From igb at batten.eu.org Fri Feb 7 16:44:00 2014 From: igb at batten.eu.org (Ian Batten) Date: Fri, 7 Feb 2014 16:44:00 +0000 Subject: Health Service Record Confidentiality Message-ID: It seems to be coming from all angles, doesn't it? I've just been putting together the letter opting me and my children out of care.data, working somewhat in the dark as I haven't received the much-bruited NHS publicity. Doing the information exercise from surgeries has the problem that a lot of people don't visit the doctor from one year's end to the next, and I don't know anyone who's actually received the leaflet. But today I saw on the back of a bus an advert for this: http://www.midlandscentralcarerecord.nhs.uk which, again, I'm supposed to have been written to about and, again, I haven't been. It's not clear if this will be covered by the 93C3 I already have on my notes. Hey ho, _another_ letter to my GP. It's an absolutely shocking website, containing no information about who the actual responsible body is other than a link to "http://www.experiencecounts.org.uk" which could be a scam for all I know: it claims to be part of the NHS (and has an NHS email address listed) but there's no evidence on its website that it's anything other than a bunch of blokes in a shed. Their only information governance is about dealing with social media. While then looking for the NHS Records "Guarantee", I found most copies of it lurking on the National Records archive, because the Information Governance Board of the NHS has been closed down, as has Connecting for Health, and therefore most of the hits on the first page of Google's results point to dubious archive sites rather than anything actively maintained. What's the current status of the care records "guarantee"? What's the latest version? Who knows? ian From pwt at iosis.co.uk Fri Feb 7 18:25:30 2014 From: pwt at iosis.co.uk (Peter Tomlinson) Date: Fri, 07 Feb 2014 18:25:30 +0000 Subject: Health Service Record Confidentiality In-Reply-To: References: Message-ID: <52F5251A.7080305@iosis.co.uk> A leaflet came through my letterbox this week (the same day that I went off to one of those NHS independent contractor minor procedure units [1] to have a stubborn molar removed by their dental surgeon - he is, of course, not a white anglo saxon protestant (or catholic or..), but likely from Egypt and did a brilliant job, as did the rest of the team). NHS is the badge of the leaflet, 'Better information means better care' is the banner. It refers me to: - NHS Choices web site - 'staff at your GP practice' - 0300 456 3531 (nothing about any call costs) - 'More details about how we look after confidential information and how it may be used can be found on the website at www.hscic.gov.uk/patientconf' It asks 'Do I need to do anything?. The answer is nothing if I'm happy for my infomation to be shared. And the vital but naked statement "And you can change your mind at any time". So its opt in by default. Peter [1] 'minor' indeed - in the waiting room I found their poster for their fast track hip replacement jobs. On 07/02/2014 16:44, Ian Batten wrote: > It seems to be coming from all angles, doesn't it? From roger at hayter.org Sat Feb 8 00:29:40 2014 From: roger at hayter.org (Roger Hayter) Date: Sat, 8 Feb 2014 00:29:40 +0000 Subject: Health Service Record Confidentiality In-Reply-To: <52F5251A.7080305@iosis.co.uk> References: <52F5251A.7080305@iosis.co.uk> Message-ID: <68001DB8-43BE-4BD9-A344-C96CA28BBAAD@hayter.org> According to a recent Parliamentary answer by Dan Poulter (Health Minister), if you opt out your data will not be sold or given to anyone outside the NHS in identifiable form. *But* it will still be centrally collected, stored and collated with new information, it will still be available for the police to investigate 'serious crime', and probably it will still be available for sale to commercial/research parties in pseudo-anonymised form. You can make your own assumptions from known law and practice about GCHQ. There was a rumour that the pseudo-anonymised stuff would *include* NHS number, but this is so silly it may be disinformation. -- Roger Hayter On 7 Feb 2014, at 18:25, Peter Tomlinson wrote: > A leaflet came through my letterbox this week (the same day that I went off to one of those NHS independent contractor minor procedure units [1] to have a stubborn molar removed by their dental surgeon - he is, of course, not a white anglo saxon protestant (or catholic or..), but likely from Egypt and did a brilliant job, as did the rest of the team). > > NHS is the badge of the leaflet, 'Better information means better care' is the banner. It refers me to: > > - NHS Choices web site > > - 'staff at your GP practice' > > - 0300 456 3531 (nothing about any call costs) > > - 'More details about how we look after confidential information and how it may be used can be found on the website at www.hscic.gov.uk/patientconf' > > It asks 'Do I need to do anything?. The answer is nothing if I'm happy for my infomation to be shared. And the vital but naked statement "And you can change your mind at any time". > > So its opt in by default. > > Peter > > [1] 'minor' indeed - in the waiting room I found their poster for their fast track hip replacement jobs. > > On 07/02/2014 16:44, Ian Batten wrote: >> It seems to be coming from all angles, doesn't it? > > > From brian at thejohnsons.co.uk Sat Feb 8 10:47:48 2014 From: brian at thejohnsons.co.uk (Brian L Johnson) Date: Sat, 08 Feb 2014 10:47:48 -0000 Subject: Health Service Record Confidentiality In-Reply-To: References: Message-ID: On Fri, 07 Feb 2014 16:44:00 -0000, Ian Batten wrote: > It seems to be coming from all angles, doesn't it? > > I've just been putting together the letter opting me and my children out > of