BMJ - PKI and signinng slight confusion
Dr Alan Hassey
ukcrypto at maillist.ox.ac.uk
Mon, 11 Sep 2000 12:17:43 +0100
Each & every health professional has a legal (Data Protection Act),
contractual & ethical obligation to protect privacy & get appropriate
informed consent for disclosure. Ultimately the professions are accoutable
through the courts, through professional regulation (GMC/UKCC etc) & through
the NHS Caldicott procedures (hopelessly under-resourced)
There is no single organisation that holds records. NHS Trusts, hold records
as do GPs & they are nominally held on behalf of the Secretary of State.
IMHO the patients own the records.... but that's probably a heretical view
;-(
===
Dr Alan Hassey (mailto:alan.hassey@btinternet.com)
RCGP Health Informatics Group
Joint Computing Group (GPC - RCGP)
Thank you, Alan, for trying to protect patient's interests in their medical
information. I for one appreciate this.
Which organisation within the overall scope of the NHS is actually
responsible for holding a person's medical records, protecting their
integrity and preventing abuse?
Brian