Skip to main content

Electronic Patient Record

Volume 472: debated on Thursday 21 February 2008

[Relevant documents: Sixth Report from the Select Committee on Health, Session 2006-07, HC422-I and II, and the Government response thereto, Cm 7264.]

Motion made, and Question proposed, That the sitting be now adjourned.—[Tony Cunningham.]

I hope to make quick progress in my contribution as Chairman of the Select Committee on Health to give others, both members of the Committee—three are currently present—and other hon. Members, the opportunity to have a say on our report on the electronic patient record.

The terms of reference for our inquiry were:

“What patient information will be held on the new local and national electronic record systems”,

including whether patients may prevent their personal data from being placed on the system. That issue has been running around in certain quarters of the media for a considerable time.

We also considered who will have access to locally and nationally held information and under what circumstances, whether patient confidentiality can adequately be protected and how data held on the new system can and should be used for purposes other than the delivery of care. Clinical research is an obvious such purpose, and most hon. Members know that there are two reasons why we are successful at it as a nation. First, we have a national health service—we have had it for 59 years—which tends to bring together clinicians in both the public and private sectors, particularly in the pharmaceutical industry and other related industries. Secondly, we have conducted a wealth of research, which has led to great improvements in patient care in our health service.

We examined progress on developing the NHS care records service and the data spine and why delivery of the new system is up to two years behind schedule. One or two hon. Members present, particularly the hon. Member for South Norfolk (Mr. Bacon), have become expert on that, and no doubt we will hear a few words from the hon. Gentleman later.

We received 70 pieces of written evidence, which were submitted by academics, lawyers and IT companies as well as by a number of staff and patient groups. The Department of Health also provided us with an initial memorandum and sent additional submissions on 12 June and 16 July. We held oral evidence sessions between April and June.

We made a number of visits to different parts of the globe. Hon. Members may have seen the interesting article in The Independent last week, which included a record of how money has been spent by Select Committees. We came fourth in that list—we were not in a medal position. We went to Nashville, Tennessee, not because we are particular fans of country music, but to talk to the people who are implementing the system there. One of the most detailed care record systems in both the community sector and the acute sector, as we call it in the UK, is in a children’s hospital in Nashville, which is also a teaching hospital. We saw exactly how it helps the clinician and the patient in situ in what we call the secondary sector.

We also examined the US veterans—not veterinary—administration, which has a database of some 6 million records of vets. We think that it is probably the biggest such database in the world, although it does not match the scale of ambition in the UK. It was good to talk to people who have been involved in it for many years. One thing that we learned was that, when there were the disastrous problems caused by the hurricane in New Orleans and all the local systems were shut down, the health care of the veterans who got out could continue because of that database. It worked well, and those people’s needs were not lost.

We were supported by the wealth of the Committee’s secretariat—I pay tribute to them once again—because our service in the House as overseers of what happens in Government and wider health care issues is well served by our permanent advisers. We also had three advisers whom I wish to thank, Professor Ross Anderson, Dr. Jem Rashbass and Professor John Williams, who advised us on the details of the inquiry.

We considered matters under four headings, which I shall run through to give a flavour of what we did. The first was an overview of electronic patient record systems. As I have said, we went out to the United States, and we also went to Canada to examine what was happening there. We also went to Amiens in France to see the hospital system and to Paris. We were able to do international comparisons of what is held, where it is held and how it is used. We also went to Homerton hospital, which is here in London, to see what happens to the detailed care records there.

We came out with the idea, which forms part of our recommendations, that

“The EPR is essential and is the top priority for improving health care. The installation of a comprehensive IT system is a long journey best managed by a staged and piloted development not a big bang approach.”

Hon. Members might give their views on that later. We believe that

“The input of end-users is vital in planning, design and implementation.”

As my hon. Friend the Minister knows, our report states that that could be greatly improved in the UK system in some instances.

We concluded that

“Local flexibility is essential to allowing continued use of effective systems already in place, as is interoperability if local systems are to communicate with one another.”

I have personal experience of that; years ago, my local hospital could not talk to the local general practitioner’s service. They both had computer systems, but when they wanted to put out a report on discharge into the community, it was fed out on paper and sent in the post. In this day and age, that should not happen, particularly if somebody being discharged from hospital has a continuing care need. The record should be passed over as efficiently as possible.

We also found that

“EPR systems make more personal health data accessible to more people,”

but that

“breaches of security and confidentiality must be regarded as serious matters.”

I shall have more to say about that in a few minutes. Our final conclusion in our overview of EPR systems was:

“The support of the public must be obtained. The fact that EPR systems are essential for the delivery of modern health care and can improve communication between different health care staff and between staff and patients must be adequately publicised to users of the NHS. We believe this would help to convince people of the necessity and benefits of the EPR and reduce resistance where it exists.”

The second matter that we considered was the summary care record—the concept of having 60 million individual summary care records on one database—which has grabbed headlines for a number of years. It is likely that that record will be in several places rather than on one database, but they will be interoperable. The summary care record is still being piloted, and hon. Members will read in some detail what we have said about the pilot.

One thing on which we partly agreed with the Government, although not totally, was the use of what are called “sealed envelopes”. They are a way of protecting things that someone would say to their doctor but not to their partner—for example, something about their health that they would not want a member of their family to know. There is a legitimate way of making such information unavailable on first instance to anybody accessing the summary care record. We stated:

“‘Sealed envelopes’ are a vital mechanism if sensitive information is to be held on the SCR.”

We recommended two things. The first was that:

“The right to break the seal protecting information in “sealed envelopes” should only be held by patients themselves, except where there is a legal requirement to override this measure”.

I shall not second-guess what such a requirement might be, but matters could arise in the criminal courts.

Will my right hon. Friend, the Chairman of the Select Committee, say whether his Committee considered what the British Medical Association and others have been calling for some time, namely that there should be explicit individual consent before health care information is held centrally or accessed remotely? Is he attracted to that principle?

Personally, no, and I do not think that the Committee would have found that the system should be opt-in as opposed to opt-out. I believe in the opt-out approach. Sealed envelopes are a completely different situation, and people will decide with their clinician what should go in them. The Committee and I believe that it is important that access to the sealed envelope should be at the patient’s behest, and in few other circumstances. Perhaps there should be a legal requirement in that respect.

The right hon. Gentleman knows, and the report reflects, that the technology required for sealed envelopes is not available yet and therefore was not available during the Bolton trial. How much does he think that weakens the effectiveness and relevance of that trial?

I do not know the detail of those pilot schemes. We have read about them, and we had a presentation on them down here, as opposed to up in Bolton. The presentation was held here mainly for time-management reasons, but I would have liked to go into the field and see it in situ. I can only say that if any information in the pilot was that sensitive, it probably would not have been added to it at all. It is true that, technically, we are not quite there yet with the sealed envelope, but it is quite feasible to lock something into an IT program that people would not be able to access unless many levers were pulled.

Our second recommendation about sealed envelopes is that they

“should not be made available to the Secondary Uses Service”,

but the Department disagrees. In the Government response, the Department accepts our first recommendation about sealed envelopes, but not the second, saying:

“Patient consent to the use of anonymised or effectively”—

I always struggle with this awful word—

“pseudonymised data is not required by law and the use of such data for secondary uses, including research, is both accepted and actively promoted by the relevant professional and regulatory bodies.”

I accept that it is possible to take information out of my records so that I am not identified as an individual, and I do not think there is a problem with that. If we were starting with a blank piece of paper and did not have the history of the past three or four years, I might agree that that would be all right, because information can be anonymised. In those circumstances, using it for secondary purposes might not be difficult; indeed, we have been led to believe that other areas of medical research do that now.

We are not starting from a blank piece of paper, and the system has not been up and running for many years. People are being asked to commit parts of their medical records that they would not share with family members into a system. I do not disagree with that inasmuch as it can be sealed and put away, but I ask the Government to rethink allowing sealed envelopes to be used by secondary users at this stage in the development of the NHS IT programme. I am not saying that we could not do it in years to come.

Sadly, a number of health professionals in this country are actively campaigning against any of this being introduced, suggesting things that will happen with the system. On one website that I looked at this week, a practice is getting people to opt out, saying that the records will be sold to pharmaceutical and insurance companies, and that the Government will profit from them. That is palpable nonsense, but it is being propagated by medical professionals in this country. We must recognise that the issue of sealed envelopes, and details about people’s health that they might not want to share with members of their family—I am not talking personally—should be considered differently, especially in view of current debate and the current situation in this country. Will the Minister consider that?

I congratulate my right hon. Friend on an excellent report. Another area that concerns me is the relationships between the individual, the medical fraternity and the care sector. I can think of many circumstances in which information could and should be shared with people working in the care sector. I know that the Committee principally considered the medical aspects of this issue, but will my right hon. Friend share his thoughts on what information could be held electronically and made accessible to people living in care homes or receiving care at home?

That area is very much part of the evolution of the system. Not all medical care is provided in medical institutions. We have interim positions between home and hospital, usually on the way out of hospital, with rehabilitation, for example. Hospices are also relevant. We have a brief on this through ePolitix, and Help the Hospices is involved in this issue. There are health professionals working in acute, end-of-life medical care for whom it might be vitally important to have information about patients that they cannot get by telephone. If an individual’s situation changes, those professionals might seek more information about their patient history. I do not see any problem with that, if that information can be accessed by health professionals. This area must be considered further, and the Government need to consider what will happen about health care provided outside a health institution.

I want to discuss another of our recommendations about the summary care record, which concerns operational security. In paragraph 127, we said that operational security depends on effective enforcement, and that:

“The Department of Health and the Information Commissioner’s Office have called for custodial sentences for people who unlawfully access personal information. The Committee welcomes this, and recommends that a substantial audit resource be provided to detect and prosecute those who access the system unlawfully.”

I am pleased that the Government have accepted the principle of that recommendation in their response to the report:

“Organisations and individuals using systems supplied by NHS Connecting for Health must abide by set conditions controlling access to and use of those systems. These mechanisms, which are already in place, ensure that only appropriately authorised NHS personnel, with an appropriate role and an established legitimate relationship with the patient, can access confidential patient information in the NHS.”

However, we often hear in the media that that is not the case. Earlier this month, I had a meeting with Dr. Richard Vautrey, the deputy chairman of the General Practitioners Committee of the British Medical Association. I told him that I thought the BMA’s press release of 1 February on this issue was scaremongering, and we had an honest and earnest debate. I said that if he had any evidence of people wrongly accessing information, I would like him to let us have it.

I have here a letter from Dr. Vautrey, dated 18 February, which gives just two examples without naming the individuals concerned. The first example is one that he cited when we met, in which:

“a patient was admitted in to a neighbouring city hospital and her full GP record was accessed on the ward by a pharmacist. She only found out when her GP told her that this had happened when she was discharged and next saw her GP.”

Of course, the pharmacist, who is a health professional, might have had a legitimate reason for doing that.

The second example in the letter

“is an incident where a PCT-employed manager persuaded a district nurse to disclose her username and password. He used these to access patient identifiable information held by a GP practice, whose clinical system was hosted by the PCT, without the knowledge of the data controller (the GP Practice) or the consent of the patients involved. Other PCT employees were also similarly accessing patient data. Members of the local General Practitioners Committee contacted the PCT but to date, no action has been taken against the manager or the nurse involved.”

I should like to know from my hon. Friend the Minister what action is being taken about people in the NHS accessing information that they should not be accessing.

We often hear about celebrities’ records getting out into the open, and one can say the same about politicians and their families. Suddenly something comes out into the public domain, normally via the media, but what action is taken? How many prosecutions are made, and how many employers take action against people who access patient records, either electronically or by looking at Lloyd George paper records in a GP’s surgery? Such things are going wider than they should.

It is important in assuring patients about the scheme that they know whether the second case that I have cited is true—hon. Members know as much as me about it. If it is true, action should be taken against the manager, who seems to have used his position to access patient data that he should not have accessed.

That said, when we looked around at the new system’s audit trail—perhaps there is a better phrase—and asked questions about it, I was satisfied that it would flag up anybody who should not have looked at a patient’s record. It is difficult to stop someone doing that; the real issue is to find out who has accessed the record and why, and the new system allows such tracing.