care.data, working > somewhat in the dark as I haven't received the much-bruited NHS > publicity. You do need to explicitly state the codes which should be entered into your patient records. http://medconfidential.org/how-to-opt-out/ > Doing the > information exercise from surgeries has the problem that a lot of people > don't visit the doctor > from one year's end to the next, and I don't know anyone who's actually > received the > leaflet. > > But today I saw on the back of a bus an advert for this: > > http://www.midlandscentralcarerecord.nhs.uk > > which, again, I'm supposed to have been written to about and, again, I > haven't been. Individual health practices seem to be instituting their own version of sharing. I (but not my wife) got a leaflet from my health practice telling me that I could opt to have my data 'shared-in' and/or 'shared-out'. It was explained that other parts of the health service, (a smoking clinic, say) would only see my health data if I chose for my health practice to 'share-out'. If my doctor wanted to see data from that smoking clinic they could only do so if I had chosen to 'share-in'. Very confusing. Then there's care.data... see the link above. > It's not clear if this will be covered by the 93C3 I already have on my > notes. Hey ho, > _another_ letter to my GP. It's an absolutely shocking website, > containing no information > about who the actual responsible body is other than a link to > "http://www.experiencecounts.org.uk" > which could be a scam for all I know: it claims to be part of the NHS > (and has an NHS > email address listed) but there's no evidence on its website that > it's anything other than a bunch of blokes in a shed. Their only > information governance > is about dealing with social media. > > While then looking for the NHS Records "Guarantee", I found most copies > of it lurking > on the National Records archive, because the Information Governance > Board of the > NHS has been closed down, as has Connecting for Health, and therefore > most of the > hits on the first page of Google's results point to dubious archive > sites rather than anything > actively maintained. What's the current status of the care records > "guarantee"? What's > the latest version? Who knows? I suspect we'll all know the extent of the sharing debacle once relentless adverts for hemorrhoid cream / electric cigarettes / support underwear / etc. appear in our Facebook sidebar. -- Brian From lists at internetpolicyagency.com Sat Feb 8 11:34:50 2014 From: lists at internetpolicyagency.com (Roland Perry) Date: Sat, 8 Feb 2014 11:34:50 +0000 Subject: Health Service Record Confidentiality In-Reply-To: <68001DB8-43BE-4BD9-A344-C96CA28BBAAD@hayter.org> References: <52F5251A.7080305@iosis.co.uk> <68001DB8-43BE-4BD9-A344-C96CA28BBAAD@hayter.org> Message-ID: In article <68001DB8-43BE-4BD9-A344-C96CA28BBAAD at hayter.org>, Roger Hayter writes >f you opt out your data will not be sold or given to anyone outside the >NHS in identifiable form. *But* it will still be centrally collected, >stored and collated with new information What sort of "data" is this? I find it difficult to believe that anyone is going to start digitising and storing a two-inch thick folder of notes relating to a period where I was under the care of a particular hospital in Nottingham. Not even the consultant (for a different complaint) in the "NHS Treatment Centre" next door seemed able to get hold of them - even had he known they existed. Now that I've moved a hundred miles, we don't even have a 'one stop shop' local hospital any more; depending on the issue we might visit any one of four of them. Will any (all?) of these be sent my pile of papers (digitised or not) if I turn up there instead in future? As far as I can tell, all the GP gets sent is a discharge letter from the consultant at the end of which might have been a protracted set of investigations, examinations and procedures. -- Roland Perry From maryhawking at tigers.demon.co.uk Sat Feb 8 18:34:42 2014 From: maryhawking at tigers.demon.co.uk (Mary Hawking) Date: Sat, 8 Feb 2014 18:34:42 -0000 Subject: Health Service Record Confidentiality In-Reply-To: <52F5251A.7080305@iosis.co.uk> References: <52F5251A.7080305@iosis.co.uk> Message-ID: You'll be opted in unless you opt out I put together a bit of information for family-and-friends https://dl.dropboxusercontent.com/u/4529244/Info%20care.data%20Jan2014.doc Shades of 1995 and 2002.. It would have been useful if the GPs had been given any real information other than a letter around August last year saying it was going to happen in 8 weeks and it was *their* responsibility to inform their patients! Mary Hawking Retired from NHS on 31.3.13 because of the Health and Social Care Act 2012 "thinking - independent thinking - is to humans as swimming is to cats: we can do it if we really have to."? Mark Earles on Radio 4 blog http://maryhawking.wordpress.com/ And Fred! http://primaryhealthinfo.wordpress.com/2013/11/02/freds-saying-you-just-dont -get-it/ -----Original Message----- From: Peter Tomlinson [mailto:pwt at iosis.co.uk] Sent: 07 February 2014 18:26 To: UK Cryptography Policy Discussion Group Subject: Re: Health Service Record Confidentiality A leaflet came through my letterbox this week (the same day that I went off to one of those NHS independent contractor minor procedure units [1] to have a stubborn molar removed by their dental surgeon - he is, of course, not a white anglo saxon protestant (or catholic or..), but likely from Egypt and did a brilliant job, as did the rest of the team). NHS is the badge of the leaflet, 'Better information means better care' is the banner. It refers me to: - NHS Choices web site - 'staff at your GP practice' - 0300 456 3531 (nothing about any call costs) - 