Large fileGerry Yantis & Manuel Lowenhaupt, MD
Vice-presidents, CapGemini

Therapeutic misadventure in the NHS cause 1,200 proven deaths per year – an increase of 500% on last decade. According to the 2001 Audit Commission report, ‘A Spoonful of Sugar’, adverse incidents also cost the NHS £500 million a year. 

These factors, combined with the constant need to slash costs while improving service levels, have put medicines management and clinical governance high on the healthcare agenda. The proposed development of a complete personal health record for every patient in the UK will play an integral part in driving down costs and pushing up levels of patient care.  

The difference between life and death

There is no doubt a personal health record will open up unprecedented opportunities for improved safety and better care and disease management.  Healthcare providers have long desired a means to access a complete health record of every patient and have it available at the point of service. 

For example, in an emergency situation, having this detailed patient information available in the A&E or the ambulance can mean the difference between life and death.  Even a patient entering the hospital on a non-emergency basis is frequently not in a position to be clear-headed or articulate when recounting his or her medical history. 

Knowing things like allergies and current conditions and medications is vital to safe, effective medical care.  Relieving the patient of the responsibility to recall these details from memory allows for more confident medical treatment.  Without such a record, whether on paper or computer chip, or accessed via the internet, health providers are continually risking their reputations, running up costs and placing patients’ health in jeopardy. 

Another example of needed information is the patient’s blood type.  Although this information is essential for emergency care, most patient health records don’t include it. Infusing mismatched blood into a patient is such a life-threatening medical error that physicians and clinicians must have absolute confidence in the accuracy of this information and in the identity of the patient the data purport to represent.

We live in a society that demands health care portability and convenience – between different providers, and to suit lifestyles.  Patients who don’t stay in one place, and people travelling between cities and countries, also need access to their personal health data.

Conquering the data mountain

L-R: Gerry Yantis and Manuel Lowenhaupt, MD

The ideal components of a patient health record span from details of the patient’s significant illnesses and complete medication record, to allergies, immunisation records, laboratory records such as cholesterol testing, family history and organ donor information. 

The information required represents a significant amount of data, but, with the exception of images, it can be stored as text files the patient could conceivably carry around as paper documents, analogous to a savings account passbook, or in electronic form, such as a “smart card” containing an embedded memory chip. 

However, the need to access raw images such as X-rays, CAT scans, PET scans, or other radiological images makes such a portable storage method incomplete.  Smart cards are subject to loss, breakage, or simply forgetting to carry them around.  If the card is the only repository for current patient data, that’s a problem. 

It is more feasible to build backup and robustness into an online model.  A secure, centralised data repository could conceivably hold many gigabytes of information on each patient. Access might be through a password-protected web connection.  The interaction could be much like sending and receiving email. 

The NHS Care Records Service, aka the data spine, will be a centralised repository of electronic health records for all patient information.  Each region is obligated to automate all general practitioner offices and hospitals with an electronic health record system that will fully integrate with this central repository.   

The goal is for comprehensive patient information to be available at any point of service, with the ability to both access and update information stored in the central repository.  A key hurdle yet to be overcome is delivering the technology and the bandwidth required to provide access to the huge quantities of information that will be necessary to communicate large files, such as images, back and forth across the network. 

Patient privacy

Another major challenge is data privacy concerns. The Caldicott Report of 1977 identified a number of gaps in the protection and privacy of patient data. Since then, much has been done to address the gaps,.

Several laws and codes of conduct have been introduced, including the NHS Confidentiality Code of Practice (July 2003), which details how healthcare providers must protect and manage the privacy of their patients’ data. The NHS Information Authority has also taken a number of steps to ensure patient confidentiality is preserved, including the creation of the Information Governance Service.

The most widely recognised of all these is the Data Protection Act, which requires healthcare providers to maintain the privacy and control access to patient information. Failing to protect a patient’s private information carries significant penalties.   One tenet of the Act dictates that patients should be told generally what information is held about them and how that data will be used.  

However, despite the legislative progress that has been made, many patients are ignorant of their rights under the Act and their rights regarding their health records.   Yet if personal health records are to work effectively, we must promote greater awareness in order to encourage individual responsibility for checking and maintaining a report.

Developing patient responsibility

Some ideal components of a personal health record

  • Identification data.  Who is the patient, and where does s/he live?
  • An up-to-date record of the patient’s demographic data
  • A problem list of the patient’s significant illnesses, surgeries, and other medical treatments
  • A complete medical history of the patient, and a comprehensive family history of disease
  • Immunisation records, including specific travel destinations for which immunisations were administered
  • Operative, pathology, and discharge reports from any hospitalisation the patient may have incurred
  • A living will, including resuscitation directives and organ donor information
In some ways, a personal health record is like a credit report.  Patients need to take responsibility for checking the accuracy of entries made by doctors and nurses.  Inaccuracies can result in inappropriate future treatment, and may reflect on a patient’s character.  For example, if a provider investigates potential child abuse, and subsequent investigation proves the initial concern unfounded, the parents may want this information expunged from the family’s health records.  Psychiatric conditions and treatment for substance abuse are also particularly sensitive issues.

Patients in need of an incentive to take an interest in their health record also have the carrot of more proactive healthcare from the NHS.  For instance, a patient with diabetes could be sent reminders as necessary to make appointments for ongoing monitoring, or regular visits to a podiatrist or ophthalmologist. 

Data entry

From long-term to emergency situations, a personal health record can help providers treat patients more effectively and more safely.  It opens up unprecedented opportunities for better care and disease management. However, gaining access to patient information by reading it from a card or secure internet connection is only half of the story.  A database is only as good as the information fed into it which is why the care and feeding of a personal health database is equally important.

Information won’t magically appear in on the data spine after each office or hospital visit. Someone must put it there. This requires responsibility on the part of the patient, and effort on the part of care provider or their assistants, who must take on the responsibility of updating their patients’ record. 

Once a physician treats a patient in the surgery or A&E, the patient’s information must be updated with the results of the experience. The local system used to capture and maintain that information must then pass the essential elements of the episode of care to the NHS CRS where the data is stored as part of the overall electronic health record for the patient.

NHS patients in England can get started by filling in forms available from the NHS at HealthSpace ( While this is a rather basic approach to an electronic health record, it is the precursor to a site that will provide patients with access to their data on the spine. This approach helps patients begin to take further responsibility for collecting and maintaining his/her own health records.

Ultimately, a patient’s personal health record must be a collaborative effort between patient and provider, a partnership that assures each patient the best possible results.

Gerry Yantis & Manuel Lowenhaupt, MD