We are not going to stop unauthorised accessing of records, but, sadly, we do not stop it now. If someone phones someone else in the health care system and says that they are from a primary care trust or a hospital, information may be given over the phone that should not be given. The problem is with the people who run the system, not the system itself. It would be interesting to hear from the Minister, if not now then at a later stage, what action is taken when people who should not look at patients’ records do so.

Did the Select Committee look into the procedures that are followed when cards are lost and reissued? I understand that they are slack.

I may be corrected on this by other hon. Members, but I do not believe that we looked at that in detail. There are issues around lost cards. I went to a doctor’s surgery in my constituency, and they were concerned about confidentiality. I had actually gone to look at choose and book, of which I am a big fan, as are my constituents. It was a five-handed practice, and they were complaining that there were 11 pass cards in the system. I said, “There are only five doctors here. Who has the other six?” The answer was, “The people who do the letters.”

That is how such systems work. We and patients have to accept—we are all patients at one time or another—that people other than the doctor are likely to access some of their records for purposes of looking after their interests and care. That is why I asked what action is taken if there is unauthorised access to information. The Government will have to consider that matter carefully, if that type of system and its benefits are to be accepted.

On flagging up access to a patient’s record, the right hon. Gentleman will know Dr. Paul Thornton, a general practitioner who gave written evidence to the Select Committee—he is, in fact, one of my constituents. I have contacted him about this subject. He has told me that he has been able to change on the system a flag that indicates to those who look at the system that the patient does not want certain information disclosed. He was able to change that flag without notification. The right hon. Gentleman accepts that one of the crucial safeguards is that the patient in question should be notified if a record is looked at, which is even more important if a record is changed. Does he share my concern that that must be put right, if the system is not working?

The hon. Gentleman has put the matter clearly on the record. I hope that we will get a note from the Minister, when it has been investigated.

Before I move on to the third part of the report, let me deal further with the BMA and Richard Vautrey, with whom I had a meeting to discuss the issues. I shall pick up on some of the comments in a brief that he provided for today’s debate. I have no doubt that the BMA will think, “He would, wouldn’t he?” In the third paragraph, the brief states:

“In November 2007, 3000 patient details were lost when a GP’s laptop was stolen in Newport”.

That happens all the time. It happens in the Ministry of Defence and other places as well. With the people who use the system as opposed to the system itself being weak, it is difficult to know what to do. The brief states that

“in December, it was reported that a PCT had lost 160,000 patient details”.

I checked that up on the website. It was the City and Hackney PCT—a children’s trust—that lost an encrypted disc. The situation was not dissimilar, I suspect, to the discs that were lost—[Interruption.] I was not too sure about that. The major thing is that the disc was encrypted, although I do not know whether it was found.

Right. I thought that the Minister was going to say that it had been lost again.

The brief then states that the details of 25 million parents and children have been lost, which I accept. The issue involves management of systems and human interaction with them. Sadly, we can introduce all the legislation and regulations that we want, but we will always find problems within the system. My issue with some BMA members is that that is not a reason not to go ahead with using information technology to bring health care into the 21st century.

We have online banking, and some 25 per cent. of adults now bank online—I do not, but 14 million people do. It seems that nobody really worries about that. We have credit card fraud. It normally occurs when a bill is paid in a restaurant and the customer is not standing nearby. Somebody photocopies or scans the card details and then sends them on. We have to worry about that.

In a sense, I worry about the BMA, or should I say its leadership. The brief states:

“Concern about the risks of patient data prompted doctors to call for ‘the BMA to advise all its members not to cooperate with the proposed centralised storage of all medical records as this serious endangers patient confidentiality’.”

I am not a clinician, but one could well argue that not having a central database could be a matter of life or death. If I am on holiday in Torquay and keel over in the road because of a long-term condition, it may not immediately be obvious what the problem is. In some parts of the world, they have systems where medical people can immediately find out what is wrong with someone.

The detailed care record is dealt with in recommendation 229. I shall not read it all out, but we started by saying that

“there is a perplexing lack of clarity about exactly what NPfIT will not deliver. It is not clear what information will be recorded and shared on DCR systems, nor the range of organisations that will be able to share information.”

We are years down the road of developing this system, but I have to say that there is a real question mark about the development of patient records in the United Kingdom since the venture began. I am pleased that the Government have accepted the recommendation. Their response states:

“There have been changes to NHS organisational boundaries and a review of the information-sharing arrangements is already under way with strategic health authorities (SHAs) and suppliers.”

I am pleased about that. Actually, I am sponsoring a Room in the House in a few weeks’ time for my own SHA, which will bring its IT people to show Yorkshire and Humberside Members of all political parties exactly what they are now doing. I know that we have had some restructuring of SHAs, but that should have been done years ago, and the public should have been seeing things like that years ago. I am pleased that that will happen.

I must revert to what The Independent called our “expensive” trip. We saw a detailed care record in situ in a hospital. Health professionals go to a single screen to start with. They can examine blood tests going back over weeks, if not months, and consider the issues, even if the patient is under anaesthetic in a theatre situation. We did not go that far, but we saw that they can access information, and we saw the amount of information that is held in a detailed care record. The improvement in patient safety is a really good thing.

The Committee and I were surprised that the detail of what will be on the care record has still not been agreed overall. However, we saw the interface at Homerton hospital, although Homerton was pre-this system. Two London hospitals are now up and running with the working detailed care record system.

Who will hold the detailed care records? Obviously, they will be held in general practitioner surgeries and possibly at the local hospital, too. However, if, for example, someone has an unusual condition and comes to London now and again to see a specialist, would the information be shared with that specialist? Such questions still abound. I do not have a problem, but we ought to know by now the exact make-up and shape of the detailed care records.

I have been listening carefully to the right hon. Gentleman’s speech. The recommendation that he has just mentioned states that there is a perplexing lack of clarity about what exactly the national programme for IT will now deliver. It states that

“it is surprising that the architects of the DCR were not able to provide a clearer vision of what is planned.”

Most people would agree that it is nothing short of extraordinary that that should be so, six years after the Downing street meeting. In a sense, however, it is not the slightest bit surprising, because during 2002-03 the contracts were let at enormous speed before the Government had decided what they wanted to buy and before the suppliers knew what they were expected to supply. All the problems stem from that, so it is not surprising at all.

That matter can be complex. Presumably, the detailed care record kept by a clinician working in a GP’s practice would be a bit different from a GP’s care record in a local hospital, because not everybody goes into hospital. However, if someone were to enter hospital, additions would be made to that record.

The Committee has commented, although not in great detail, on the length of time that the programme has taken. The report states more than once that there is a lack of clinical lead in some of the relevant areas. The scheme has been left to techies on many occasions—don’t get me wrong; I am not against techies—which is why, in part, it has lost the support of some in the profession and some professional organisations, too. That should have been foreseen, and those responsible should have ensured that there were clinical leads.

The places that are up to speed, such as Homerton and others, are in that position because clinicians have taken responsibility from day one and said, “This is what we want to do. This is how it can help us, as professionals, and how it can help our patients.” Talking to people who have been involved like that has a different effect from reading press releases from the professional organisations and associations that represent those people.

Is it not the case with a mega-billion pound project such as Connecting for Health, the costs of which are £12.5 billion at the moment and still heading north at a fair old rate, that what is needed for a satisfactory, secure and effective system is intelligent clients in the NHS who are alert and familiar with major system IT concepts? The continuous outsourcing in various organisations within the NHS over a long period has meant that those building the systems have not dealt with such people, which accounts for some of the flaws.

We have not examined the technicalities. Outsourcing can be a great strength in the public sector. I will not go into great detail, but the Committee has examined one or two areas in which there could have been better management inside the NHS—let me say no more than that. In my view, leaving things in-house will not necessarily get things done. A few years ago, we investigated work force planning, which has not been subject to a debate yet. We found a lack of strategy and a lack of involvement by professionals in work force planning. When people arrive outside organisations, they move inside—it is not outsourcing as such; it is about bringing people in.

This is information technology, and the systems are not being built with equipment that was invented five years ago. As the system has been built up, new things have come on to the agenda, such as digital imaging. We now have a database of digital images, which is extraordinary, because it was not planned in the early days. That is an extraordinary advantage for both patients and clinicians.

We talked to clinicians in Homerton hospital who could look at an X-ray—not an X-ray as we know it, but a digital image—and discuss it with other clinicians in different places inside the hospital. So three or four clinicians in different places were looking at an image that they had accessed on their system and were discussing it without having to meet. We were told that normally it would take about an hour for everybody to clear the decks so they could meet in the same room, but somebody would still be wandering around the hospital looking for the X-ray. Some good developments that were not initially planned have taken place, and they are really helping our constituents and other people.

I visited the Norfolk and Norwich university hospital in 2001 when it was scarcely open and saw its digital imaging equipment. They had not even pulled the polythene off the equipment, but they were proud of what it would enable them to do, just as the right hon. Gentleman has described. Will he acknowledge that that technology predates the national programme for IT in the health service, that it has nothing to do with that programme and that the picture archiving communications system was not added to NPfIT until September 2004?

Yes, it was added. Any IT system anywhere, whether in the public or private sector, does not just start and evolve on one day when it is decided that this is how it will be; it evolves over many years. Beyond PACS, other things have been added. Choose and book was not massively thought of at the time, but the hon. Gentleman should talk to people who can now visit their GP and come out knowing which hospital they are going to, at what time and on what day, and which clinicians they will be seeing. Just a couple of years ago, they would have been waiting for a fortnight for a letter that would probably have given them a hospital clinician that they did not know about and a time it was impossible for them to make due to work or family commitments. Such things have moved on in leaps and bounds. We have to recognise that millions of people in this country are benefiting from some aspects of what is happening now that were not necessarily laid down and thought about when the programme was set up. At that time, I assume that people were talking about the data spine and different types of patient records, for example.

There has been a call for a review of NPfIT, to which the hon. Member for South Norfolk was probably party, although I do not want to put words into his mouth. The report states:

“Whilst we understand the reasons for this, we do not agree that a comprehensive review is the best way forward. First, many of the questions raised by the supporters of a review would be addressed if Connecting for Health provided the additional information and independent evaluation which we recommend in this report. Secondly, the programme has already been scrutinised by the National Audit Office, the Public Accounts Committee and ourselves. We therefore recommend that…The implementation of DCR systems be addressed in the short term by increasing both the local ownership and the professional leadership of the programme; and…The ongoing review by Lord Darzi on the future of the NHS include in its remit the long-term prospects for using electronic systems to improve the quality of care, particularly for the growing number of patients with long-term conditions.”

The Government say not only that they accept the recommendation, but that they are

“pleased that the Committee recognises that a comprehensive review of the Programme at this stage is not necessary”.

One of the biggest critics of this programme, in its totality, was one of the Committee’s special advisers, Professor Ross Anderson, who had been campaigning against it for years, yet he advised the Committee in relation to its particular inquiry.

I shall move quickly to the secondary uses service. My hon. Friend the Minister knows what I said about sealed envelopes earlier, and I still believe that that is the case. The report states:

“The Department has acknowledged the need to take advantage of the research opportunities offered by”

the secondary uses service

“and has established a partnership with the UK Clinical Research Collaboration to achieve this. We welcome this, but researchers nevertheless told us that much more could be done to maximise these opportunities.”

We made several recommendations in relation to that. One was that we should

“Mandate the use of the unique patient identifier, the NHS number, in all health service interactions in England”.

The Government are committed to dealing with the issue and have accepted some of our recommendations, particularly on the NHS number. They have also accepted our recommendations on developing appropriate linkages between databases, and they have established the research capability programme to investigate the effectiveness of the process, the role of safe havens and third-party brokers, and appropriate governance arrangements, which is all to the general good.

In paragraph 284, we made the following recommendation:

“There is an urgent need to address these problems, especially as the amount and type of data potentially available through the SUS will proliferate rapidly in future. We recommend that the Department of Health conduct a review of both national and local procedures for controlling access to electronic health data for ‘secondary’ uses.”

