Health Service Record Confidentiality
ukcrypto at absent-minded.com
Sun Feb 16 12:14:16 GMT 2014
I suspect that there is a misunderstanding regarding the purpose of the NHS
number. It is not expected to provide anonymity or privacy.
In a small population a small amount of information may be sufficient to
identify somebody uniquely. For example, within a university department
name and date of birth is usually sufficient, but within the area of a
health authority it might not be. Similarly, name and address of a student
together are probably unique, but in a doctors' surgery records name and
address of a patient may not be sufficient to identify that patient because
children often share their name with a parent.
The NHS number is intended to resolve such ambiguity. For that reason any
records that contain the NHS number cannot be described as anonymised.
Note: any identifier that is cross-referenceable to a name by the data
controller satisfies clause (b) of the definition of personal data (Data
Protection Act 1998, section 1).
I recently advised a major NHS department. Its anonymisation processes,
e.g. for statistical reporting, required the complete removal of NHS
numbers. However, the NHS number itself is not considered sensitive - most
NHS staff can look up a patient's name and address using the number as the
On 11 February 2014 01:49, Adrian Midgley <amidgley at gmail.com> wrote:
> It seems to be an article of faith, or something repeated often down a
> hierarchy, that the NHS number is anonymous.
> So the expectation I've observed is that the anonymous records will have
> an identifier unique to the citizen or resident, and cross-referenceable to
> their name by many people for many legitimate purposes.
> It is possible that I've failed to comprehend the full cleverness of the
> scheme of assurance of anonymity, and that there is more to it than
> On 8 February 2014 00:29, Roger Hayter <roger at hayter.org> wrote:
>> According to a recent Parliamentary answer by Dan Poulter (Health
>> Minister), if you opt out your data will not be sold or given to anyone
>> outside the NHS in identifiable form. *But* it will still be centrally
>> collected, stored and collated with new information, it will still be
>> available for the police to investigate 'serious crime', and probably it
>> will still be available for sale to commercial/research parties in
>> pseudo-anonymised form. You can make your own assumptions from known law
>> and practice about GCHQ. There was a rumour that the pseudo-anonymised
>> stuff would *include* NHS number, but this is so silly it may be
>> Roger Hayter
>> On 7 Feb 2014, at 18:25, Peter Tomlinson <pwt at iosis.co.uk> wrote:
>> > A leaflet came through my letterbox this week (the same day that I went
>> off to one of those NHS independent contractor minor procedure units  to
>> have a stubborn molar removed by their dental surgeon - he is, of course,
>> not a white anglo saxon protestant (or catholic or..), but likely from
>> Egypt and did a brilliant job, as did the rest of the team).
>> > NHS is the badge of the leaflet, 'Better information means better care'
>> is the banner. It refers me to:
>> > - NHS Choices web site
>> > - 'staff at your GP practice'
>> > - 0300 456 3531 (nothing about any call costs)
>> > - 'More details about how we look after confidential information and
>> how it may be used can be found on the website at
>> > It asks 'Do I need to do anything?. The answer is nothing if I'm happy
>> for my infomation to be shared. And the vital but naked statement "And you
>> can change your mind at any time".
>> > So its opt in by default.
>> > Peter
>> >  'minor' indeed - in the waiting room I found their poster for their
>> fast track hip replacement jobs.
>> > On 07/02/2014 16:44, Ian Batten wrote:
>> >> It seems to be coming from all angles, doesn't it?
> Adrian Midgley http://www.defoam.net/
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ukcrypto