Renewed concerns have been raised about the security of the Personal Demographics Service after a GP was able to access details of colleagues and staff without being detected.
Dr Paul Golik, a GP in Stoke-on-Trent, Staffordshire, and secretary of North Staffordshire Local Medical Committee, told the GP magazine Pulse that he had accessed his own details and, with permission, those of several other people without the unauthorised accesses being reported.
Dr Golik told Pulse that he was “appalled” that such information was available to everyone with a smartcard. More than 600,000 smartcards have so far been issued, according to NHS Connecting for Health.
Dr Golik added: “It’s basically open – we might as well put our names and addresses on Google. If I know what your name is and roughly how old you are, within about ten seconds I can find your exact date of birth, your full name, your address, potentially your telephone number and your NHS Number.”
A spokesperson for CfH told EHI Primary Care that there were “clear procedures in place” to deal with any unauthorised access to Summary Care Records and the Personal Demographics Service.
She added: “To access a patient’s clinical information, a clinician must have a legitimate reason for doing so. However, if someone deliberately accesses records without permission, this may result in disciplinary action."
However Dr Neil Bhatia, a GP in Yateley, Hampshire, and a campaigner for patient data privacy, said legitimate relationship alerts did not apply to the PDS and that the only way to detect inappropriate accesses to the PDS would be through a retrospective audit.
He told EHI primary Care: “It’s wide open to abuse and it has been for years but it’s just not talked about.”
Dr Bhatia said concerns over the PDS were underlined by current allegations that a national newspaper had regularly hacked into the mobile phones of celebrities and politicians to get stories.
Dr Bhatia added: “The PDS will tell you where someone lives, who their GP is and what their home telephone number is – and a private detective can then use that information to get more details from a surgery.”
Warnings about the market for demographic information have also been issued by the Information Commissioner, who has said that the types of information that are commonly illegally sought include current addresses and ex-directory telephone numbers.
CfH has said that in the future the PDS will generate alerts to privacy officers in specific circumstances where actions have been taken which may constitute a breach of confidentiality.
However, Dr Bhatia said it would be up to individuals to request a log of who had accessed their PDS, something which could take 40 days, or up to the NHS to run an audit following suspicious behaviour by an individual or organisation.
Patients cannot opt out of the PDS but can get their information listed as “sensitive” or “restricted”. In such cases, the only information displayed would be the patient’s NHS Number, name, date of birth and gender.
Patients with restricted records cannot be referred via Choose and Book, have their records transferred using GP2GP, or be issued with a barcoded prescription via the Electronic Prescription Service.