We then listed the areas that the review should examine—again, the Government accepted that.

We received a brief for today’s debate from the Royal College of Nursing, which talks about secondary uses. People often think that this is something that is likely to interest only researchers and academics, but the RCN states—I suspect this might be earlier in the patient care record—that the secondary usage of electronic patient care records

“has the potential to enable the identification of patient outcomes and best practice but also to demonstrate the effects of staffing levels and skill mix which has a direct impact on patient satisfaction and clinical outcomes.”

That professional body is taking the right approach to the issue. Yes, it says that it wants more nurses, but we all want more nurses in the right places—although we have had a massive increase in the number of nurses going into the national health service in the past seven years, we can debate whether they have all gone to the right places. Asking how we can use patient information databases, however, is the right approach to take.

The last issue that I want to raise relates to a spin-off. Earlier, we discussed digital imaging. One issue that has come across my radar in the past few months, although we did not look at it in this report, relates to a scheme in New Zealand. As part of that scheme, people who go into hospital are, effectively, barcoded, in the way that babies might be when they are newly born. A strap is put on someone’s ankle, and it has on it a barcode that can be scanned. Every time someone is given medication, the barcode will show the right dosage and everything else. There are therefore ways and means of using information technology to prevent the medical errors that we see in hospitals and elsewhere, which are causing deaths in the national health service. The New Zealand Government started looking at the scheme in the middle of last year, and although I do not think that we will be going to New Zealand to look at it—I say that even though I do not think that there are any reporters from The Independent here—we will be getting information about it. There are areas, which we have still not thought about, where information technology can help patients and professionals, and that can improve the health of this nation.

Before I finish, I must say that our inquiry was fascinating, and there was background noise about the issue in the media for a long time. For the first time since I became Chair of the Committee, the report was not unanimous, which was inevitable. Just because the report was not unanimous, however, that does not mean that it is not worth studying, particularly by the Government, so that when we set out on such ventures again, we get things right earlier than we have done in this case.

It is a pleasure to follow the Health Committee’s Chairman, the right hon. Member for Rother Valley (Mr. Barron). He has covered the issues exhaustively, but he has left a few points for some of us to add.

I have been on the Health Committee for quite some time and I thought that I had worked out how the Department arrives at its responses. I thought that if we put all our conclusions and recommendations in heavy type, that would make the Department respond to everything. However, there must be a little man or lady somewhere in the Department who goes through all our conclusions and recommendations picking out the word “recommend”. That word appears in 23 of our 42 heavy-type pieces, and those 23 are the ones that have received detailed responses. The others are brushed aside very briefly in the introductory remarks to the Government’s response, and a lot is lost as a result, because some of our conclusions make valuable suggestions about what should be going on.

Let me give one example, where we missed out the vital letters “re” and merely commended, rather than recommended something to the Department. In paragraph 42, we set out half a dozen bullet points relating to vital issues that we had picked up on our trips around this country and around the world, which the Chairman mentioned. The Government mentioned one of those issues in their introduction, but I would have liked much more detail about many of the others.

I shall go through one or two of the conclusions that were not commented on, because I want to draw the Minister’s attention to them. On several occasions, we commented on the delays that have been experienced. The hon. Member for South Norfolk (Mr. Bacon) said that there were many excuses for those delays. Things changed all the way through following the first contract, and the Government’s response points to many of the things that were added. In that respect, I support what the hon. Gentleman said. The picture archiving and communications system existed in the early 1990s, and I went to view it in Dublin in about 1993, so it is nothing new, but it is absolutely marvellous and it is now so widely distributed that it is making a huge difference.

Paragraphs 113, 114 and 115—hon. Members do not need to refer to them now—deplored the delays with the summary care record. There is no excuse for those delays because wheeling out the summary care record does not depend on other factors. We saw a marvellous example of a summary care record in Canada, and I am delighted that the Department is at least introducing a single front page for the summary care record, with everything vital on it. However, there is a sting in the tail of its response to paragraph 116, because it is obviously looking at making the summary care record more complicated. That is just not needed, because we want the complications to be in the detailed care record; we want the summary care record to remain as simple as possible.

We have had mention of the trial in Bolton. As the Health Committee Chairman said, we were going to see some of the sites where the trials were going on, but the visits were cancelled at the last moment because things were not ready. I would therefore like the Minister to tell us where the Bolton trial has got to and how quickly the rest of the summary care record can be rolled out, because it is vital.

On the detailed care record, I want to take some small quotes from paragraphs 227 and 228, which, again, the Government did not comment on in any detail. Paragraph 227 called the detailed care record the “‘holy grail’ for NPfIT”. Paragraph 228 went on to say:

“Achieving the widespread uptake of DCR systems is therefore the single most important advance that the NHS can make towards the provision of faster, better integrated and more patient-centred care.”

I can illustrate that absolutely graphically. Nowadays, single district general hospitals do not do everything, and people must go to different hospitals. A 92-year-old acquaintance of mine with severe, widespread cancer, who is very ill, was taken to her local district general hospital after a 999 call. Her treatment had been going on at the local oncology centre, which was not in the same hospital. She was so ill when she got into the district general hospital that even if the staff asked her anything she could not tell them anything; so she had another scan, having had one at the other centre days before. It is crucial that the detailed care record should be produced as quickly as possible, for safety, economy and quality of patient care. That instance, in which a poor, elderly 92-year-old lady, riddled with cancer, was let down by the fact that it was not available, is just one example.

Delays to the detailed care record follow on from delays to the patient administration system. I find that incredibly hard to understand. Most hospitals had pretty good patient administration systems long ago. I remember, in the early 1990s, helping to get people used to our patient administration system. I fail to see how the hold-ups have arisen in that very basic element. It is basic because not only does the DCR depend on it; electronic prescribing depends on it. The Select Committee Chairman has already mentioned what results can be obtained from electronic prescribing with respect to safety and economy, and how it can lead to a reduction in mistakes. The Department of Health is only too aware of that. Its initiative, which is called Coding for Success, is obviously being delayed because of the delay with the PAS. I believe that that is two years behind schedule; or it was. I would love to know—

Sitting suspended for a Division in the House.

On resuming—

I was talking about delays with the patient administration system, and was about to mention some of the things that we were told about in the inquiry. We were told that there was some evidence of progress with Cerner, and I am interested in that because I gather that, since then, there has been dissatisfaction in various parts of the south coast and London. I would like to know what the position is with Cerner now, six months after our report. We were also told that there was no progress with Lorenzo, and we need to know how that is going.

Moving on to paragraph 235, in which we missed out the word “recommend”, I thought it gave some helpful comments. It states:

“The Committee recognises the need to maintain a balance between central and local input into the development of DCR systems.”

It also states:

“The successful delivery of DCR systems depends upon the ability of Connecting for Health to harness the benefits from local as well as national input, something which it has not achieved so far.”

I wish that we had recommended that it should harness those benefits.

Paragraph 237 is an absolutely clear recommendation, and I shall read the whole paragraph. It states:

“Connecting for Health’s own role should switch as soon as possible to focus on setting and ensuring compliance with technical and clinical standards for NHS IT systems, rather than presiding over local implementation. Clear standards would allow systems to be accredited nationally but would also ensure that local trusts have a choice of system and control over implementation.”

It is not all gripes, and the response included something that we did not even put in, because it told us about the GP-to-GP transfer system, which is an electronic system to enable notes to get from one GP practice to another very quickly when someone changes GP. I would like to know whether that is working, because an acquaintance changed GP in October and saw the GP last week, but the transfer had not occurred.

That is enough of my gripes about the response. As has been alluded to, the Committee has been criticised for not making the report more condemnatory, and for not demanding a public inquiry. My reasons for not supporting demands for a public inquiry are that it would have led to further delay, and I have already said that the need for the summary care record and the detailed care record is extremely urgent.

I want to go through one or two of the problems. They have been addressed already, but I want to throw some more light on them.

On the question of the review, may I ask the hon. Gentleman two things? First, does he consider that it is impossible for a review, such as the one that has been suggested to the Committee by various witnesses, to be carried out while work on the system continues? Secondly, does he think that against the background of the problems that the Government have had in the management of personal data, and concerns that the public will have about that in consequence, the case for a review is stronger than it was when the report was written?

I find it hard to understand how a meaningful review can take place without at least having the chance of pulling the whole system, which is why I did not want to support it. I am going to come to the other point later on.

Obviously, public perception of security has not been helped by recent security breaches in various fields, including the loss of the smartcards. On 4 February, the chief executive of the primary care trust wrote a glowing article in the Worcester News about the benefits of the electronic patient record. He stated:

“The security of patient information is our highest priority. The new system will introduce a level of security higher than that expected in internet banking.”

In the same paper, there was an article reporting the comments of a neighbour of one hon. Member. I have not been able to warn him that I was going to raise the matter, so he will have to remain anonymous. However, he took exactly the opposite view to the chief executive. He stated:

“I think the collection of so much sensitive information in one place is plain daft and open to massive abuse. It is a fundamental attack on our right to privacy.”

Our Chairman has already mentioned votes of no confidence from our GPs.

On 16 February, the British Medical Journal contained two quite important articles. The first one was a report of an interview with Mike Pringle, professor of general practice in Nottingham, who said that he was recruited in 2004 with other doctors as the fourth attempt at clinical engagement. He stated:

“An even more pressing task, however, is resolving the confrontation between the NHS and medical professional bodies over summary care records shared through the NHS’s electronic data spine. At the programme’s outset, the government assumed that the benefits of shared records would be self evident and uncontroversial. As a result, Pringle says, ‘The fundamental building blocks of consensus weren’t put in place. I hold myself partly responsible. By the time we tried to build the consensus, there was also a head of steam behind the opinion that we had an unacceptable product.”

In the same edition of the British Medical Journal, Jonathan Gornall, an independent journalist, stated that he was very happy to use internet banking with sensible precautions. He went on to say:

“Likewise, I’m relaxed about the prospect of my medical records being available digitally throughout the National Health Service. In fact, as the NHS Summary Care Record pilot scheme approaches its first birthday and enters its evaluation phase, in anticipation of national roll-out I’m positively excited.”

Therefore, there are two opposing views.

I have also received a copy of a briefing from the Royal College of Nursing. I find it extremely sad that five or six years after the beginning of the project, it still has to make recommendations for involvement and development of the EPR. Six years after its inception, it is appealing for adequate resources and learning opportunities and for the nursing content of the EPR to be nationally agreed. Has it not been nationally agreed? How can it have to ask that so long after the start?

I want to end on a slightly positive note with what we can do. We need a huge publicity drive to demonstrate the benefits of the summary care record, the detailed care record, of electronic prescribing, of GP-to-GP transfer and the arrangements for security. In response to recommendation 119, the Department of Health goes into details about security, patient consent, patient ownership and the ability to limit access to sensitive information. All those things need to be spelled out. When we went to France, we were very impressed by the fact that the French people own their summary care record, which gives them absolute control over it. That is very attractive.

We need a publicity drive to demonstrate all those benefits to people. Again, Jonathan Gornall states:

“I find it reassuring to think that should I ever find myself in an emergency department, the complete strangers fighting to save my life will have access to any vital personal information that could govern how they treat me.”

I will conclude with the last bullet point from the sadly neglected recommendation 42:

“The support of the public must be obtained. The fact that EPR systems are essential for the delivery of modern health care and can improve communication between different health care staff and between staff and patients must be adequately publicised to users of the NHS. We believe this would help to convince people of the necessity and benefits of the EPR and reduce resistance where it exists.”

It is unfortunate that we are discussing electronic patient records at a time when we have had the high-profile loss of personal data that was stored electronically. That means that people are both sceptical and fearful of agreeing to the electronic storage of confidential information.

I also regret that the whole debate about the important national programme for IT in the NHS has become so party political. It is strange to me that a programme that is focused on the delivery of a safer and more efficient health care system in the NHS in England has been politicised and attacked in such a way, possibly for short-term partisan reasons. I hope that we all agree that we need to rise above that. We need to use the full potential of modern, scientific and technological advances so that we can treat patients better, and give them more information, choice and control. We need to bring health care closer to patients’ homes and tailor it more to patients’ individual needs. Part of that process means empowering doctors, nurses, and other professionals to deliver that care. That means that those professionals must have appropriate training and appropriate access to IT.