'More details about how we look after confidential information and how it may be used can be found on the website at www.hscic.gov.uk/patientconf' It asks 'Do I need to do anything?. The answer is nothing if I'm happy for my infomation to be shared. And the vital but naked statement "And you can change your mind at any time". So its opt in by default. Peter [1] 'minor' indeed - in the waiting room I found their poster for their fast track hip replacement jobs. On 07/02/2014 16:44, Ian Batten wrote: > It seems to be coming from all angles, doesn't it? From roger at hayter.org Sun Feb 9 00:09:24 2014 From: roger at hayter.org (Roger Hayter) Date: Sun, 9 Feb 2014 00:09:24 +0000 Subject: Health Service Record Confidentiality In-Reply-To: References: <52F5251A.7080305@iosis.co.uk> Message-ID: I am sorry to say that your document is apparently misleading! Opting out does not apparently prevent your data from being "uploaded" to the care.data database, only restricts its non-anonymised use to when the government thinks it appropriate. Unless the health minister Dan Poulter is incompetent, which is certainly arguable on other grounds. See his answer to a written parliamentary question from David Davies, HC Deb, 4 February 2014, c158W He does not answer the question asked in so many words, but they could hardly reveal it if they didn't have it! However, this is described as a "holding answer" so we may yet hear differently. It is interesting to speculate whether all GP data is already copied to central databases from local NHS computer systems, e.g. for backup purposes. And whether, despite this, it can be 'spun' as not in the care.data database. Davies Question "To ask the Secretary of State for Health whether any medical data will be extracted by care.data from GP-held records of patients who have objected to the use of their confidential information by others than those providing them with care." Poulter answer "In terms of information which identifies a patient, NHS England?s ?Better information means better care? leaflet sets out how people can ask their GP practice to note their objections, which will prevent confidential, identifiable data about them being used by the care.data programme, other than in a very limited number of exceptional circumstances. As examples, existing public health legislation may require data to control the spread of specific infectious diseases or the police may require information about an individual patient when investigating serious crime. Decisions are made on a case-by-case basis and must balance legal requirements, the duty of confidentiality owed to the patient and the accepted public interest in a confidential health service, all against any benefits that may arise from the disclosure. It is important to note that provisions in the Health and Social Care Act 2012 are designed to strengthen and clarify the role of the Health and Social Care Information Centre so that information can be collected, held securely and made readily available to those who need it in safe, de-identified formats, with crucial safeguards in place to protect the confidential data it holds. The Health and Social Care Act 2012 is clear that ?information which identifies or enables identification of a person must not be published? " -- Roger Hayter (Retd. NHS 31/3/2013 for a number of reasons) -- Roger Hayter On 8 Feb 2014, at 18:34, Mary Hawking wrote: > You'll be opted in unless you opt out > I put together a bit of information for family-and-friends > https://dl.dropboxusercontent.com/u/4529244/Info%20care.data%20Jan2014.doc > Shades of 1995 and 2002.. > It would have been useful if the GPs had been given any real information > other than a letter around August last year saying it was going to happen in > 8 weeks and it was *their* responsibility to inform their patients! > > Mary Hawking > Retired from NHS on 31.3.13 because of the Health and Social Care Act 2012 > "thinking - independent thinking - is to humans as swimming is to cats: we > can do it if we really have to." Mark Earles on Radio 4 > blog http://maryhawking.wordpress.com/ And Fred! > http://primaryhealthinfo.wordpress.com/2013/11/02/freds-saying-you-just-dont > -get-it/ > > -----Original Message----- > From: Peter Tomlinson [mailto:pwt at iosis.co.uk] > Sent: 07 February 2014 18:26 > To: UK Cryptography Policy Discussion Group > Subject: Re: Health Service Record Confidentiality > > A leaflet came through my letterbox this week (the same day that I went > off to one of those NHS independent contractor minor procedure units [1] > to have a stubborn molar removed by their dental surgeon - he is, of > course, not a white anglo saxon protestant (or catholic or..), but > likely from Egypt and did a brilliant job, as did the rest of the team). > > NHS is the badge of the leaflet, 'Better information means better care' > is the banner. It refers me to: > > - NHS Choices web site > > - 'staff at your GP practice' > > - 0300 456 3531 (nothing about any call costs) > > - 'More details about how we look after confidential information and how > it may be used can be found on the website at www.hscic.gov.uk/patientconf' > > It asks 'Do I need to do anything?. The answer is nothing if I'm happy > for my infomation to be shared. And the vital but naked statement "And > you can change your mind at any time". > > So its opt in by default. > > Peter > > [1] 'minor' indeed - in the waiting room I found their poster for their > fast track hip replacement jobs. > > On 07/02/2014 16:44, Ian Batten wrote: >> It seems to be coming from all angles, doesn't it? > > > > > > > From amidgley at gmail.com Tue Feb 11 01:49:57 2014 From: amidgley at gmail.com (Adrian Midgley) Date: Tue, 11 Feb 2014 01:49:57 +0000 Subject: Health Service