Patient records excluded from new data sharing bill

New legislation to allow data sharing between the public and private sectors were unveiled by the government yesterday, but NHS patient records are excluded from the laws.

The Serious Crime Bill will let anti-fraud agencies access personal information including pay, tax, pension and benefit records. It will exclude some sensitive personal data, including all NHS patient records, and is aimed at aiding anti-fraud investigations.

The bill follows a decision by the cabinet last summer to change the data protection laws that stated that personal information provided to a government department for one purpose should in general not be used for another.

The new law states: “Information will normally be shared in the public sector, provided it is in the public interest.”

The home secretary can now authorise the use of software to search several databases to identify suspicious patterns of activity that cannot be seen when the data is seen individually, but this will not include any patient records from any NHS database.

NHS patient records can only be accessed if a health matter needs to be looked at, in connection with the person involved.

These can be carried out for a number of purposes including the prevention of crime and the apprehension of offenders or the recovery of debt.

The national fraud initiative will involve 1300 public bodies and will later be extended to include information on central government systems, such as passports and driving licenses.

Imprisonment and heavy penalties have been threatened in the bill for any wrongful disclosures of data.

The human rights group Liberty says that the new laws allow unnecessary “fishing expeditions.”