I believe that the electronic patient record can play a very important role in encouraging that because it will encourage the appropriate sharing of patient information. That means that patients can be properly treated in community settings. Already, we see how the picture archiving and communications systems have meant shorter waits for reports and for follow-up consultations. I know that PACS is not new, but alongside the electronic patient record, it gives tremendous potential to improve patient care.

Last June, the Health Committee saw the system in operation at London’s Homerton hospital. There, as the Chairman of the Committee, my right hon. Friend the Member for Rother Valley (Mr. Barron), said, health professionals no longer have to wait for X-rays to arrive on their desks; the images can appear on screen in many different parts of the hospital. Therefore, clinicians do not have to wait for them in order to get together for a meeting. They can discuss the image without delay.

Also at the Homerton, we saw that the system allowed patients to have their clinic appointments booked electronically, with even consultants deigning to type from a keyboard on to the computer screen. That meant that patients could have information about their appointment in their hands before they were discharged. There was none of the nonsense of waiting for a letter to be typed—sometimes, I believe, even in India—before the patient could be informed of their appointments.

In the 21st century, it is vital that the national health service does not have to rely on paper, the post, faxes, phone calls and even taxis delivering X-rays to other care providers, which still occasionally occurs. With patients increasingly being treated at different locations, proper systems are vital. We must deliver properly networked systems for moving information electronically on a secure basis. That is basic.

Of course there are genuine concerns and anxieties about confidentiality and security. Those must be taken seriously, but let us not kid ourselves: that problem is not new. Various hon. Members have cited the Royal College of Nursing’s survey of its members. It found that two thirds of its nurses welcomed the introduction of the electronic patient record but, interestingly, 30 per cent. of them said that the security of the system would not be any better than that of the paper records currently used in health care. They recognise that the present system is not secure. Anyone can access a paper record and leave no calling card. With a proper secure system in place, any access to an electronic record is logged and can be audited and accounted for. However, the public, patients and professionals are right to be concerned about whether proper safeguards will be put in place.

Not enough has been done to explain the benefits of EPR systems. They will deliver much. They will not only improve communication between different health care staff and between staff and patients, but help to reduce the number of errors. We have heard about that already. They will also assist doctors with diagnosis and treatment, which is an increasingly complex issue. We saw at Homerton hospital how having the various options on screen helped doctors to narrow down the alternatives. However, that can happen effectively only if there is sufficient buy-in by health care staff and patients, so increasing local ownership must be a key priority for the programme, and not just in hospitals.

The Health Committee saw how local negotiations with suppliers and the system designers at Homerton hospital paid dividends, with what appeared to be—at least this is what we were told—full buy-in by all professional staff. I appreciate that that will be difficult to replicate country-wide—this was a pilot—but if hospitals, health clinics or GP surgeries are left out of the loop, there will be no incentive or enthusiasm to make the system work, which will have predictably poor results.

The consent arrangements for creating and adding information to the summary care record and for patients to restrict access to particularly sensitive information in the so-called “sealed envelopes” have not been well handled. Concern about recent private information data losses have made that even more difficult, because everyone recognises that maintaining the security of patient records is a significant challenge, but as we have heard, that has been done in the banking sector. Of course there have been mistakes and some elements of fraud, but we must recognise the need to make progress. Although paper records are no more secure, I recognise that the potential for the loss of large numbers of patient records is much greater under any EPR system. Clearly, people will be worried about that. That has to be recognised. It is important that we address the difficult balance between the need to protect patient privacy and the opportunities for beneficial health research. In that situation, patient privacy must always be the greatest priority; secondary uses must come second to patient confidentiality.

We all want to see the end of the delays in the introduction of the EPR system, but we must ensure that any move forward is not made by cutting corners on procedures and on clinical and technical standards. Those must be absolutely paramount. Unless we can prove that patient confidentiality and the security of patient records will be the No. 1 priority, patients will not buy into the system and then it will not be as effective. That said, we must recognise the huge benefits that will come from the EPR eventually.

In the ePolitix selection of responses to the debate, the responses of two organisations—Help the Hospices and Homeless Link, one of which has been mentioned by the Chairman of the Committee—jumped out at me because they helpfully identified two vulnerable groups that will particularly benefit from the EPR. Help the Hospices stated:

“One of the key barriers to providing good care which meets the needs and desires of patients who are dying is the availability and continuity of records which clearly record their condition and their wishes. Without these there is an unnecessary burden on the patient and carer to repeat their history to every new care provider, to keep professionals up to date with changes in care and condition and to ensure that the wishes of the patient are met. These challenges are particularly acute towards the very end of life when conditions deteriorate rapidly and can occur out of normal working hours. It is vital that all those involved in care can access the right information.

The Electronic Patient Record system has the potential to make a significant difference to the appropriateness of care that individuals receive and will help more people to die in their place of choice.”

Similarly, Homeless Link stated:

“The low level of registration with GPs, particularly amongst street homeless people, consequently means that they have a higher usage of A&E for primary care purposes than the general population…Electronic records do offer the real potential to give homeless people a better continuity of care, can mean that records are less likely to be lost for people moving frequently and that street homeless people in particular can receive better more informed emergency treatment.”

We owe it to them and, indeed, to all patients to ensure that we get the EPR right. That will allow us to ensure that vulnerable people in particular get the benefits of that system. We must ensure that we have a 21st-century NHS, not a 20th-century one.

May I start by saying that this is an excellent report? I do not say that simply to ingratiate myself with the members of the Committee assembled here, although that is worth doing, but because it is true. The report is very balanced in tone, well researched and clear. It follows another very good report on the same subject by the Public Accounts Committee, which in turn followed a report by the National Audit Office. The PAC report focused on four problem areas: the delays, the failure to quantify benefits, the lack of capacity among suppliers and the lack of genuine clinical engagement. All those matters were taken up by the Health Committee, so I think it is fair that I concentrate on them.

The Health Committee came up with some good suggestions on delays, with which the Government appeared to agree—I emphasise the word “appeared”. One suggestion was that local strategic partnerships should publish detailed timetables for implementation. The Government response states:

“The Government accepts these recommendations”

but, clarifying that acceptance, they say:

“Responsibility for deployment, including planning and timetabling, has now been transferred to the local NHS, who agree the deployments with suppliers in line with the suppliers’ capacity and their local NHS business circumstances and implementation slots…This is therefore removing much of the earlier uncertainty for trusts”.

If only it did so. The response does not actually say that a detailed timetable will be forthcoming.

The Health Committee also made a sensible suggestion on the deadline that should be set for the ill-fated Lorenzo project, which, as we know, has had considerable problems getting off the ground. It is the crucial patient administration system that we are all waiting for. The Government say that they agree with that, stating:

“Although the delays to the delivery of the Lorenzo system have been disappointing”—

putting it mildly—

“deployments are scheduled for early adopter sites in the summer of 2008”.

We await that with bated breath. The Government then say:

“The NHS and suppliers are working together to ensure that Lorenzo can be delivered within the terms and life of the contract”.

We would expect no less, frankly, and that is what the NHS and suppliers have been doing for some appreciable time. Of course, there are serious worries because iSOFT, which makes and provides Lorenzo, is being taken over by an Australian firm for which such work is not core business. The sensible recommendations have not been responded to with the vigour that one might expect and hope for, but the Government do not dissent from them.

The second issue that the PAC and Health Committee lighted on was a failure to quantify benefits or to undertake a serious cost-benefit analysis. That point has been dealt with in interventions and comments today, but it is worth repeating the most damning passage in the whole report, which states that there is a perplexing lack of clarity on what Connecting for Health will now deliver. The report also states that it is not clear what will be on secondary care records, how they will be used or in what situations they will be needed. The report states that

“it is not clear what information will be recorded and shared on”

the detailed care record. The Government cannot have a serious cost-benefit analysis if they do not know what they are endeavouring to do in the first place.

I do not want to be picky, because no one can be against the digitalisation of data, or better accessibility to, and sharing of, clinical data. That is a personal point: my last five medical appointments have been with five different doctors, and every time I have had to launch into a narrative as the prelude to sensible consultation with a medic. Nobody is against tele-medicine, a good internal mail service, image transition or electronic prescribing, because it is all good stuff. It is arguable whether we need choose and book or the complexities of the tariff, but I think there is cross-party agreement that the other developments are bound to happen and that that is a good thing.

The choice has always been whether to grow the services, whether to impose or commission them en bloc, or, taking an expression that was used earlier, to have the big bang. Commissioning en bloc has not been demonstrated to be obviously cheaper or technically necessary, if there is wide agreement on IT standards and ways in which data are going to be formulated, expressed and transmitted. The situation will not be helped if the project is, as I have described it, underspecified; if we end up with a high risk of supplier dependence simply because there are few suppliers, which appears to be happening; or if there are high risks for the health bodies, which are basically getting on with looking after patients in the meanwhile. There are serious problems up and down the country while hospitals wait for the perfect patient administration system to come over the horizon. Hospitals have issues about what to do with their legacy equipment, when to spend money, and how to cope with the other new demands that the NHS imposes on them.

My GPs have a slightly different experience from those cited by some members of the Committee. They say to me that choose and book is fine, even if it is far slower than they would wish. However, some of the appointments that are booked do not stay booked. When one endeavours to book with an hospital, someone phones and asks, “You are trying to choose to book, so what can we do for you?”, and then they go back to the system that they had before. In a sense, there has still been no adequate cost-benefit analysis.

Another criticism made by the PAC and the Health Committee is the lack of capacity among suppliers. No one will disagree with that—only CSC, BT and Fujitsu are really left in the big game, which is not what people want. Only the cash-rich are staying in the game, because they can hide their losses while projects develop. The Health Committee suggested some solutions, which are sensible. The Committee calls for direct local negotiation and a choice from a wider catalogue of suppliers built around common technical standards. That solution could run or fly—it could work and benefit the whole project.

Responding to that suggestion, however, the Government have said:

“There is no intention to change the contractual arrangements”,

and argue that central procurement delivers “value for money” and ensures interoperability. However, everybody agrees that big central procurement is not necessary for interoperability—it might happen that way, but it is not a requirement. Similarly, the case that big central procurement provides value for money has not been made. In the long term, we should look at interoperability that means that I can be seen adequately by a physician who knows something about me if I fall ill in London. If I were to fall ill in Paris, I would in principle like the same kind of expertise to be available—increasing migration across national boundaries is the case for that approach.

I delivered a talk to anaesthetists in Rotherham on that issue. I said that although it would be helpful and nice if whoever was looking after me had details of my record if I were taken ill in Rotherham, it was the first time I had ever been to the town. However, I have been to Paris four or five times, which is why I plead the case for interoperability outside British national procurement boundaries.

Excellent! The Committee visited France and looked at the French system, which to a certain extent is web-based. Indeed, it can be accessed from all over the world. Presumably, my hon. Friend would advocate a system such as the French one. I should add that it can be accessed only with the patient’s permission.

I would like to avoid a system whereby medical data cannot be transferred across national boundaries when necessary with the patient’s consent. In a sense, that means that I wish to back away from any arrangement that involves a lock-in to any particular provider that does not provide fully interoperable software. That is why common technical standards are so important to development. Suppliers can be here today and gone tomorrow, but we need to get the system’s architecture right in the first place.

When talking about diversity, the Government pray in aid GP systems of choice, which, frankly, was a response to the fact that GPs would not put up with what they were offered. I have had some communications with GPs in the Yorkshire area who say that they exercise their choice to have the equipment that they want or to keep their existing equipment, but that puts the strategic health authority under appreciable pressure, because it is locked into a contract whereby it has to buy equipment from a specific provider, whether or not GPs are going to use it.

I shall pass over the issue of clinical engagement—others can speak about that if they so wish. On the PAC’s three main criticisms—delays, cost-benefit analysis, and the paucity of suppliers—the jury is still out, despite this excellent Health Committee report.

