BBC medical records story

M Taylor mctylr at privacy.nb.ca
Wed, 6 Mar 2002 04:26:49 +0000 

On Tue, Mar 05, 2002 at 11:44:27PM +0000, Adrian Midgley wrote:
> Smart cards are a way of taking control and getting lock in on the software 
> used for medical record editing.
> 
> Highly unlikely there will be a range of readers or of software to interpret 
> what comes off a card, so there will be another vendor lock-in bottleneck.

Smart card readers (the hardware) is quite standard, they read credit
card form factor smart cards (ISO 7810) which are the same except in
size to SIM cards used in your GSM mobile phone. Readers are available
from various vendors for about as little as 30 quid if I remember
correctly for a USB model from GemPlus. PC/SC is one of the most
common standards, Linux support from www.linuxnet.com.

The data is another story. If it going to be supported nationally by
various NHS Trusts and other groups it would need to be a open public
standard since it would need to be intergrated (translation: a fudge 
hacked in) with existing non-compatible medical information systems.
Considering NHS has fun issueing NHS numbers to everyone,
generating a standard for all episodes and care pathways for every 
patient's lifetime, and having the 100+ GP system and 30-odd Trust 
systems* actually getting reasonable correct historic data would be, 
ah, amazing.

(* Those numbers may be wildly wrong, at best a wild guess)

I suspect that employers, insurance companies, law enforcement and
maybe city councils will want to the ability to demand access to
the patient held data, on the grounds of due dilligence in regards
to the employers responsibilities to be aware of any medical issues
which may need be addressed in the workplace. In my lay understanding
in the UK insurance companies have the right to access known genetic
predispoitions and known illnesses. They cannot yet force testing
was my understanding. So expect to be handing over those smart cards
when it is time to renew your policy. Law enforcement may demand
access to potentially known highly infectious risk to their officers.

At present the smartcards would not be of any use abroad, thus
of no greater value than present records, which in my understanding
should be (in the vague) future available via NHSnet within the UK,
so smartcards offer no greater access over other methods. The card 
would likely not be carried by the everyone all the time, unless it 
was a dual-use national identity card which was required by law 
(whole other can of worms), so in outdoor activities such as football, 
swimming, camping the card and its data may not be carried by the 
indiviual and thus not available.

Of course if the data was uniquely stored on the smartcard the GP, 
or surgeon would not be able to access when the patient was not
present, making research surveys & lab tests etc. a real pain.

I see such projects as more use of novelity than of privacy enhancing.
It would have the public image of the public controlling their own 
data, but in fact I suspect that a national central DoH/NHS database 
would emerge as being more practical and the smartcard would be a 
facade of privacy. I do not see how it could be cheaper than a portable
database network, and save for the fact it prevents unattended access to 
a patients information it may in the widening spiral of data creep,
expose patient data far further than in any time before in history.

What is the actual intension, or problem this is attempting to solve?

I would hate to see some firm awarded a 10 mil contract, supply a handful
of readers and cards, and intergrate the cards to only one of the
oddles of medical information system (that belonging to the vendor
who wins the contract) and everything gets shelves except at one or
two pilot sites. It would a shame and simply a waste of money.

I would rather see 
 a) a portable data format for health records
 b) a decentrized network of patient databases, securely access via NHSnet,
    administered and audited at the regional level with only traditional
    "need-to-know" access to all records
 c) consider Brands or Chum blinding to create secure "aliases" for
    all NHS patients, and treating the medical records of every patient as 
    if they were a VIP.
 d) a public consultation of public and expert opinion on data mining of
    NHS records with and without express premission of the patient for 
    research, searching for "warning signs", and access to 3rd-parties (i.e.
    drug companies). I think the current thinking from DoH seems to be
    that data is "state-owned" rather than "taxpayer-owned".

IMHO,
M Taylor