To ask the Secretary of State for Health pursuant to the answer of 26 March 2008, Official Report, column 206W, on medical records: databases, for what reasons Connecting for Health cannot comment on the specific monitoring processes; and what estimate he has made of the likely number of alerts (a) per day and (b) each Caldicott Guardian will be able to monitor. (204222)

Systems delivered by NHS Connecting for Health will provide the alert data and tools for reviewing alerts, but detailed monitoring arrangements and assessment of follow up actions are the responsibility of local national health service organisations and individual Caldicott Guardians.

Staff who breach patient confidentiality are subject to disciplinary measures and the legal penalties provided under the Data Protection Act, and professional staff risk losing their licence to practice. There is no evidence that breaches currently happen other than very exceptionally. We expect this to continue to be the case when systems are deployed that have the ability to audit behaviour.

Only a small number of alerts are therefore expected, and we anticipate that Caldicott Guardians, or their delegated representatives, will be able to monitor all alerts raised to them.

To ask the Secretary of State for Health pursuant to the answer of 26 March 2008, Official Report, column 206W, on medical records: databases (1) under what terms and conditions suppliers will have access; (204223)

[holding answer 9 May 2008]: The terms and conditions are being agreed but include, for example, limitations on the disclosure of data to third parties and the copying of data, and termination and liability clauses in the event of unauthorised disclosure of personally-identifiable information. There will also be a right of audit to verify adherence to the terms and conditions, which will be the key condition determining permission to access for those wishing to use the service.

When finalised, the terms and conditions will be published.