Had I known that so much time would have been available, I would have prepared a longer speech. Thank heaven for small mercies.

Fundamentally, we all agree with the hon. Member for Staffordshire, Moorlands (Charlotte Atkins) that the national patient record is a good idea because access to patient data by the appropriate practitioner at the appropriate time should improve patient health, in the broader sense, and patient outcomes. However, she made a point about it becoming a party political matter. Given that the UK system is large and complex and a number of legitimate concerns have been raised, it is only right that Members on both sides of the House should query what is going on. Had concerns not been expressed about the system, its implementation and the delays, I am sure that the Health Committee would have found something else to occupy its time. After all, we are never short of subjects to investigate.

Any good functional system needs to be reliable and secure, and it should ensure full interoperability. A number of witnesses were concerned that it was well nigh impossible to ensure all three. One could have two of the three—one could perm two of the three—but achieving all three consistently was not possible.

Given the recent outbreak of scandals concerning the loss of data, I shall base my comments on data use and patient confidentiality. It is worth bearing in mind that one witness was fairly convinced that the system as it stands broke European Union data protection rules. Those are all matters that we should take seriously. Indeed, even the Deputy Information Commissioner has raised some concerns.

My first concern is that some people may wish to opt out of the system. I would encourage them to stay within the system, but people have a right to opt out if they wish. In many cases, however, they do not realise that they are able to do so. I was surprised, as a Hampshire Member, to be told by witnesses that a trial had taken place in Hampshire. It had completely passed most residents by. Dr. Braunold was candid about what had happened. She said,

“I can take you through how we are not happy to do it the way Hampshire did it.”

We were criticised for not listening. Apparently, in Hampshire a leaflet was included with the free newspapers—with the junk mail—and most people threw it away, not realising that it was there. People were opted into the system without knowing whether they had the opportunity to opt in or opt out.

Thankfully, the NHS has learned from those mistakes. Where the system is being rolled out in new areas, positive attempts have been made to ensure awareness by sending addressed letters to individuals; there is a greater chance of them being opened. The information is now being provided in many languages, and those who wish to opt out have the opportunity to discuss the matter with a health professional. I was pleased to see that the vast majority of people were reassured and that relatively few people opted out of the system in those areas.

There is a niggling doubt about how confident citizens should be about who is able to gain access to data. The Committee learned that in many situations, often because of the slowness of the existing system, smartcards can be left in the machine all day, which means that anybody is able to gain access to the data.

Some members of the Committee know that I am a pharmacist by profession, and I know that concerns have been raised about access are data in chemists’ shops. Data in pharmacies are usually kept behind the scenes, but little concern seems to have been raised about GP practices. The right hon. Member for Rother Valley (Mr. Barron) alluded to the problem. For instance, a card could be left in the machine all day long; even the cleaner could gain access to the data, because Dr. Smith had left the card in the system.

The Committee recommended that the sharing of smartcards between users was unacceptable. We also recommended that access times should be improved and that the potential for more sophisticated access systems should be investigated. The Government accepted the first recommendation, claiming that it was work in progress, but they rejected the second.

I believe that some sort of sanction is needed against people who do not use their cards properly. We heard from my hon. Friend the Member for Southport (Dr. Pugh) about the lax procedures if cards are lost. We have learned from other system failures that it is not always the system itself that has failed but the human operators; people do not always understand confidentiality issues and there is little training in that aspect. I recall asking Richard Granger in the early days of his tenure what he would to do ensure that staff were adequately trained in the NHS IT system. His rather brusque reply was that there would not be much need for training because it would be highly intuitive. Time has knocked that one on the head.

The Government rejected the Committee’s second recommendation, but their reason is interesting. Their response states:

“The Government accepts the principle of the second of these recommendations. However, NHS Connecting for Health has reviewed alternative technologies to validate staff identity, such as facial, retinal and fingerprint recognition, and concluded that these are not yet sufficiently mature to operate securely in clinical settings. These technologies will be kept under review.”

I recommend that the Minister talks to his colleagues at the Home Office, which seems to be content to use those technologies: the Department of Health rightly points out the significant problems in their use.

It is interesting to note that Connecting for Health has rejected some of the technology proposed for ID cards. However, when it comes to care records, the debate on the sharing of information between NHS departments and about who should have access to what still has not been resolved. In an intervention earlier in the debate, I mentioned the French system, in which the patient has the key. Patients have to plug in their card before the data can be accessed.

Although there are wider concerns about patient-held records, such as what happens if the key is lost, that system gets around the inter-professional arguments and the protectionism about who should have access to what data. If the patient is happy to give a physiotherapist, a chiropractor, a pharmacist or a nurse permission to look at the information, that should be enough; it should override any professional rivalries.

We need to consider also the sensitive information contained in the sealed envelopes. The Committee learned from its inquiry that the suppliers have not yet been issued a spec for local sealed envelopes. The Government response states that the spec was issued on 3 April 2007, and that

“A timetable will be set as soon as practicable.”

I am not sure why that is so. The spec was released in April 2007. The Government responded in November 2007. I am not sure why, some seven months later, a timetable was not available. I hope that the Minister will update us on progress in that respect.

The Committee was given a demonstration of the summary care record, which revealed some fairly obvious sealed-envelope concerns. For example, if a gentleman is impotent, he might not want it on the face of his medical records. However, health professionals have decided that it is very important to have a full drug history on the first page of the record, because that information can be crucial in making life-saving decisions. It would be clear to anybody who understands generic names of drugs that a gentleman who is on certain medication is impotent. The concept of sealed envelopes was destroyed at a stroke. A discussion is needed, therefore, about the information that goes into the sealed envelope, who can open it and under what circumstances.

Are there other circumstances in which we might unwittingly provide information that a patient might not want to be made quite so readily available? The summary care record is a good example of a system that seems to be added to every time that somebody else gets involved in the process, and it summarises the development of the NHS IT system as a whole. Owing to the lack of initial grass-roots engagement with clinicians, there seems to be no clear idea of what is required and what needs to be delivered through the project as a whole and, in particular, through the summary care record. That variability—the changing that occurs every time the matter is looked at—is a constant feature.

The final area of concern is about the wider use of data. Although the right hon. Member for Rother Valley was very supportive of the need to ensure that we optimise use for research, the Committee became aware of significant and wide-ranging concerns raised by several witnesses about whether the data were sufficiently anonymous, whether it could be tracked to a certain level and whether postcodes would be used as identifiers and so on. Happily, the Government have accepted the Committee’s recommendations to review local and national procedures and has set up the National Information Governance Board. It would be helpful if the Minister, when he sums up, could update us on the work of the research capability programme.

It is very important that we get this right. I was sent a press release today, from the NO2ID campaign. Although I accept that it has an agenda, I support much of what it says. It has taken a very close interest in the electronic patient records. The press release, which it put out to coincide with this debate, states:

“The NHS database is not just used for patient care. The so-called Secondary Uses Service (SUS) does not provide a service to patients. It is a vast hidden system that distributes the most personal (and people think private) information to a horde of bureaucrats and other third parties.

“Pseudonymised” patient information - and in some instances, identifiable patient information - is trafficked for purposes including “clinical audit, performance improvement, research, clinical governance, planning, commissioning, public health and benchmarking”.

Via SUS, a wide range of non-clinical agencies, organisations and even private companies will have massively greater access to personal information on everyone than clinicians. Protection of confidentiality is utterly inadequate and it is unclear how, or even if, individuals can refuse consent for their most private details to be shared among thousands of bureaucrats.”

We know that people can opt out, but that press release will probably be quoted time and again as factual when, in fact, its claims are rather exaggerated. However, often little is done to reassure the public when such things enter the public domain. The Government have work to do to reassure people, if that kind of thing regularly gets into the media.

Does the hon. Lady accept that this excellent report, which her party supported, also plays a role in providing that reassurance?

I absolutely accept that. Although I would not quote everything that Richard Granger said as the truth, the absolute truth and nothing but the truth, he made a very interesting point about the fact that many fairly wild accusations have been made about the scheme and get wheeled out and recycled time and again. He said that people are welcome to go and see what his department is doing, but that no one is interested in that—only in scaremongering.

There was some debate in the Committee about whether we should even consider electronic patient records, because the Public Administration Committee did such a good job on that itself. However, the public perception was such that the Committee felt that it needed looking at again, so that we could discover things for ourselves and debunk some of the myths. I am not saying that there are not problems with the project. Everybody acknowledged that. However, the problems are not always on the scale that others claim.

It is important to address some matters, however, if the system is to enjoy full public confidence. In December, The Times carried out a poll of doctors, which showed that only a fifth of them believed that the system would be secure. They might have an agenda. Some of them are against all information sharing and would like to restrict the use of the data to themselves. To an extent, I can understand that. However, the poll also revealed the following:

“More than three quarters are either ‘not confident’ or ‘very worried’ that data will leak once the Pounds 20 billion National Programme for IT (NPfIT) is up and running. Asked how well they thought that local NHS organisations would be able to maintain the privacy of data, only 4 per cent said very well. The majority, 57 per cent, said quite or very poorly.”

That was an online poll over Christmas, so presumably it engaged with those who were happiest with IT. Again, however, such reports in the press do little to inspire public confidence, so work needs to be done.

The right hon. Member for Rother Valley mentioned choose and book. I do not think that it has been quite as successful as he suggested. It might be working brilliantly in Rother Valley, but a recent NHS survey in my constituency found that a frequent complaint was about the booking system, which has many flaws. One of those is that general practitioners can no longer book with individual specialists and have to book with a hospital, which upsets some people who feel that they know which specialist is best for their patients. There is another problem because different hospitals will describe the same clinical service differently. There is not a one-size-fits-all scheme for running hospitals. Furthermore, it is a myth that there is a choice, because it is limited by local commissioning decisions. A patient might have an option of four places to go to, but the local hospital down the road might not be among those four because it is fully booked or the local commissioners are trying to divert business to the local independent sector treatment centre. It is a very complicated system that is not working well in all areas.

I have a few comments to make about the project overall. To sum them up, there was a lack of clarity and direction in the beginning. It is a bit of a red herring to say, “Oh, but we had to put in all these extra systems.” The picture archiving and communications system is often mentioned. Everyone thinks that it is a good thing, but as has been pointed out by other hon. Members, the technology was available for some time before the national programme for IT was even envisaged and would probably have been implemented anyway. Obviously it made sense to incorporate it into the national programme.

The biggest problem is probably the lack of initial engagement with grass-roots users. The number of submissions that mentioned that point is quite overwhelming. I shall quote from the submission by the Royal College of Nursing:

“Although the aims were laudable, the top-down, contract driven approach to implementation has presented tremendous challenges to those who are trying to introduce and implement new systems and ways of working within the clinical environment.”

That sentiment was repeated time and again, and those are the people who want to make the system work. They are not against the system per se; they want a system that they can use and that is in the best interests of the patient.

That problem is at the root of so many delays and extra costs. It probably cannot be blamed for the supplier problems, which relate to procurement, but I cannot end my comments without mentioning Richard Granger, who was bullish throughout his evidence to the Committee. We learned, among numerous things, that if he had been in charge of the modernising medical careers computer system, there would have been no problems. I do not know whether it was significant that he appeared to announce his resignation the day after he came before the Committee for the second time, but I should like to think so. I have heard rumours—perhaps the Minister will clarify the situation—that he has not left the NHS yet and is still on its payroll.

I was told today, and I believe it to be accurate, that Mr. Granger left the employ of the NHS on 31 January. The Minister will confirm whether that is accurate. The rumour that I have heard is that Mr. Granger has gone to implement the congestion charge in Beijing, where his methods will be better appreciated.

I was given my information before the end of January, so the hon. Gentleman is probably right. It is interesting that Mr. Granger is going to Beijing to implement the congestion charge, because when I first met him, I knew that he had been responsible for implementing the London congestion charge, so I said to him, “Okay, in London, you stopped roadworks for a month, introduced the first week of the congestion charging system during half term, so what will be your equivalent for the NHS?” He just glared at me and said, “That’s a very facetious question,” but it was actually a very serious question.

