Skip to main content

Medical Records: Data Protection

Volume 479: debated on Monday 1 September 2008

To ask the Secretary of State for Health what assessment he has made of the risks to patient confidentiality of publishing patients' care records to HealthSpace, as referred to on page 41 of High Quality Care for All, Cm 7432. (221023)

While it is never possible to eliminate all risk, stringent security controls and safeguards have been put in place to prevent unrestricted or uncontrolled access to personal information accessible through HealthSpace. Authentication of patients seeking a HealthSpace account has been designed to operate within the specified e-Government Interoperability Framework (e-gif) requirements and industry best practices. In due course, when the technology to do so becomes available, registration requirements will be uprated to the next highest level.

In addition, the HealthSpace system has been subjected to exhaustive penetration testing to demonstrate its resilience to unauthorised attempts by third parties to access data held within it. This testing will be repeated on a regular basis.

Users will also be advised that securing confidentiality of their information accessible through HealthSpace is also in part a personal responsibility. The safeguarding of access controls, including PINS and passwords, is an example of personal responsibility, along with not choosing to access records at a time or location where others may see them. Users will be supported in this by means of standard technical measures used widely in secure electronic transactions, for example by the setting of a 'timeout', so that after a given period of inactivity the user is automatically logged off the system.

To ask the Secretary of State for Health what assessment he has made of the impact on the security of confidential data of increasing the scope of access to the NHS Care Records Service to (a) social care, (b) voluntary sector, (c) private sector, (d) pharmacy and (e) other organisations, as referred to on page 50 of NHS Next Stage Review: Our vision for primary and community care. (221135)

The vision for the NHS Care Records Service (NHS CRS) is that it will support the delivery of care across all the settings where national health service patients may present for that care, including services provided by the private and voluntary sectors and in social care, pharmacy and other organisations. We have set out clearly in the Care Record Guarantee precisely what security and confidentiality standards must be met by all organisations that have access to the NHS CRS and all such organisations are required to provide assurance that they are meeting these standards. Compliance will be audited.

To ask the Secretary of State for Health how legitimate relationships are established for determining access to the NHS care records service. (221550)

Legitimate relationships are a form of access control that prevent those who are not working in a team that is involved in providing national health service care to an individual from accessing that individual's clinical information. NHS organisations will determine which of their staff work within which teams for this purpose.

A new legitimate relationship is normally created when a patient is referred to a team for care. This referral may be from a different part of the NHS or may be a self-referral by a patient, for example when attending a minor injuries unit, or when registering with a general practitioner's practice.

Some clinicians, particularly those working in emergency care environments, are also able to establish a legitimate relationship with a patient when this is needed to support emergency care. These “self-declared” legitimate relationships generate an alert to staff responsible for ensuring that the facility is not misused.

To ask the Secretary of State for Health which applications will have access to data stored in the NHS care records service; and which applications do not require a valid smartcard in order to access data in the NHS care records service. (221551)

The NHS Care Record Service links patient information from different parts of the national health service electronically so that authorised NHS staff and patients have the information they need to make care decisions. It comprises a number of national services, and compliant local applications, for example trust patient administration systems, and general practitioner systems. These local applications hold their own data and interact through messages with national services such as choose and book, the summary care record, and the personal demographics service. All local applications that interact with the national services require a valid smartcard.

A number of interim stand-alone local systems have been deployed to support the NHS. These do not interact with the national services and may not use smartcards.