Record Confidentiality In-Reply-To: <68001DB8-43BE-4BD9-A344-C96CA28BBAAD@hayter.org> References: <52F5251A.7080305@iosis.co.uk> <68001DB8-43BE-4BD9-A344-C96CA28BBAAD@hayter.org> Message-ID: It seems to be an article of faith, or something repeated often down a hierarchy, that the NHS number is anonymous. So the expectation I've observed is that the anonymous records will have an identifier unique to the citizen or resident, and cross-referenceable to their name by many people for many legitimate purposes. It is possible that I've failed to comprehend the full cleverness of the scheme of assurance of anonymity, and that there is more to it than assurance. On 8 February 2014 00:29, Roger Hayter wrote: > According to a recent Parliamentary answer by Dan Poulter (Health > Minister), if you opt out your data will not be sold or given to anyone > outside the NHS in identifiable form. *But* it will still be centrally > collected, stored and collated with new information, it will still be > available for the police to investigate 'serious crime', and probably it > will still be available for sale to commercial/research parties in > pseudo-anonymised form. You can make your own assumptions from known law > and practice about GCHQ. There was a rumour that the pseudo-anonymised > stuff would *include* NHS number, but this is so silly it may be > disinformation. > > -- > > Roger Hayter > > > On 7 Feb 2014, at 18:25, Peter Tomlinson wrote: > > > A leaflet came through my letterbox this week (the same day that I went > off to one of those NHS independent contractor minor procedure units [1] to > have a stubborn molar removed by their dental surgeon - he is, of course, > not a white anglo saxon protestant (or catholic or..), but likely from > Egypt and did a brilliant job, as did the rest of the team). > > > > NHS is the badge of the leaflet, 'Better information means better care' > is the banner. It refers me to: > > > > - NHS Choices web site > > > > - 'staff at your GP practice' > > > > - 0300 456 3531 (nothing about any call costs) > > > > - 'More details about how we look after confidential information and how > it may be used can be found on the website at www.hscic.gov.uk/patientconf > ' > > > > It asks 'Do I need to do anything?. The answer is nothing if I'm happy > for my infomation to be shared. And the vital but naked statement "And you > can change your mind at any time". > > > > So its opt in by default. > > > > Peter > > > > [1] 'minor' indeed - in the waiting room I found their poster for their > fast track hip replacement jobs. > > > > On 07/02/2014 16:44, Ian Batten wrote: > >> It seems to be coming from all angles, doesn't it? > > > > > > > > > -- Adrian Midgley http://www.defoam.net/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From bdm at fenrir.org.uk Tue Feb 11 12:35:20 2014 From: bdm at fenrir.org.uk (Brian Morrison) Date: Tue, 11 Feb 2014 12:35:20 +0000 Subject: Health Service Record Confidentiality In-Reply-To: References: <52F5251A.7080305@iosis.co.uk> <68001DB8-43BE-4BD9-A344-C96CA28BBAAD@hayter.org> Message-ID: <20140211123520.000002fd@surtees.fenrir.org.uk> On Tue, 11 Feb 2014 01:49:57 +0000 Adrian Midgley wrote: > It is possible that I've failed to comprehend the full cleverness of > the scheme of assurance of anonymity, and that there is more to it > than assurance. Of course there isn't, it would appear that the scheme is designed to allow any "anonymizing" being done to be reversible if enough is handed over. -- Brian Morrison From pwt at iosis.co.uk Fri Feb 14 17:38:51 2014 From: pwt at iosis.co.uk (Peter Tomlinson) Date: Fri, 14 Feb 2014 17:38:51 +0000 Subject: Health Service Record Confidentiality In-Reply-To: <20140211123520.000002fd@surtees.fenrir.org.uk> References: <52F5251A.7080305@iosis.co.uk><68001DB8-43BE-4BD9-A344-C96CA28BBAAD@hayter.org> <20140211123520.000002fd@surtees.fenrir.org.uk> Message-ID: <52FE54AB.8080107@iosis.co.uk> BBC Radio 4 PM reporting that many many people do not know about this scheme and also many say they have not had the leaflet. They also reported that NHS England is trying to find out what went wrong... My view? The leaflets very quickly went into the recycling box with the junk 'mail', as mine nearly did (sic: most of what the postman delivers to me these days is sales leaflets) or are still lying behined the front door. NHS should have sent personal letters to everybody. Peter On 11/02/2014 12:35, Brian Morrison wrote: > On Tue, 11 Feb 2014 01:49:57 +0000 > Adrian Midgley wrote: > >> It is possible that I've failed to comprehend the full cleverness of >> the scheme of assurance of anonymity, and that there is more to it >> than assurance. > Of course there isn't, it would appear that the scheme is designed to > allow any "anonymizing" being done to be reversible if enough inducement here> is handed over. > From ukcrypto at absent-minded.com Sun Feb 16 12:14:16 2014 From: ukcrypto at absent-minded.com (Mark Lomas) Date: Sun, 16 Feb 2014 12:14:16 +0000 Subject: Health Service Record Confidentiality In-Reply-To: References: <52F5251A.7080305@iosis.co.uk> <68001DB8-43BE-4BD9-A344-C96CA28BBAAD@hayter.org> Message-ID: I suspect that there is a misunderstanding regarding the purpose of the NHS number. It is not expected to provide anonymity or privacy. In a small population a small amount of information may be sufficient to identify somebody uniquely. For example, within a university department name and date of birth is usually sufficient, but within the area of a health authority it might not be. Similarly, name and address of a student together are probably unique, but in a doctors' surgery records name and address of a patient may not be sufficient to identify that patient because children often share their name with