Will the Minister confirm that Richard Granger finally left the NHS on 31 January? We would also all be interested to know whether he received a pay-off, and if so, how much it was.

I begin on a note of complete consensus; I shall not pick up on that last point, which is definitely one that I shall leave to the Minister. We totally support the use of information technology to improve patient care. Although I accept entirely, as my hon. Friend the Member for South Norfolk (Mr. Bacon) said, that the process began long before 2002, there is complete agreement among contributors to the debate that it is a good thing in principle. I shall make two general observations about the report, and then I shall deal with matters in more detail.

First, the NHS IT programme covers a good deal more ground than the report. Mr. Weir, you would not wish me to go into detail about the stuff that the report does not include, so I shall restrict myself to that which it does. It does not, for example, include choose and book, which has been mentioned, or the electronic prescription service. That is worth noting.

Secondly, the report was not unanimous, as the right hon. Member for Rother Valley (Mr. Barron) said. It is true that part of the reason why was the perception—I am sure that it was inaccurate—that the right hon. Gentleman had, to some extent, made up his mind at an early stage about some of the issues that the report covers. He spoke on 6 June 2007 in an Opposition-day debate about the more general subject of NHS information technology, and he made two points of note for today’s debate. First, he appeared to indicate that an independent review of the electronic patient record project would not be in the interests of the NHS, which is entirely consistent with what he said today. Secondly, in his view, confidentiality and security of electronic patient records was not a significant concern, which is not entirely similar to what he has said today. Be that as it may, we should concentrate on those two issues: first, whether a wide-ranging review of the system is appropriate; and secondly, whether issues of confidentiality and security have been adequately dealt with.

On the question of a review, we have already heard that the National Audit Office makes multi-billion pound estimates of the system’s cost to the taxpayer, but it seems that a full zero-based independent review of the project, which can be conducted while the work on the system continues, would allow us to know whether the investment will deliver the improvements that it should. I take entirely the point that the hon. Member for Wyre Forest (Dr. Taylor) made. It must be an option for any such review to say that we should go back to square one. If the review, properly conducted, came to that conclusion, we would be well advised to listen, but the process of reviewing need not stop the process of developing the programme.

There is clearly room for doubt about whether the programme will deliver what it is expected to. Although the Committee was right to reject the option of a full review, in the areas that the report covers, it seems to me that the Committee made a pretty good case for one. Several extracts from the report have already been quoted. I will not read them all, but it is worth noting several fairly trenchant criticisms that were made about the general direction of, and grip on, the project, which is clearly not there. Paragraph 115 states:

“The Committee was dismayed, however, by the lack of clarity about what information will be included in the SCR and what the record will be used for”,

which has already been quoted. Paragraph 131 states:

“There was a stark contrast between the specific and detailed vision set out for the ‘Integrated Care Records Service’ in 2003, and the vague and shifting vision set out for the DCR in 2007.”

Further, at paragraph 192, the Committee states

“that other parts of the project are beset by significant problems. The most serious of these are: the lack of clarity about the ultimate vision for the shared DCR record, particularly the area which will be covered and the level of information which will be shared; the absence of a clear timetable for implementing shared DCR records”.

Finally, paragraph 229, which the right hon. Member for Rother Valley quoted, indicates the

“perplexing lack of clarity about exactly what NPfIT will now deliver.”

Indeed, the report later states:

“There is an explanatory vacuum surrounding DCR systems and this must be addressed”.

If those issues are not properly understood and dealt with, the system cannot be effective, and that is why a full review is necessary.

The hon. Gentleman has clearly taken the trouble to read the debate of 6 June 2007. During it, the hon. Member for Eddisbury (Mr. O'Brien) said:

“If the Government do not agree to a full and independent review today as a result of our call, we will, as a matter of urgency, set one up ourselves.”—[Official Report, 6 June 2007; Vol. 461, c. 264.]

I wonder how that review is going.

It is under way, and I am sure that the hon. Lady will be fascinated to hear the results. However, it should not be up to Her Majesty’s Opposition to do that work; it should have been done by the Government. There is still an opportunity—if the Minister takes it—to engage in the process, because I maintain that it is possible to do so while the work on the programme continues. The case for it, which was made in the report by the Committee of which the hon. Lady is a member, is very strong indeed.

The Committee rejected the review, at least in part, on the ground that the programme had already been scrutinised by the National Audit Office, the Public Accounts Committee, which is represented by my hon. Friend the Member for South Norfolk in the Chamber today, and of course by the Health Committee itself. However, it is also right to point out that the NAO and the PAC are primarily concerned, quite rightly, with value for taxpayers’ money. However, that is not the only issue; indeed, it is not the only issue—far from it—that has been canvassed in the debate so far.

As I have already observed, the Health Committee’s report covers only part of the NHS IT programme, and even in the part that it covers, which is the topic of our discussion, it is not complete. It does not deal, for example, with security of data, to which I shall turn next.

My hon. Friend points out that one reason why the Health Committee did not agree to a review was that the NAO and the PAC had already considered the matter. However, if he reads the relevant PAC report, he will see from paragraph 3 that one of its recommendations was:

“The Department should commission and publish an independent assessment of the business case for the Programme in the light of the progress and experience to date.”

Furthermore, paragraph 4 contained what I thought was one of our Committee’s most important recommendations:

“In view of the slippage in the deployment of local systems, the Department should also commission an urgent independent review of the performance of Local Service Providers against their contractual obligations.”

That has been happening, sort of sotto voce, in the Department anyway.

My hon. Friend is entirely right, and that underlines the need for a review. The Committee says that it rejected a review on a number of grounds, one of which was that it expected the Government to engage in further reviews internally and to publish the results. It indicated that it would like to know, and have available in the public domain, the result of any assessment of the system’s security implications. In their response, the Government indicated clearly that they were not prepared to make such information available. The case for a review seems stronger now than it has ever been.

Even if the security and safety of the system was not a big issue and foremost in the Committee’s mind when its investigation began, it must surely be so now. We need to be concerned about not just an organised attack on the database but what might be described as a disorganised attack. That is where we come to the events of the past few months. I agree entirely with the hon. Member for Staffordshire, Moorlands (Charlotte Atkins) that it would be much better if we did not have to consider the issue against the background that we now must, but we cannot escape the fact that people outside this place will assess the likely utility and safety of the NHS databases against the Government’s capacity properly to manage data on everyone from children to criminals, which has been called seriously into question. Patients will need serious reassurance that they should entrust sensitive medical information to a central database.

I can say this because I do not belong to any party, whereas it might be difficult for others: I am sad that we are having this debate now, because we should have had it in the Committee. From memory, nobody was there to put the case as strongly as the hon. Gentleman has.

I think that I have dealt with why the report was not unanimous as fully as you would wish me to, Mr. Weir. I agree with others that it was regrettable that that was the case, but it would not be productive now to go into why it was. However, we can have the argument today, and I am happy to engage in it.

In discussing whether there should be a review, it is right to say that the Minister should commit to finding a way to deal with the genuine concerns about the security of the system. I accept that there will inevitably be operational constraints to explaining in detail what might be wrong with its security, and we can all understand the obvious reasons for that, but I am sure that it is not impossible for the Minister to undertake that the public can be reassured in some detail about why they should have confidence in the database. Otherwise, it seems to me that they will not.

It is not just patients who need reassurance about the Government’s competence to handle data properly. The hon. Member for Romsey (Sandra Gidley) made that point. I am sorry to have to tell her that doctors’ confidence in that has got even worse since the surveys that she mentioned. The most recent that I have seen, conducted by the BMA, I believe this month or perhaps at the end of last month, asked:

“Do you have confidence in the government's ability to safeguard patient information on a national NHS database?”

Some 93 per cent. of respondents said no, so there is clearly a problem.

I wish to deal with some elements of the electronic patient record in a little more detail, and I hope the Minister will be able to assist with some of them. The first is the personal demographics service. I understand that patients cannot opt out of it and ask that their biographical data should not be logged on the system. Given its nature, one assumes that that information will be accessed by clinicians frequently, which will create an audit trail. Much along the lines of the point that the hon. Lady made on medication, viewing that audit trail and understanding which clinicians have accessed a particular patient’s information will give the educated observer good clues to the conditions from which a patient might be suffering. Will the Minister tell us to what extent that audit trail will be accessible and viewable?

Others have mentioned the summary care record, and again I return to a point that the hon. Lady rightly made. Some of the information registered on the SCR with implied consent, especially on medications, will allow the educated observer to draw certain conclusions. She gave one example, and others might be antiretrovirals and even antidepressants. I can imagine that the Minister might say that people in the position that the hon. Lady described could say, “I do not wish to have a summary care record at all.” I understand that, but I share her concern and that of others who have spoken that it might not be apparent to patients that they have that option. It seems incumbent on the Government to ensure that it is made clearly available to patients, so that they can take it if they wish.

If patients were to decide to secure certain information privately and not have it disclosed, they would do so using the so-called sealed envelope technology that has been talked about. The Government rely heavily on the existence of that technology to reassure patients that information that they do not want widely accessed will not be. It is therefore concerning, as the Committee has said, that the technology is not yet ready. Surely it would have been better to conduct the pilot schemes of the system when that technology was available, so that it could be tested in its entirety. As has been observed today, the pilots are already two years late. As the hon. Lady said, we discover from the Government’s response to the report that NHS Connecting for Health issued detailed specification for local sealed envelopes to suppliers only on 3 April. As she said, it would be helpful to know what took it so long.

Can the Minister confirm that the national roll-out of the summary care record will therefore begin without the sealed envelope technology being available, and that it might not be available for the detailed care record until 2009, as indicated in the Committee’s report? We have no guarantee that that crucial aspect of the electronic patient record will work effectively, nor any real idea of when it will be ready.

The secondary users service has also been mentioned. I must say straight away that I recognise the huge value of more information being available for medical research, but I hope that the Minister can deal with some specific concerns about it. Can he confirm that patient information goes to the secondary users service in a non-anonymised, non-pseudonymised form, and that it for the SUS to make it anonymous or to pseudonymise it? It follows that any leak of information from the SUS would be in a form by which individuals could be identified. There needs to be clarity on that, because people will be concerned about it and we would all appreciate some reassurance.

Contrary to the report’s recommendation in paragraph 121, the Government clearly intend to make information in sealed envelopes available for research. Apart from the concerns that have already been expressed, one possible outcome is that an individual who is unwilling to allow their medical information to be used for a specific form of medical research of which they strongly disapprove will be unable to prevent that from happening.

Those are important questions of detail, but I return to the larger questions raised by the subject of the report. As I have said, we support the principle of using technology to improve patient care. There is no doubt that in some areas, that is already being done very well, but in the crucial field of electronic patient records, both patients and clinicians must have full confidence in the system.

Patients need to know what their information is to be used for, and must understand how to protect that which they do not want to be shared widely. They need to know whether their information will be shared with Government Departments outside the NHS, and, if so, to what extent and for what purpose. It would be extremely useful if the Minister were clear on that today. They also need to know that the system will be resilient to attack.

If patients are not sure of those things, they will, as the hon. Member for Staffordshire, Moorlands rightly pointed out, be reluctant to provide information. As a result, the doctor-patient relationship and the cause of medical research will suffer. Patients and clinicians need to be persuaded of all that against a background, I am afraid, of serial, large-scale incompetence on the Government’s part in the management of personal data. That is why the Government have much to do to make the system successful.

We have had a full and detailed debate on a thoroughly researched and helpful report by the Health Committee. I congratulate the Committee on its work on the report, under the chairmanship of my right hon. Friend the Member for Rother Valley (Mr. Barron). I welcome both the report’s recognition that the introduction and use of electronic patient records will benefit patients, and the political consensus on that today.

The Government’s response to the report made it clear that we agree with its fundamental recommendations. As I am sure hon. Members have read, we accept the vast majority of the report’s recommendations. The hon. Member for Wyre Forest (Dr. Taylor) seemed rather to regret that we did not agree to things that were not recommended. I think he will find that we did agree but did not say so because the points in question were not specific recommendations. However, I shall come to that later.

We particularly agreed with the Committee’s view that the implementation of patient records is

“best managed by a staged and piloted development not a big bang approach.”

