that does not enable individuals to be identified.
• Epidemiological research often relies on information derived from very large numbers of patient records. Such research rarely involves direct contact with patients.
• Health professionals already seek informed consent before enrolling patients in clinical trials. The consent process covers any use of patient identifying information.
• The culture of patient-centred care should extend to the use of patient information.
• There is scope to review many existing information flows to confirm their compliance with the law and good practice and that they are in the interests of patients and the public.
• There are differing views on the relative importance of time taken to discuss uses of information compared with spending time on treating the patient. It is CSAGS' view that the law requires patients to be informed; the question is the level of detail that should be given and when should explicit consent be sought.
• There is widespread concern amongst health professionals that complying with the law and other confidentiality requirements will inhibit their ability to provide the high quality data needed to improve standards of healthcare.

CHAPTER 6 CONCLUSIONS

• NHSScotland staff need to be fully aware of legal, professional and organisational requirements and procedures. They should also know how to deal with enquiries from patients.
• Most patients do not have a full understanding of the ways in which their information is used. They have a right to know more.
• Methods used to inform patients must be practical and cost effective and as far as possible integral to their overall care.
• A national awareness campaign would not fully meet the legal obligations of data controllers but it would help to make uses of patient identifying information open and accountable.
• When patients come into contact with the NHSScotland, the uses to which the information gleaned from that episode might be put should be explained.
• Patients should be informed about both specific and more general uses when using local health care services.

RECOMMENDATIONS

• The Scottish Executive should organise a national awareness campaign for staff, patients and the public.
• This work should include working with patient and staff representatives to produce a generic information leaflet on NHSScotland uses of patient identifying information for use throughout the Service.
• The Scottish Executive should offer guidance to NHSScotland data controllers on how patient contacts with the NHS should be used to provide fair processing information.

CHAPTER 7 CONCLUSIONS

• Uses of patient identifiable information can be broadly categorised to provide guidelines on information and consent requirements.
• These categories allow for implied consent in some circumstances, require explicit consent in others and recognise specific situations where data can be used without consent.
• Consent, whether implied or explicit must always be preceded by effective information for patients.
• Explicit consent is best practice and should become the norm as better informed patients share in decisions about the uses of information about them.
• There are some circumstances where, even though explicit consent would be best practice, implied consent can be accepted in the interests of the health of the population and future health needs and improvements. It is only acceptable if patients have been clearly informed about the uses to which data may be put. In addition, data controllers must only use the information needed for the task in hand and have a strict code of confidentiality in place.
• Patients have the right to 'opt-out' but must be made aware of the implications for themselves and others and of any operational impediments.

RECOMMENDATIONS

• SEHD should adopt the categorisation set out in paragraph 7.7 and ensure a review is undertaken of all data flows which need to use patient identifiable information to ensure compliance with the principles we have proposed.
• SEHD, in consultation with professional bodies, should produce guidance for NHSScotland staff on the circumstances and procedures in situations where 'legal defence' can be a justification for over-riding consent requirements.
• An independent body with adjudicatory powers should be set up to consider and rule on any disputes concerning consent requirements which cannot be resolved within the NHSScotland and SEHD.

CHAPTER 8 CONCLUSIONS

• Consent is not required where information has been acceptably anonymised but patients should still be informed of its use.
• Even if data may be processed lawfully without consent, they should be anonymised wherever possible so as to meet the third data processing principle.
• The establishment of a central anonymisation service for national uses of patient derived data is a challenge but is feasible.
• Local NHS boards should be able to choose whether to use the central anonymisation service or set up their own local systems using nationally agreed standards.
• One objective of an anonymisation service should be the creation of a supply of data which meets nationally agreed quality standards and which would be easily accessible for bona fide health researchers, etc.
• Legislation may need to be considered to support a definition of acceptably anonymous.

RECOMMENDATIONS

• The Scottish Executive should develop an action plan based on the recommendations of the recent feasibility study into acceptable anonymisation. We expect this process to confirm the development of an anonymisation service is both feasible and necessary. If so, the intention should be to develop a central service for national information flows with local NHS boards having the option to either use the national service of develop their own systems. Local systems should apply the same data standards as the central anonymisation service.
• SEHD's programme of work to establish the CHI number within hospital systems should continue, as it is vital in supporting direct patient care.
• The CHI number should not be used for other systems or agencies unless it is with patient consent.

CHAPTER 9 RECOMMENDATIONS

• CSAGS thinks that NHSScotland should introduce IT systems supporting direct patient care at a local level that offer strong facilities for managing access to patient identifying information according to agreed clinically managed protocols. CSAGS supports SEHD's proposal that this is to be achieved progressively over a three-year period to 2004.
• SEHD should ensure there is a system to allow reports of any breaches and lessons learned to be shared.
• The Performance Accountability Framework should include performance targets for Confidentiality/ Caldicott issue, SEHD should help NHSScotland Data Controllers to achieve them.

CHAPTER 10 CONCLUSIONS

• CSAGS recognises that Scotland is a world leader in the use of information derived from patient records. We also recognise the important role such information has in improving the health of the people of Scotland, supporting healthcare and enabling it to develop. We are acutely aware of the concerns that exist within the health community that the law as it presently stands is placing this in jeopardy. We are also aware that many health professionals remain unconvinced that administrative action alone will resolve the situation.
• We have had to balance these views with those held by others, mainly from outwith the NHSScotland, who have strong reservations about legislation. In a patient-centred service, the implications of any legislation which restricts rights of individual patients and risks a loss of confidence in the service must be taken seriously.
• CSAGS has moved some way to address the concerns of those within the Service by proposing the inclusion of many public health and disease registry information uses within the category for implied consent (section 7 refers) while steps are being taken to address requirements of patient awareness and re-design data recording systems. In section 8 we have outlined the potential for anonymising much of the sensitive data currently being used. In all the circumstances we remain of the view that legislation is not the favoured solution.
• We note that the Scottish Parliament has the authority to change the law on consent. It could make these changes on a temporary or permanent basis. CSAGS has concluded that whilst steps are being taken in other ways to help NHSScotland comply with the law as it presently stands in Scotland, legislation should not be pursued, at least until changes in process we have proposed are implemented and their effectiveness monitored.

RECOMMENDATIONS

• Legislation should not be pursued to change current common law duties of confidence while the other changes recommended in this Report are being implemented.
• The Scottish Executive should maintain contingency plans to enable legislation to be brought forward in the event that the ability of NHSScotland to change its procedures to comply with the law as it presently stands proves to be inadequate.
• We recommend that the recommendations made in this section are reviewed in April 2004 to see whether it has proven possible to develop information systems that are both compliant with the law and that enable the supply of information in a form which makes it possible for research and other activities to continue effectively.

CHAPTER 11 RECOMMENDATIONS

• SEHD should be required to promote training and an implementation strategy for all levels of NHSScotland. An urgent requirement is to issue a new code of practice on patient confidentiality to all those in NHSScotland.

[Previous] [Contents] [Next]