How the UK manages its medical data has been the subject of heated debate recently, and the more solutions that are suggested, the more tangled the issue seems to become. In the last few months Christine Connelly’s NHS National Programme for IT has turned out to be an idealised and unrealistic project, and the Digital Britain Report has recommended a Government cloud computing approach to share information.
Google Health and Microsoft HealthVault have been suggested as custodians of public health data, and questions of individual privacy have been raised. Local solutions for Government IT have been argued for, and at the same time the NHS is about to face a freeze on spending and its -biggest financial crisis ever”.
In the midst of this chaos citizen’s attitudes to the role of the NHS and their medical records are changing. Historically, patients have been seen as the subjects of the data, rather than the owners. Now hundreds of start-ups are developing online tools to let citizens manage their own health information, and websites like HealthDataRights.org allow people to sign up to assert their rights to their own health data. Patients have become more discerning about the doctors they choose to see, and often search for information online to do for themselves what institutions cannot.
What is lacking here is a clear and definitive system to store and share information, not just between medical staff but also the citizen. None of the suggested options to date have presented a suitable solution. The age-old question is trust; who can we trust with our medical data? Who ultimately should be its custodian? There has been some opposition to a commercial body like Google or Microsoft that may have ulterior motives for the data, and if the citizen alone is the custodian, how can that data be properly monitored by the national health system? The NHS is the biggest employer in the UK, so why then should it not become the heart of data capture?
We need to find a system where data is effectively managed, safely stored, shared and immediately available to those who need it. If the Government could develop an information policy which demanded a -pool of data”, readily accessible to both the citizen and public bodies via secure intranets, the citizen could be assured the necessary restrictions were in place to protect and control access to their personal details. This vision is one of the federated identity model, where ultimately the citizen is made custodian of his/her information. The rules governing that information sit in a -brokering” architecture, allowing the citizen to establish the -rules” (policies) by which his/her data could be accessed.
A simple analogy is the way a Facebook account works, where the account owner is the decider of who can see which parts of their profile. The implicit theme here is that the network operates on a trust model (for example, you may share lots of information with someone you trust a lot like a family member, less with a work colleague and nothing with a stranger). With this approach the NHS would work like a knowledge bank with a safe deposit box, where you have a key, they have a key, but you need both to open it.
In years gone by trust in the NHS would not have been a question, as the Government dictated how information was to be managed and controlled. In a democracy, we tend to go through cycles of complete Government control which fail due to resistance to a heavy handed approach, versus a more relaxed and consultative approach which fails due to lack of control and direction.
The Government tends to swing between the two, when actually a combination of both is what is needed. What we need is a policy that is strong enough to take a firm line on what needs to be done, and realistic enough to take into consideration the needs and concerns of a variety of groups. Whatever we decide now will shape our public health system for the next few decades, so it is imperative that we take hold of that and get it right.
Paul Wooding, UK Head of Public Sector, NetApp
Recent Comments