That is the approach we are taking with the SCR early adopter sites, the results of which are being evaluated independently, before any national roll-out, to ensure that the best possible solution is available across England.

Both my right hon. Friend and the hon. Member for Rugby and Kenilworth (Jeremy Wright) spoke about data security in the NHS. We well understand people’s concerns about data security, particularly of medical records. I remind hon. Members that none of the recent data loss incidents that have occurred since the recent heightened public concern following the Revenue and Customs missing discs in November 2007 have had anything to do with the national programme for IT. I am sure that members of the Committee were told by Richard Granger in their evidence session that NPfIT has a particularly high level of security, as one would expect—it is much higher than for banking. Special rules apply, banning the holding or processing of data overseas, which is quite common in the private sector and other areas of government. That is because of the strong concerns of Richard Granger and Ministers about the sensitivity of medical data.

Will the Minister confirm that many patient records are being processed in Egypt? GPs are transferring paper records to a company that is processing them in Egypt.

I cannot confirm that. I can confirm that there is a difference between the security requirements for NPfIT and what individual trusts do with some of their data. However, strict data-protection laws apply to trusts, and there are strict rules on the responsibilities of trusts’ chief executives to ensure that data are processed in line with the regulations. I shall respond later to my right hon. Friend’s questions about the sanctions that have been used against people who have breached data protection laws.

In light of concerns following the recent publicity about the Revenue and Customs’ data loss, the chief executive of the NHS, David Nicholson, wrote to all NHS chief executives at the start of the year to remind them of their legal duties, which I have just mentioned. The Government strongly support the Committee’s recommendations about having stiffer penalties for breaches of the Data Protection Act 1998. The Department recently wrote to the head of the civil service, who is conducting a review of data processing and collection across government, repeating our support for an increase in penalties for breaching the Act.

Access to patient care records will be available only to authorised NHS health care professionals, who must be both authenticated users and members of the health care teams directly involved in delivering the relevant patient’s care. Patients will have far more control over who may see their information than they have ever had. They have several options, which have been developed following the research and consultation that we conducted in advance of the early adopter areas. They can choose not to have an SCR at all, to direct that controls are set to prevent data sharing, or to have their address and contact numbers hidden, so that they are not available to NHS staff.

In the early adopter sites, public reaction has been favourable. I regret that the Committee did not have the chance to go and look at them, and I strongly urge them to do so if they get the chance. There is also a very good 10-minute DVD, which I had time to watch this morning, featuring patients and clinicians who have been involved in the early-adopter sites. One such GP was very sceptical of the system at the start, but she has become a convert now that she has got into it. If Committee members do not have time to travel to the relevant areas, they might at least watch that DVD, which I found very informative. So far, in those areas, only 0.64 per cent. of patients mailed about the options have chosen to exercise the opt-out. It is completely different from the situation in Hampshire that the hon. Member for Romsey (Sandra Gidley) has described. They have gone to great lengths to ensure that patients are aware of their rights, by posting information, talking to them individually and helping them with any questions. For example, a special helpline has been set up to talk people through the options.

I am sure that the Minister accepts that someone might decide, on balance, to have an SCR rather than not have one, because they feel that their concerns are outweighed by the advantages of having such a record. It would not be right to use the statistics that he quoted to eliminate the possibility of people’s concerns. Those concerns are real.

I am well aware of that, which is why we have gone to such great lengths with the early adopter sites to ensure that people are aware of what is happening and what the possible implications are. I was going to discuss this later, but I will deal with it now. My right hon. Friend mentioned that the Committee had visited Canada on its travels. I believe that Canada started with an opt-in system, but found that it did not work and has since changed to an opt-out system. We all make decisions on the balance of judgment, but in the overwhelming majority of cases, patients have thought through the issues and realised that the benefits far outweigh the risks and concerns.

The hon. Members for Romsey and for South Norfolk (Mr. Bacon) both asked about delay. We accept that there have been delays, not only in the roll-out of summary care records, but in the whole NHS IT programme. It is important to put on record that those delays were not because of problems with supply, delivery or systems, but pretty much entirely because we took extra time to consult on and try to address record safety and patient confidentiality, and we were absolutely right to do so.

Let me turn to one or two of the recommendations made by the Committee with which we did not wholly agree. I will not go over the benefits of the NHS IT roll-out in general, or the summary care record in particular, at great length, because I think that most hon. Members here, even those Opposition Members who are critical of some aspects of the implementation of the IT roll-out, agree with the roll-out in principle. It has helped to save lives, money and time, and health care has been improved; those are benefits of the roll-out that I think we would all accept as a given.

The Government do not agree with one recommendation by the Committee, which is on the issue of sealed envelopes going to the secondary user service. We have put in robust safeguards. As we made clear in our response to the Committee’s report, consent is required, except for data that have been anonymised or data that are otherwise not identifiable as coming from any individual.

The primary purpose of the NHS care records service is to support the delivery of care to patients. As my right hon. Friend the Member for Rother Valley has said, one of the reasons why the NHS is world class in its research is because it is a national service and data are shared to help clinicians and medical science in general. The NHS also needs information, as has been pointed out by some hon. Members, for management and clinical purposes. The briefing that we received from the Royal College of Nursing also pointed that out, stating that such information can help to resolve work force issues and priorities, such as issues about commissioning, public health, clinical audit, benchmarking, performance improvement, research and clinical governance.

Wherever possible, the information provided through a secondary user service will be extracted automatically as a by-product of NHS services supporting direct patient care. The aim is for that data to be made available either in aggregate form or, where detailed information is provided, in anonymised or pseudonymised form. This process removes patient-identifiable information and allocates a consistent pseudonym, so that individual cases can still be tracked but only with explicit approval.

Permission to access the aggregate data is required from an expert group, called the Patient Information Advisory Group, which was set up under the Health and Social Care Act 2001. That group assesses each application to test that the use of patient information is justified, taking into account issues of confidentiality and consent. Access to the secondary users service requires each user to be formally registered and to use individual smart card access, as is the case with other systems in the national programme for IT in the NHS. Each user is allocated a role that determines their functions, such as the reports they can access, and the organisation or geography of data that may be accessed. Key user activities—for example, performing an extract—are logged. That security will enable the huge potential benefits available from research, statistics and management to be harnessed and realised without compromising confidentiality or security.

In light of the concerns raised today by my right hon. Friend the Member for Rother Valley, who is Chairman of the Health Committee, including his continuing concerns about the issue of sealed envelopes and the use of that type of data, we will, of course, continue to keep the process under review as we move forward from the stage of the early adopter sites to a more national roll-out.

Will my hon. Friend the Minister let us know exactly what stage the specifications are now at with the sealed envelopes? At some stage, we may want to take evidence on that single issue in relation to how the system is developing and how it will be used.

I will have to write to my right hon. Friend on that specific question about specifications; I have the answer here somewhere in my notes, but I cannot find it now.

I will do that when I write to my right hon. Friend.

My right hon. Friend also asked what sanctions have been taken in relation to breaches of data security or in cases where people who were not authorised to do so have accessed patient data. In response to the latter question, I am sure that he will be aware that disciplinary action is taken at a local level. We do not collect details centrally about action taken against people who have accessed patient data without the right authorisation. However, we are aware of the case of a GP who was referred to the General Medical Council for inappropriate browsing of records. We do not know the outcome of that case.

We will check with the Information Commissioner about any actions taken against the NHS, but I will say that we are not aware of any actions by the commissioner against the NHS in 2006-07. Out of 14 actions that the commissioner took against public sector organisations in that period, none were against health service organisations. We have very good relations and regular contact with the commissioner, and that fact would seem to indicate that he is pretty content with the security of NHS records so far. However, as I said before, that does not mean to say that we are complacent on this issue, and we will stay in very close touch with the commissioner throughout the roll-out of IT in the NHS.

Does the Department keep records of actions that employers have taken against employees in relation to breaches of data security?

We do not keep records of any actions taken locally. Such breaches of security are matters for local health management.

So the Department does not keep any such records. If it did, we would know that actions have been taken against individuals in response to the allegations that were put to me in the letter that I read out earlier—allegations that individuals share data with people with whom they should not be sharing.

No, we do not keep records on such individual cases. If we were required to be informed of every single small piece of disciplinary activity that was taken in the whole of the health service or minor breaches of data security, it would not only overwhelm the Department but the health service itself. However, there is a requirement on the health service locally to inform strategic health authorities of serious breaches of data security. Indeed, that is how a number of breaches recently came to light—most of them had already been in the public domain for some time, but they were only publicised more widely because of the recent interest in this subject following the data issues with Revenue and Customs.

Moving on to the issues raised by the hon. Member for Wyre Forest (Dr. Taylor), he wanted more detail about how the IT roll-out was going. I can tell him that five out of the six primary care trusts involved have started informing the public. They are Bolton, Bury, Dorset, South Birmingham and Bradford and Airedale. As of 3 February, 26 GP practices had gone live with the summary care record, and more than 153,000 patients’ clinical records had been updated to form summary care records. A public information programme is in place in all the early adopter sites to inform people about the changes and the decisions that they may make regarding their records. As I have already said, public reaction has been very favourable, with only 0.64 per cent. of patients asked choosing to exercise their right to opt out.

The hon. Member for Wyre Forest asked about Bolton PCT in particular. It has issued 270,000 letters to patients, and 0.9 per cent. of the patients who were asked opted out of having their summary care record uploaded. Some 94,000 records have been created on the NHS national care records spine. Three or four unscheduled care settings can view the summary care records. Two of them are the accident and emergency department and the walk-in centre, and there is also the GP out-of-hours service, so good progress has been made there.

Is the Minister not concerned about the point that the hon. Member for Romsey and I have made about the late arrival of the sealed envelope technology? He has just referred to a large number of patients who are now having their details put on to a summary care record. None of those patients currently have the opportunity to restrict access to any information that is there by implied consent, because the sealed envelope technology is not yet available. Is that not a serious concern?

No, it is not, for reasons that I will come on to a little later, when I respond to the points that the hon. Gentleman has made about sealed envelopes.

The hon. Member for Wyre Forest also said that he would like the whole IT roll-out to happen more quickly. We share that desire, but at the same time we accept the recommendations of the Committee that there needs to be a staged and cautious approach to the roll-out, for the reasons outlined in both the Committee’s report and our response.

As I have said, just because we did not say yes to all the recommendations and non-recommendations in the Committee’s report, it does not mean that we did not support a lot of the statements—the hon. Member for Wyre Forest has referred to them as “commendations”. In particular, he specifically drew attention to paragraph 42.6, which is about support for the public. A great deal of work has gone on at local level in the early adopter sites in promoting local newspaper coverage and engagement with both the public and clinicians. If the Committee were to revisit those early adopter sites some time down the line, I think that they would find that that work has been very beneficial.

On the reasons for the delays with the summary care record, it was important that we tested and piloted it, because it is important that we evaluate it before we roll it out nationally. I agree with the hon. Member for Wyre Forest that we should keep the page simple and not make it more complicated—earlier, it was suggested that we would make it more complicated, but we will not do so.

The hon. Gentleman asked how the transfer of electronic communication between GP practices is working, and I have been informed that 3,500 out of 8,400 practices are using it. There are two basic systems, and they are working well. However, several practices use other software supply systems, and they are still in testing and production. There has been some delay there, which may be one reason why some of his colleagues to whom he has spoken are happy with it, while others are not.

The hon. Gentleman asked about the progress with Cerner. The initial release is live in eight hospitals in the south and three hospitals in London. The next hospital in the south is due to be Bath in May; the next hospital in London will be Barts, which is due in the next two weeks.

The hon. Gentleman and another hon. Member asked about the progress of Lorenzo. The first implementation of release 1 is due in June this year in Morecambe Bay, South Birmingham and Bradford. In the past four years, the programme in the north midlands and the east has introduced about 70 upgrades to existing hospital systems while Lorenzo was being developed. A Lorenzo demonstration will be available in Westminster in March, hosted by the Parliamentary Information Technology Committee, and I invite Health Committee members to attend, if they are interested.