a parent. The NHS number is intended to resolve such ambiguity. For that reason any records that contain the NHS number cannot be described as anonymised. Note: any identifier that is cross-referenceable to a name by the data controller satisfies clause (b) of the definition of personal data (Data Protection Act 1998, section 1). I recently advised a major NHS department. Its anonymisation processes, e.g. for statistical reporting, required the complete removal of NHS numbers. However, the NHS number itself is not considered sensitive - most NHS staff can look up a patient's name and address using the number as the index. Mark On 11 February 2014 01:49, Adrian Midgley wrote: > It seems to be an article of faith, or something repeated often down a > hierarchy, that the NHS number is anonymous. > > So the expectation I've observed is that the anonymous records will have > an identifier unique to the citizen or resident, and cross-referenceable to > their name by many people for many legitimate purposes. > > It is possible that I've failed to comprehend the full cleverness of the > scheme of assurance of anonymity, and that there is more to it than > assurance. > > > > > On 8 February 2014 00:29, Roger Hayter wrote: > >> According to a recent Parliamentary answer by Dan Poulter (Health >> Minister), if you opt out your data will not be sold or given to anyone >> outside the NHS in identifiable form. *But* it will still be centrally >> collected, stored and collated with new information, it will still be >> available for the police to investigate 'serious crime', and probably it >> will still be available for sale to commercial/research parties in >> pseudo-anonymised form. You can make your own assumptions from known law >> and practice about GCHQ. There was a rumour that the pseudo-anonymised >> stuff would *include* NHS number, but this is so silly it may be >> disinformation. >> >> -- >> >> Roger Hayter >> >> >> On 7 Feb 2014, at 18:25, Peter Tomlinson wrote: >> >> > A leaflet came through my letterbox this week (the same day that I went >> off to one of those NHS independent contractor minor procedure units [1] to >> have a stubborn molar removed by their dental surgeon - he is, of course, >> not a white anglo saxon protestant (or catholic or..), but likely from >> Egypt and did a brilliant job, as did the rest of the team). >> > >> > NHS is the badge of the leaflet, 'Better information means better care' >> is the banner. It refers me to: >> > >> > - NHS Choices web site >> > >> > - 'staff at your GP practice' >> > >> > - 0300 456 3531 (nothing about any call costs) >> > >> > - 'More details about how we look after confidential information and >> how it may be used can be found on the website at >> www.hscic.gov.uk/patientconf' >> > >> > It asks 'Do I need to do anything?. The answer is nothing if I'm happy >> for my infomation to be shared. And the vital but naked statement "And you >> can change your mind at any time". >> > >> > So its opt in by default. >> > >> > Peter >> > >> > [1] 'minor' indeed - in the waiting room I found their poster for their >> fast track hip replacement jobs. >> > >> > On 07/02/2014 16:44, Ian Batten wrote: >> >> It seems to be coming from all angles, doesn't it? >> > >> > >> > >> >> >> > > > -- > Adrian Midgley http://www.defoam.net/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: From igb at batten.eu.org Tue Feb 18 19:47:28 2014 From: igb at batten.eu.org (Ian Batten) Date: Tue, 18 Feb 2014 19:47:28 +0000 Subject: Health Service Record Confidentiality In-Reply-To: References: <52F5251A.7080305@iosis.co.uk> <68001DB8-43BE-4BD9-A344-C96CA28BBAAD@hayter.org> Message-ID: Scheme halted for six months, following a critical (in every sense) intervention by the BMA and the RCGP, along with various disability charities. http://www.theguardian.com/society/2014/feb/18/nhs-delays-sharing-medical-records-care-data http://www.bbc.co.uk/news/health-26239532 My gut feel would be that the revised programme, if it happens at all, will look very different, as people who oppose the scheme will be emboldened and the second version will be subject to much greater scrutiny. This is a real turning point, because this is the first big NHS data project which has been stopped for reasons entirely about public perception of privacy rights, rather than (vide Connecting for Health) a mixture of contractual, technical and political issues. The NHS agreed to a mass leaflet drop with somewhat bad grace, commissioned an inappropriate mechanism at minimum cost, and it went wrong (*). A stack of issues about what happens in houses in multiple occupancy also seem problematic. The re-run is going to have to be individually addressed to each person on the demographic system, and I wonder if anyone?s going to want to fund the ~40m stamps. ian (*) One point I?ve not seen made is that anyone who?s opted out of Royal Mail?s door-to-door service, which is the delivery of unaddressed mail to an area without it being actually marked for any individual, wouldn?t have got the information even had the drop otherwise gone perfectly. Given such people are disproportionately likely to be people concerned about privacy, it?s hard to see that ending well. From theom+news at chiark.greenend.org.uk Sun Feb 23 23:40:55 2014 From: theom+news at chiark.greenend.org.uk (Theo Markettos) Date: Sun, 23 Feb 2014 23:40:55 +0000 Subject: Health Service Record Confidentiality In-Reply-To: Message-ID: In article you wrote: > On Fri, 07 Feb 2014 16:44:00 -0000, Ian Batten wrote: > > > It seems to be coming from all angles, doesn't it? > > > > I've just been putting together the letter opting me and my children out > > of care.data, working > > somewhat in the dark as I haven't received the much-bruited NHS > > publicity. > > You do need to explicitly state the codes which should be entered into > your patient records. There's now a handy unofficial optout website: https://www.faxyourgp.com/ Theo From maryhawking at tigers.demon.co.uk Mon Feb 24 08:59:07 2014 From: maryhawking at tigers.demon.co.uk (Mary Hawking) Date: Mon, 24 Feb 2014 08:59:07 -0000 Subject: Health Service Record Confidentiality In-Reply-To: References: Message-ID: Looking forward to 2.30 on Tuesday 25th? Health Select Committee first evidence session on "the proposed care.data database" http://www.parliament.uk/business/committees/committees-a-z/commons-select/h ealth-committee/inquiries/parliament-2010/cdd-2014/ Mary Hawking Retired from NHS on 31.3.13 because of the Health and Social Care Act 2012 "thinking - independent thinking - is to humans as swimming is to cats: we can do it if we really have to."? Mark Earles on Radio 4 blog http://maryhawking.wordpress.com/ And Fred! http://primaryhealthinfo.wordpress.com/2013/11/02/freds-saying-you-just-dont -get-it/ -----Original Message----- From: Theo Markettos [mailto:theom+news at chiark.greenend.org.uk] Sent: 23 February 2014 23:41 To: UK Cryptography Policy Discussion Group Subject: Re: Health Service Record Confidentiality In article you wrote: > On Fri, 07 Feb 2014 16:44:00 -0000, Ian Batten wrote: > > > It seems to be coming from all angles, doesn't it? > > > > I've just been putting together the letter opting me and my children out > > of care.data, working > > somewhat in the dark as I haven't received the much-bruited NHS > > publicity. > > You do need to explicitly state the codes which should be entered into > your patient records. There's now a handy unofficial optout website: https://www.faxyourgp.com/ Theo From otcbn at callnetuk.com Mon Feb 24 09:17:32 2014 From: otcbn at callnetuk.com (Peter Mitchell) Date: Mon, 24 Feb 2014 09:17:32 +0000 Subject: Health Service Record Confidentiality In-Reply-To: References: Message-ID: <530B0E2C.5060006@callnetuk.com> On 24/02/2014 08:59, Mary Hawking wrote: > Looking forward to 2.30 on Tuesday 25th? Health Select Committee first > evidence session on "the proposed care.data database" > http://www.parliament.uk/business/committees/committees-a-z/commons-select/h > ealth-committee/inquiries/parliament-2010/cdd-2014/ > http://www.telegraph.co.uk/health/healthnews/10656893/Hospital-records-of-all-NHS-patients-sold-to-insurers.html ... a report by a major UK insurance society discloses that it was able to obtain 13 years of hospital data ? covering 47 million patients ? in order to help companies ?refine? their premiums. -- Pete Mitchell From bdm at fenrir.org.uk Mon Feb 24 11:46:16 2014 From: bdm at fenrir.org.uk (Brian Morrison) Date: Mon, 24 Feb 2014 11:46:16 +0000 Subject: Health Service Record Confidentiality In-Reply-To: <530B0E2C.5060006@callnetuk.com> References: <530B0E2C.5060006@callnetuk.com> Message-ID: <20140224114616.000019e1@surtees.fenrir.org.uk> On Mon, 24 Feb 2014 09:17:32 +0000 Peter Mitchell wrote: > ... a report by a major UK insurance society discloses that it was > able to obtain 13 years of hospital data ? covering 47 million > patients ? in order to help companies ?refine? their premiums. I can see why they would want this, their actuaries will be using the complete distribution to apportion average risk for each centile or decile of the population and more accurate data should improve their modelling. The problem comes if they are able to use an individual's data to unfairly load their premiums or refuse cover for a future, as yet not experienced, condition. I suppose that it would also be unfair to cover someone with a very low risk for a very low premium but I can't see many insurers taking that route. -- Brian Morrison From igb at batten.eu.org Mon Feb 24 13:42:36 2014 From: igb at batten.eu.org (Ian Batten) Date: Mon, 24 Feb 2014 13:42:36 +0000 Subject: Health Service Record Confidentiality In-Reply-To: <20140224114616.000019e1@surtees.fenrir.org.uk> References: <530B0E2C.5060006@callnetuk.com> <20140224114616.000019e1@surtees.fenrir.org.uk> Message-ID: On 24 Feb 2014, at 11:46, Brian Morrison wrote: > On Mon, 24 Feb 2014 09:17:32 +0000 > Peter Mitchell wrote: > >> ... a report by a major UK insurance society discloses that it was >> able to obtain 13 years of hospital data ? covering 47 million >> patients ? in order to help companies ?refine? their premiums. > > I can see why they would want this, I can see why they would want it; that doesn't mean they should be given. HSCIS's rather unconvincing excuse is that the data was provided by a previous organisation and they wouldn't do it now. Hardly reassuring. ian From bdm at fenrir.org.uk Mon Feb 24 14:15:52 2014 From: bdm at fenrir.org.uk (Brian Morrison) Date: Mon, 24 Feb 2014 14:15:52 +0000 Subject: Health Service Record Confidentiality In-Reply-To: References: <530B0E2C.5060006@callnetuk.com> <20140224114616.000019e1@surtees.fenrir.org.uk> Message-ID: <20140224141552.0000530d@surtees.fenrir.org.uk> On Mon, 24 Feb 2014 13:42:36 +0000 Ian Batten wrote: > > On 24 Feb 2014, at 11:46, Brian Morrison wrote: > > > On Mon, 24 Feb 2014 09:17:32 +0000 > > Peter Mitchell wrote: > > > >> ... a report by a major UK insurance society discloses that it was > >> able to obtain 13 years of hospital data ? covering 47 million > >> patients ? in order to help companies ?refine? their premiums. > > > > I can see why they would want this, > > I can see why they would want it; that doesn't mean they should be > given. I entirely agree that in the event that identifiable information can be reverse engineered from what is provided it should not be provided. Bulk information without that capability is rather different. Where did the insurance industry's