On one level, it’s a no-brainer that whenever and wherever an NHS patient is taken ill, the clinicians caring for him or her should be able to access crucial information – especially in potentially life-threatening situations. My son, for example, is allergic to penicillin and about to go off to university. If he’s unlucky enough to be rushed to hospital semi-conscious with meningitis, I’d want the doctors involved to learn of his allergy promptly and alter their treatment plan accordingly. The Summary Care Record – a central repository of key data on all patients, derived from our NHS medical records – is designed to address precisely this situation.
But as we all know, there is a major downside to placing personal health information on a central server intended for rapid, easy access in unscheduled care situations. Despite strict data protection legislation in this country and abroad, examples of harm arising from lapses of one sort or another in so-called ‘secure’ information systems are not difficult to find. Nobody is going to refuse you a mortgage for being allergic to penicillin. But what if my son were HIV positive, or taking methadone as part of a drug rehabilitation programme that nobody outside the family knew about? These data items might prove equally crucial to him receiving life-saving treatment in an emergency, but they are private and sensitive in a way that a penicillin allergy isn’t. Potentially stigmatising conditions such as mental health problems, domestic violence, epilepsy or a past termination of pregnancy often map closely to the things a doctor needs to know about when someone gets taken ill unexpectedly.
It is impossible to square this circle. There are benefits to sharing personal information, and there are potential harms. A different balance of benefit and harm pertains for different people – and for the same person at different times and in different places and contexts. Yet the government, through its Connecting for Health programme, is pushing ahead with a plan to implement the Summary Care Record. General practitioners, as advocates for their vulnerable patients, are quite reasonably asking for caution.
I wanted the contract to be the independent evaluator of the Summary Care Record for three reasons. First, as an academic, I wanted to know the answer to the research questions “What are the potential benefits, and what are the potential harms, of the Summary Care Record? In what situations do the benefits outweigh the harms and vice versa? How, if at all, can the benefits be maximised and harms minimised?” I wanted to generate lessons not just in relation to the current initiative in the UK, but also knowledge that would inform other large-scale IT programmes in other countries. Second, as a practising doctor, I understood the concerns of my fellow GPs from the inside. I too have patients who have good reason to fear disclosure of their medical details to third parties, and who lack the skills or wherewithal to defend their right to privacy. And third, as a citizen and taxpayer, I had been alarmed at the reported cost of the National Programme for IT (of which the Summary Care Record is admittedly only a small part) and felt a public responsibility to find out what the money was being spent on.
It’s important to understand the difference between ‘evaluation’ and ‘audit’. An auditor is someone who comes into an organisation, checks the books and procedures, and makes a judgement, based on predefined criteria, about whether the ship is in order. Some people who call themselves evaluators align very closely with this approach. It’s not what I do.
My own approach to evaluation is to pitch for illumination rather than judgement. That is not to say things do not need to be judged, but that the criteria on which the project should be judged cannot be picked off a shelf before the evaluation begins. Rather, these criteria need to be carefully defined as part of the evaluation. Already, it is apparent that different stakeholders in the Summary Care Record Early Adopter Sites have different views on how the ‘success’ of the project should be defined, and how much notice we should take of one aspect of the work compared to other aspects.
The first task of the evaluation team is to map the values and perspectives of different stakeholders so as to define reasonable standards against which we can evaluate different aspects of the programme. Patient advocacy groups such as the Terrence Higgins Trust and MIND, for example, want to know what particular measures will be in place to protect and inform the people they represent. They have a wealth of experience on what matters to their members, and must be listened to. GPs too have concerns – mainly, it seems, about workload – and these too must be documented and summarised. Other key players include primary care trusts, medical defence societies, and professional societies such as the Worshipful Company of Information Technologists. And Connecting for Health has its own perspective, which we will also need to capture (though we will certainly not be bound by it).
I am working towards a final report, to be published in May 2008 that will prove useful to all these different stakeholders and more. But in addition, my team is working to produce interim insights that will help different interest groups both clarify their own position (What, if anything, do they value about the Summary Care Record? What exactly are their hopes and fears?) and also see where the others are coming from. I hope through this process to generate light rather than heat on the question of whether, and in what circumstances, the Summary Care Record is a ‘good thing’.
Professor Trisha Greenhalgh OBE
University College London