The hon. Gentleman has challenged us to be more bullish about the benefits, which is quite difficult for us to do. We try, but the evidence base for the benefits is only just emerging, so it will be some time before we manage to satisfy the sceptics. However, we will work hard on that, particularly on confidentiality. On publicity, a great deal has been done in the early adopter areas, and it has been very successful.

On the comparisons with the French model, I hope that Committee members acknowledge the fundamental difference between the French and British health care systems, which we point to in our response to the Committee’s recommendation. On the positive elements of the French system, which the hon. Member for Romsey and others have highlighted, we are providing patients with absolute control of their summary care through HealthSpace. Several hon. Members asked whether that will mean that their record will be transmissible across boundaries. Yes, they will be able to see their own summary care record via internet access, and they will be able to challenge and correct any errors. Also, because it will be available through the internet, if a patient falls ill abroad, they will be able to make the summary care record available to someone who is treating them. The French system apparently cannot do that, so in many ways the British system is actually better than the French one.

We were told that the French system can be used in other places. On HealthSpace, some concerns have been raised that individuals do not have direct access. They can see what is written about them, challenge it and suggest changes, but they do not have any direct power, and the changes that they suggest may not necessarily be made. Will the Minister clarify the situation?

The hon. Lady is right in terms of phase 1, but the ambition is that patients will be able to change and control the information themselves when the system is bedded down.

The hon. Lady has asked about local ownership. Again, I do not want to read out the Government response, but the hon. Member for Southport (Dr. Pugh) summarised very well the tension between the need to save £6.4 billion through national procurement, and the need for local solutions, particularly when it comes to staff and clinical engagement, nurse and staff training and some of the concerns and issues raised by my hon. Friend the Member for Staffordshire, Moorlands and by the Royal College of Nursing in its briefing. As I have said, central procurement has enabled the needs of the NHS to be aggregated to get best value. Ovum, the IT industry analyst, carried out a detailed study in 2006, and it calculated that central procurement has saved £4.5 billion, compared with the cost if the same solutions had been procured locally.

Health care IT involves a reasonably standard process, but it is applied differently in different care settings. GP IT systems have been in place since the early 1990s, and they carry out the same functions. Hospital IT systems are much more complex and interface with between 20 and 40 separate systems such as pathology, maternity and other “ologies”. Local systems therefore need to be integrated if the aim of making patient information available at the point of need is to work. That is why we have to get the balance right between a national approach with a national architecture, and control at the local level. We have responded positively to the recommendations of the Committee on that.

There was a question from the hon. Member for Romsey about the research capability programme. The new programme was established in 2007. It was initiated by the Department of Health director general of research in collaboration with the research community, and, after consultation, the chairman of the committee has now been appointed as has a programme director. The programme aims to attain anonymised data for research. It will provide the largest epidemiological database in the world, which will be hugely valuable.

The hon. Lady’s final question was on the departure of Richard Granger, and I can confirm that he left on 31 January. To our knowledge, it is not true that he has gone to run the Beijing congestion charge scheme, but I will research that point with some interest. On the terms of his departure, he was a civil servant, so he will have been subject to the rules usually applied by Cabinet Office, which is normally to serve three months’ notice. I hope that that is helpful to the hon. Lady.

Turning to the points raised by the hon. Member for Rugby and Kenilworth, first, I am interested to learn that the review that the hon. Member for Eddisbury (Mr. O'Brien) promised us at the time of the Opposition debate back in June was indeed launched then, and we look forward to reading the results with great interest. However, I am informed by my officials that there is no indication that any individuals who have detailed knowledge of the area have yet been interviewed, but I am sure that they will be in due course.

I am sure that if his party wanted to interview any of the officials in my Department or the experts involved, those people would be only too happy to oblige. Perhaps we can involve some members of the Select Committee as well in helping with the review. If his party were to publish their progress, I am sure that we would all comment on the review’s remit and so on.

The hon. Gentleman has asked about the patient demographic service. Yes, it does have an audit trail. It is available to the privacy officer, and it can be requested by a patient or their privacy officer—the so-called Caldicott guardian, a concept of which he will be aware.

The hon. Gentleman has also asked about the patient’s ability to block out the giving of information about particular prescriptions. He mentioned antiretrovirals, but I am informed that GPs do not prescribe those. However, we are progressing with a core dataset of all drugs and allergies to be evaluated. We recommend that patients choose not to share such information routinely, but to give consent to its being viewed in such circumstances.

The hon. Member for South Norfolk has mentioned the cost of the procurement of the overall original IT project, and I refer him to the NAO report of June 2006. The Public Accounts Committee’s recommendations were slightly at variance with that, but the report was very positive. John Oughton, the chief executive of the Office of Government Commerce, said in his submission to the PAC that he thought that the procurement process for Connecting for Health was exemplary: it was run to a tight and rapid time scale; it started when it was intended to start; it was completed when intended; and it produced a very good result. He said:

“I do not think that any of the suppliers were disadvantaged in that process.”

That procurement was supported by a 900-page output-based specification that informed suppliers about exactly what was required. The shortlist of suppliers also provided proof-of-concept prototypes to demonstrate that they understood the requirement. That point has also been mentioned by the hon. Member for Southport.

We have had a constructive and measured debate, and I hope that I have answered most of the questions asked by hon. Members.

The Minister has not dealt with my point about the potential for sharing information on the NHS database across Government. He will recognise that that is of concern to a great many people who may be prepared to supply the information to the NHS, but may be concerned about which other Departments might use that information and for what purpose. What intentions, if any, do the Government have in respect of sharing that information across Departments?

I will write to the hon. Gentleman to clarify that. However, I am not aware of any suggestion that the NHS would be sharing such information across Departments. As I said in my opening remarks, the privacy and data protection rules in the NHS data system are far higher, because of the nature of the material involved. I am advised that the only area in which there may be an exception to that is the child index. However, I will write to the hon. Gentleman with more detail about that, because there may be good reasons for it.

We have had a good debate. Most hon. Members accept that for far too long the NHS has operated with a disparate paper base in a fragmented system. The consequences of that were inefficiency and avoidable clinical risk. Up to 10 per cent. of appointments were not attended, and around 1,200 people died every year as a result of medication errors. Some 5,000 patient procedures a year were cancelled because of lost X-ray films and paper records for patients that were manually maintained and held at a cost to the NHS of about £120 million a year. The huge investment that the Government have put into the NHS has enabled not only the recruitment of record numbers of clinicians, but the rebuilding of the NHS estate, the roll-out of new IT systems and the long-overdue modernisation of the health service.

The health service is moving from being an organisation with fragmented or incomplete information systems to a position where national systems are integrated, record keeping is digital, patients have unprecedented access to their personal health records and health professionals will have the right information at the right time about the right patient. As the Health Committee has recognised in its report, the roll-out of new IT systems will save time and money for the NHS and staff, save lives and improve patient care.

Both the hon. Member for Wyre Forest and my hon. Friend the Member for Staffordshire, Moorlands mentioned the Royal College of Nurses and the electronic record system. The hon. Member for Wyre Forest spoke about the RCN’s engagement with the system, including training. I agree that the RCN should have been involved; it is an integral part of care in the NHS.

My hon. Friend the Member for Staffordshire, Moorlands also made a telling point. I think she said that two thirds of nurses said that they did not think that the system would be any better than it is now in terms of confidentiality.

Sorry. That is in respect of current paper record access. The telling phrase that my hon. Friend used was that people leave no calling card when they look at a paper record, but in this system they would leave a calling card if they looked at somebody's records but should not have done so. That system is audited and traceable and, hopefully, although my hon. Friend says that records are not kept centrally, we can all ask our strategic health authorities what action is being taken by employers in respect of employees and breach of confidentiality. I have no doubt that such things may have been going off for many years in GP practices, perhaps with other people—not GPs, I should add—looking at records of somebody who lives up the street. By the way, I did not say that cleaners have access to the system in GPs’ surgeries; I said that six administrators had access, alongside the five GPs. We have to deal with such issues in any human system like this, be it in health care or other sector.

The RCN said in its brief:

“Those that are using EPRs are generally more favourable towards it than those who have not. This achievement requires greater investment in the engagement and education of nurses.”

Clinicians who have engaged with the system from the early years are a lot more involved and want it to happen more than those who have been sitting on the side and have not been brought on board, for whatever reason.

The hon. Member for Southport talked about common standards and specifications internationally. When we were looking at what goes on in Canada, we discussed the specifications. Canada has a lot of contact with our system, including Snowmed, which is one of the basic specifications that it uses too. We can assume, on that basis, that information could be exchanged across international boundaries in that respect. The Canadians told us, although we did not document these visits in the way that we would document an evidence-taking session in the House, that an international organisation is trying to establish common standards of measurements so that things can be transferred internationally.

The hon. Gentleman also said that GPs in Yorkshire and Humberside are being restricted in terms of what they can purchase. I was going to spring that on them, because they are coming down to give evidence to the Committee. They will read this and will now know that I am going to ask them about that: it is on my desktop and I will take it to the people who have been involved and ask them exactly what is happening. We were told that, effectively, there are seven systems at GP level now that they are able to buy into without being told which one to buy.

The hon. Gentleman has led a very sheltered life and has only been to Rotherham once. It is my home town, as it were, so I will have to get him over there more often.

The hon. Member for Romsey mentioned the press release from the NO2ID campaign in respect of clinical governance. I am sure that the RCN and everybody else would say, “Quite right, too”, because we should be improving and have best practice in the NHS. I have not seen the NO2ID press release—it has not sent it to me—but I know that it has been campaigning against this for a long time.

The hon. Member for Rugby and Kenilworth says that my mind was made up in the debate on 6 June. However, I have to tell him that it was not. He read out a lot of recommendations from the Committee that were quite critical of the programme. Nothing I said on that day influenced this report in any way. However, I upset the Opposition Front Bench—the hon. Gentleman was not on it at the time—when I mentioned including the medical training application service debacle in the same argument about a review of the NHS IT programme. I criticised them for that and there was some reaction. Indeed, there was a move by Opposition Committee members the following morning to remove me from the Chair on the basis that I should not have spoken in that debate.

I pointed out that an official Opposition Member had spoken in the same debate, and I was told that there was a convention, but there was no convention. The accusation was made in the press release in September. I have a letter from the Clerk of the House saying that he had heard directly from the person concerned, whom I will not name and who issued a press release prior to consultation. We discussed some months ago whether the Chairman of a Select Committee should become involved in debates, and there is no convention about that. I did so, and it was probably the MTAS issue that touched the button. The hon. Member for Rugby and Kenilworth (Jeremy Wright) was there and will have seen that. We should have kept the issues apart. We are about to give a report on the MTAS issue, and we may comment on what happened with its IT system.

The important thing is to recognise the worth of the national health service IT programme and the benefits that could accrue to patients and professionals working in the NHS for many years to come. It will set the standards for health care in this country and internationally in the 21st century. We should on some occasions have a more positive view about it.

That said, my view is not wholly positive, and some of the issues that we debated this afternoon reflected my personal feelings. I have never tried to use the Health Committee as my vehicle. It is an all-party group, and oversees what the national health service and, to some extent, the private health sector do. It works in a non-party political way. I regret the incidents that happened in June. I do not regret what I said, but I regret the outcome. If we were going to say that something was wrong in the report, an amendment should have been tabled, and we could have had the debate, as the hon. Member for Wyre Forest (Dr. Taylor) said, in Committee, not in this Chamber.

That said, since taking over the Health Committee after the last general election, I have always said that politics should be left at the door and picked up on the way out. That is what oversight should be about, and that is how we keep the Executive in check. It is a good lesson for all parliamentarians. We should do that.

When our emotions spill over on the Floor of the House now and again, we should not read too much into that. I felt strongly on that occasion that we should not have muddled the two. That happened, and it was unfortunate, but the report should have been unanimous. It is a good, reasonable, comprehensive report in terms of what we were looking at and our terms of reference. As I said, the Government and the Department have some way to go yet before they get there, but it is crucial that we do.

Question put and agreed to.

Adjourned accordingly at twenty-eight minutes to Six o’clock.