original actuarial tables originate? I would say that it would have been from previous bulk data sources. > > HSCIS's rather unconvincing excuse is that the data was provided by a > previous organisation and they wouldn't do it now. Hardly reassuring. No, that certainly isn't reassuring. It indicates that some lax thinking must have gone on before. -- Brian Morrison From codepope at gmail.com Mon Feb 24 14:29:53 2014 From: codepope at gmail.com (Gmail) Date: Mon, 24 Feb 2014 14:29:53 +0000 Subject: Health Service Record Confidentiality In-Reply-To: <20140224141552.0000530d@surtees.fenrir.org.uk> References: <530B0E2C.5060006@callnetuk.com> <20140224114616.000019e1@surtees.fenrir.org.uk> <20140224141552.0000530d@surtees.fenrir.org.uk> Message-ID: On 24 February 2014 at 14:16:18, Brian Morrison (bdm at fenrir.org.uk) wrote: On Mon, 24 Feb 2014 13:42:36 +0000? Ian Batten wrote:? > HSCIS's rather unconvincing excuse is that the data was provided by a? > previous organisation and they wouldn't do it now. Hardly reassuring.? No, that certainly isn't reassuring. It indicates that some lax? thinking must have gone on before.? Oddly though, its also a statement that doesn?t stand up to scrutiny. From?http://www.hscic.gov.uk/hes "In 1996 these bodies were abolished and the NHS-Wide Clearing Service (NWCS) was set up to provide a means of transmitting the records. In 2006 this work was taken over by the Secondary Uses Service, which is run by the Health and Social Care Information Centre and the National Programme for IT.? So it came under HSCIS?s remit in 2006. The data set was from 2000-2010.? For tracking though, there is the HESID -?http://www.hscic.gov.uk/media/1370/HES-Hospital-Episode-Statistics-Replacement-of-the-HES-patient-ID/pdf/HESID_Replacement_Nov09.pdf Which appears to include per-client pseudonym-ids. Data cleaning on release appears to be documented here -?http://www.datadictionary.nhs.uk/web_site_content/cds_supporting_information/security_issues_and_patient_confidentiality.asp?shownav=1 Dj -------------- next part -------------- An HTML attachment was scrubbed... URL: From codepope at gmail.com Mon Feb 24 15:40:27 2014 From: codepope at gmail.com (Gmail) Date: Mon, 24 Feb 2014 15:40:27 +0000 Subject: Health Service Record Confidentiality In-Reply-To: References: <530B0E2C.5060006@callnetuk.com> <20140224114616.000019e1@surtees.fenrir.org.uk> <20140224141552.0000530d@surtees.fenrir.org.uk> Message-ID: HSCIC have made a statement - http://www.hscic.gov.uk/article/3932/Statement-on-use-of-Hospital-Episode-Statistics-HES-data They appear to have been responsible for collection since 2006 but only handling the processing since 2013. Dj On 24 February 2014 at 14:29:55, Gmail (codepope at gmail.com) wrote: On 24 February 2014 at 14:16:18, Brian Morrison (bdm at fenrir.org.uk) wrote: On Mon, 24 Feb 2014 13:42:36 +0000? Ian Batten wrote:? > HSCIS's rather unconvincing excuse is that the data was provided by a? > previous organisation and they wouldn't do it now. Hardly reassuring.? No, that certainly isn't reassuring. It indicates that some lax? thinking must have gone on before.? Oddly though, its also a statement that doesn?t stand up to scrutiny. From?http://www.hscic.gov.uk/hes "In 1996 these bodies were abolished and the NHS-Wide Clearing Service (NWCS) was set up to provide a means of transmitting the records. In 2006 this work was taken over by the Secondary Uses Service, which is run by the Health and Social Care Information Centre and the National Programme for IT.? So it came under HSCIS?s remit in 2006. The data set was from 2000-2010.? For tracking though, there is the HESID -?http://www.hscic.gov.uk/media/1370/HES-Hospital-Episode-Statistics-Replacement-of-the-HES-patient-ID/pdf/HESID_Replacement_Nov09.pdf Which appears to include per-client pseudonym-ids. Data cleaning on release appears to be documented here -?http://www.datadictionary.nhs.uk/web_site_content/cds_supporting_information/security_issues_and_patient_confidentiality.asp?shownav=1 Dj -------------- next part -------------- An HTML attachment was scrubbed... URL: From igb at batten.eu.org Mon Feb 24 15:59:51 2014 From: igb at batten.eu.org (Ian Batten) Date: Mon, 24 Feb 2014 15:59:51 +0000 Subject: Health Service Record Confidentiality In-Reply-To: References: <530B0E2C.5060006@callnetuk.com> <20140224114616.000019e1@surtees.fenrir.org.uk> <20140224141552.0000530d@surtees.fenrir.org.uk> Message-ID: On 24 Feb 2014, at 15:40, Gmail wrote: > HSCIC have made a statement - > > http://www.hscic.gov.uk/article/3932/Statement-on-use-of-Hospital-Episode-Statistics-HES-data > > They appear to have been responsible for collection since 2006 but only handling the processing since 2013. Clare Gerada of the RCGP has been using HES as a "that works, so why won't care.data?" example for the past few weeks. She now admits to being "confused" and seeking a "JR" (presumably "Judicial Review"). Unfortunately, this whole sorry saga seems to be full of well-intentioned useful idiots, to use Lenin's phrase of western Communists of the 1920s and 1930s, who are so keen to do good that they assume the best of everyone, while meanwhile HSCIC and its predecessors have been selling the data on a rather less high-minded basis. I suspect soon we'll get the "we can't refuse lawful requests" excuse. ian -------------- next part -------------- An HTML attachment was scrubbed... URL: From maryhawking at tigers.demon.co.uk Mon Feb 24 17:29:04 2014 From: maryhawking at tigers.demon.co.uk (Mary Hawking) Date: Mon, 24 Feb 2014 17:29:04 -0000 Subject: Health Service Record Confidentiality In-Reply-To: References: <530B0E2C.5060006@callnetuk.com><20140224114616.000019e1@surtees.fenrir.org.uk><20140224141552.0000530d@surtees.fenrir.org.uk> Message-ID: <0494AED522B64FDCA8BE3BD9EF621F00@MaryPC> HSCIC was established under the Health & Social Care Act on 1.4.13: it included the previous NHS Information Centre - with the addition of a lot of CfH staff and functions. I can't remember what happened in 2006: surely the NHSIA (NHS Information Authority) had been abolished before then? Does every reorganisation of the NHS remove all responsibility for actions performed by the previous organisations? Mary Hawking Retired from NHS on 31.3.13 because of the Health and Social Care Act 2012 "thinking - independent thinking - is to humans as swimming is to cats: we can do it if we really have to." Mark Earles on Radio 4 blog http://maryhawking.wordpress.com/ And Fred! http://primaryhealthinfo.wordpress.com/2013/11/02/freds-saying-you-just-dont -get-it/ _____ From: Gmail [mailto:codepope at gmail.com] Sent: 24 February 2014 15:40 To: UK Cryptography Policy Discussion Group; Brian Morrison Subject: Re: Health Service Record Confidentiality HSCIC have made a statement - http://www.hscic.gov.uk/article/3932/Statement-on-use-of-Hospital-Episode-St atistics-HES-data They appear to have been responsible for collection since 2006 but only handling the processing since 2013. Dj On 24 February 2014 at 14:29:55, Gmail (codepope at gmail.com) wrote: On 24 February 2014 at 14:16:18, Brian Morrison (bdm at fenrir.org.uk) wrote: On Mon, 24 Feb 2014 13:42:36 +0000 Ian Batten wrote: > HSCIS's rather unconvincing excuse is that the data was provided by a > previous organisation and they wouldn't do it now. Hardly reassuring. No, that certainly isn't reassuring. It indicates that some lax thinking must have gone on before. Oddly though, its also a statement that doesn't stand up to scrutiny. >From http://www.hscic.gov.uk/hes "In 1996 these bodies were abolished and the NHS-Wide Clearing Service (NWCS) was set up to provide a means of transmitting the records. In 2006 this work was taken over by the Secondary Uses Service, which is run by the Health and Social Care Information Centre and the National Programme for IT." So it came under HSCIS's remit in 2006. The data set was from 2000-2010. For tracking though, there is the HESID - http://www.hscic.gov.uk/media/1370/HES-Hospital-Episode-Statistics-Replaceme nt-of-the-HES-patient-ID/pdf/HESID_Replacement_Nov09.pdf Which appears to include per-client pseudonym-ids. Data cleaning on release appears to be documented here - http://www.datadictionary.nhs.uk/web_site_content/cds_supporting_information /security_issues_and_patient_confidentiality.asp?shownav=1 Dj -------------- next part -------------- An HTML attachment was scrubbed... URL: From nbohm at ernest.net Mon Feb 24 17:39:47 2014 From: nbohm at ernest.net (Nicholas Bohm) Date: Mon, 24 Feb 2014 17:39:47 +0000 Subject: Health Service Record Confidentiality In-Reply-To: <0494AED522B64FDCA8BE3BD9EF621F00@MaryPC> References: <530B0E2C.5060006@callnetuk.com><20140224114616.000019e1@surtees.fenrir.org.uk><20140224141552.0000530d@surtees.fenrir.org.uk> <0494AED522B64FDCA8BE3BD9EF621F00@MaryPC> Message-ID: <530B83E3.2050201@ernest.net> An HTML attachment was scrubbed... URL: From zenadsl6186 at zen.co.uk Fri Feb 28 06:51:55 2014 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Fri, 28 Feb 2014 06:51:55 +0000 Subject: GCHQ YAHOO image collection - legal? Message-ID: <5310320B.2010907@zen.co.uk> http://www.theguardian.com/world/2014/feb/27/gchq-nsa-webcam-images-internet-yahoo "Yahoo webcam images from millions of users intercepted by GCHQ ? Material included large quantity of sexually explicit images" To place this in context, the images in question are taken from video calls, many of them between Brits in Britain - but they go through the US YAHOO servers on the way. (And the people running it are called "secret strap-one". Not kidding. Pervy, or what?) Now how are GCHQ intercepting these UK-to-UK calls with any degree of legality? I can only suppose they claim it is under ss.5(6) of RIPA which legitimises "(a) all such conduct (including the interception of communications not identified by the warrant) as it is necessary to undertake in order to do what is expressly authorised or required by the warrant". the warrant in question being a bulk trawling warrant signed by the Foreign Secretary, which is meant to allow interception of communications of people who are outside the UK (bulk interception warrants for communications of people in the UK are not supposed to be allowed - but this is a potential loophole. Se, GCHQ intercept everything on the cables which go to the US - and they don't sort out the domestic traffic which they aren't allowed to lok at because "GCHQ does not have the technical means to make sure no images of UK [..] citizens are collected and stored by the system". Isn't it time this loophole was closed? Eg perhaps GCHQ should be required to able to show that 95% of the traffic they collect or look at under a bulk non-domestic traffic collection warrant should be non-domestic traffic? -- Peter Fairbrother From codepope at gmail.com Fri Feb 28 08:24:32 2014 From: codepope at gmail.com (Dj Walker-Morgan) Date: Fri, 28 Feb 2014 08:24:32 +0000 Subject: GCHQ YAHOO image collection - legal? In-Reply-To: <5310320B.2010907@zen.co.uk> References: <5310320B.2010907@zen.co.uk> Message-ID: <6C5FE864-612B-40A9-98C2-E16835EDFEB1@gmail.com> Secret strap1 is a security classification, not the name of the people running the project. http://electrospaces.blogspot.co.uk/2013/12/the-british-classification-marking-strap.html Dj > On 28 Feb 2014, at 06:51, Peter Fairbrother wrote: > > http://www.theguardian.com/world/2014/feb/27/gchq-nsa-webcam-images-internet-yahoo > > (And the people running it are called "secret strap-one". Not kidding. Pervy, or what?) > >