From time to time I come across something in the NHS that leaves me screaming, but this is the mother and father of them all — the Section 251 debacle.

Let me give you a thumbnail sketch of one way in which this has completely messed up things that previously were working perfectly well.

Prior to31 March 2013, practices and primary care trusts could check the validity of invoices presented by hospitals for patient care.

The process is called acute invoice validation. Estimates vary, but inaccuracies were found in up to 25% of hospital invoices.

This represented a loss of hundreds of millions of pounds each year to PCTs: so it was a sensible move to check the invoices and recover money that had been paid out unnecessarily.

As from 1 April, all that has changed. That’s because clinical commissioning groups aren’t automatically allowed to access the necessary data, if it is in a personally identifiable form.

This has come about because no one has transferred the original access privileges from PCTs to CCGs under the terms of Section 251 of the Health Act 2006.

Since then, the whole system has been mired in a debate about the legality of accessing and using personally identifiable data, such as the NHS Number, to check these invoices (and to carry out other kinds of work, such as risk stratification).

Leaving CCGs hobbled

It’s pretty much impossible to check for evidence of inadvertent double claiming, wrong coding, and incorrect invoicing – such as the claimed length of hospital stay not matching that of the discharge letter – if you can’t look at this data at the level of the individual patient.

Because CCGs can’t do this at the moment, they have been completely hobbled. Bizarrely, GPs cannot even access their own patients’ acute care data if their primary interest is financial (or for risk stratification, trend analysis, or unscheduled secondary care).

What is even worse is that a climate of uncertainty is ruling, which can breed fear. Colleagues in various geographical areas have been told me that if anyone looks at any personal data for accounting purposes it will be treated as a serious untoward incident, with the clear implication that dismissal would be an appropriate punishment.

Yet, when those same colleagues have asked for clear and firm guidance from the central NHS on what they are allowed to do, they have been met with silence – or alternatively, given verbal advice. People seem too scared to put down their opinions in writing, in case they have made a mistake and can be made to carry the can.

The need for a balanced approach to confidentiality

Let me make it clear: CCGs are rightly concerned about patient confidentiality, and are anxious to stay within the law and adopt best practice. I agree entirely – indeed, as a local medical committee member I’ve been pretty outspoken in the past over anyone who has tried to dilute this important principle.

Nevertheless, there is a clear need for certain groups of non-clinicians to access patients’ medical information in the furtherance of good clinical care.

Think of the medical secretaries who type letters, file and scan documents, pass on telephone messages, and organise appointments. Without them the NHS would fall apart at the seams, and every patient understands this.

Other groups have just as important a part to play: those who create hospital invoices, and those who vet them for accuracy. But since 1 April, many of the people previously involved in this important behind-the-scenes work are being refused permission to view the very information they need to do these tasks.

Now, it may well be that the legislators and those at the centre who now have to untangle this problem have been acting from the best of motives, to try and further strengthen confidentiality, and make sure that only the very best practices are followed.

But the result is that CCGs have been left unable to check the accuracy of invoices and to fully use data for crucial patient-related services.

Risk profiling and unscheduled care analysis, for example, are vital in helping clinicians identify patients whose health may be silently deteriorating. The opportunity to deliver better, proactive care for the elderly and vulnerable should surely be recognised here.

Some action, not much of it helpful

You might think the NHS would have taken action within 48 hours of hearing about this problem to enact regulations, pass emergency legislation, or do whatever else was needed to rectify – or at least clarify – the situation.

Not a bit of it.

NHS England has made a big play of getting an extension to Section 251, to enable patient identifiable data to be shared with commissioners and support services. But this only lasts for six months.

Guidance issued by the commissioning board earlier this month says that what it calls patient confidential data can only be held in an accredited safe haven – which means the Health and Social Care Information Centre or its data management integration centres.

This guidance reiterates that patient confidential data can only be used for ‘direct patient care’; while insisting that commissioning can be done with the pseudonymised or weakly pseudonymised data held in an ASH.

At best, this means that CCGs will have to buy services from a DMIC, which might or might not use the tools that they want to use, and which will certainly charge extra for its services.

At worst, though, it leaves commissioners stuck at square one, because the software analysis tools they want to use – and that they were using before the present debacle – cannot be operated in the new regime.

Left hand, right hand

NHS Clinical Commissioners, a CCG membership group, has written to NHS England’s director of intelligence and strategy, Christine Outram, making the same point, and outlining some of the problems it is causing, in the hope of finding a more positive way forward.

In the meantime, CCGs have a statutory duty to breakeven financially – yet they are being deprived of any means of doing this efficiently.

The Nicholson challenge has just been elevated to saving £30 billion by the year 2020 – yet CCGs are losing money, estimated to be in the region of £300m-£750m annually.

Or to put it another way, on average your own CCG will be losing between £1m and £3m in this financial year alone.

It is also a statutory public sector accounting policy to check invoices before paying them (because it is public money), so the law is now preventing compliance with government standards.

Kafka would recognise the situation

There is only one way to describe what is going on here: Kafkaesque. The regulations are so complex that no one understands them, but someone is going to be blamed for breaking them, anyway.

Yet at the same time as theSection 251 problem is occurring, the HSCIC is planning to extract personally identifiable data from all practices in the land, against the wishes of many GPs, under the scheme.

So, on the one hand, when we GPs want to look at our patient data for practical purposes such as risk stratification we are told we can’t; yet when we don’t want to have patient data removed from our practices we’re told that this is a government edict and we can’t object.

The whole Section 251 fiasco now means that the NHS is being forced to work extremely inefficiently, and ultimatelyagainst the clinical interests of the patients.

It all reminds me of the schoolboy joke about the riflemen in the Wild West who found themselves surrounded.

They formed a square, lifted up their rifles and fired – and then all dropped dead, because the square was facing inwards. Unfortunately, the NHS is doing exactly the same and it isn’t funny at all.

Dr John Lockley

Dr John Lockley is clinical lead for informatics at Bedfordshire Clinical Commissioning Group and a part-time GP.