My local NHS Trust sent me a letter. Did I, they wondered, want an NHS Summary Care Record. An electronic record of important information about my health - stuff like allgeries and medicines and not much else honest. It would be accessible to NHS staff so that if, for example, I got knocked over by a bus in Manchester, the clinicians there wouldn't accidentally give me tablets I might have a bad reaction to. In my case, as far as I can tell, my Summary Care Record would refer to one prescribed tablet and nothing else. Nothing to be worried about, surely.
If I say yes, they'll gradually add more information to my SCR. Test results from the hospital, diagnoses from my GP, even how I like to be pushed around in a wheelchair. It'll build up and build up, providing an ever-more rounded electronic record of my medical foibles, and assisting staff in treating me quicker, safer and more efficiently. Really, what's to be concerned about?
They tried to reassure me further. I'd be able to access my SCR via a special dedicated website which would be free of charge and password protected. If I saw anything I didn't like, I could get it removed. Only appropriate NHS staff would be able to access my record, and they'd only see the parts they needed to see. They'd only to be able to peek if they had an NHS smartcard with chip and pin, and their details would be recorded (for security purposes) every time they looked. Perfectly secure throughout, surely.
And yet this is the NHS we're talking about, and the NHS's reputation in IT is dire. New systems cost billions, and overrun, and fail, with depressing regularity. When my local hospital moved over to a computer-operated booking system, for example, their computer wouldn't book me a next outpatients appointment for love nor money. Even these Summary Care Records are being launched before all the national safeguarding controls are in place. Responsibility for protecting my digital health data would lie initially in the hands of Tower Hamlets NHS Trust - an Early Adopter authority - for some indeterminate length of time. Should I be concerned?
I ought to believe that the NHS Care Records Service will operate in line with the strongest security measures, but I don't. I ought to believe that confidentiality is the system's highest priority, but somehow I can't quite bring myself to. And I ought to leap at the opportunity to streamline my personal healthcare and get treated better, but I'm uneasy. All I can see is an unwieldy IT system designed by greedy companies and operated by fallible humans. Paper records may not be efficient, but at least they can't be lost, stolen or compromised electronically.
At least I can opt out of having a Summary Care Record if I so choose. A word with my GP will do it, or a downloadable form, or I can leave details at the (scarily-named) www.nhscarerecords.nhs.uk website. So long as I act within three months no SCR will be created, and everyone can carry on passing round my information via inefficient 20th century channels. I'm sorely tempted.
My local NHS Trust sent me another letter, addressed someone who used to live in my flat 10 years ago. He's not lived in this country for years, but the Tower Hamlets NHS computer still thinks he's here and wants to set up a SCR for him too. If I don't send back his envelope marked "not known at this address", he'll be opted in to this digital system whether he likes it or not. If NHS computers can get that wrong, what hope confidentiality and security for the rest of us?
