NHS England has dropped plans to request GP patient appointment data directly from clinical system suppliers.
Concerns were raised by privacy campaigners and GP leaders after a letter was sent to GP system supplier Emis Health asking for its assistance in obtaining, “extracts of de-identified patient level data” from appointment systems.
A “specification of requirements” attached to the letter lists 38 items or fields of data to be extracted, including the date, time, duration, “type of appointment”, “type of professional” and “reason” for each appointment. This would be linked by a “patient ID” to the sex, year of birth and postcode sector of each patient.
The letter, sent by NHS England’s head of digital primary care development Tracey Grainger, said the extract needs to be in place by this September.
“There is an urgent need within short delivery timescales to analyse the baseline and changes to appointment provision, appointment uptake and patient encounter patterns,” it said.
An NHS England spokesperson said appointment data is needed to assess the impact of £125 million invested via the Prime Minister’s Challenge Fund, set-up to improve access to GP services. The information is only required for the 1,400 practices signed up to the fund.
The spokesperson said practices asked NHS England if it could get help from the system suppliers in auditing their data to reduce their costs and workload.
"We are not talking about individual personal information in this letter. What we are referring to is overall statistics for GP surgeries on issues such as total numbers of appointments,” a statement said.
However, further information provided to Digital Health News yesterday, adds that NHS England has decided against working with GP system suppliers directly and is instead looking to work with GP surgeries to support them in collecting the information needed.
“NHS England will receive summaries of this, giving information about numbers of appointments, patterns of activity through the week, and the impact of the access innovations being introduced by practices,” it says. “This will not include any personal information such as partial postcode or year of birth.”
A statement from Emis says the company believes that all other GP software suppliers in England received the same request about a proposed data extract.
“We have strict information governance procedures that we follow for any request of this nature. As well as internal assessment this includes careful consultation with a representative panel of our GP practices.”
Emis said no data has been released in response to NHS England’s request and it remains in consultation with its representative panel.
British Medical Association GP IT lead Dr Paul Cundy said: “the government should not be casting aside patient confidentiality in pursuit of its ill thought out political priorities.
“NHS England and the government must ensure that private information is properly anonymised when extracted for research purposes and that patients are informed about how this data might be used. We cannot afford to jeopardise patient trust in their NHS,” Cundy added.
Privacy campaign group MedConfidential said that approaching the IT providers to extract patient-level data rather than GPs is a serious breach of medical confidentiality and data protection laws.
“It is GPs who are the ‘data controller’ for the records they hold, not the companies GPs choose and pay to provide software, and it is GPs who have a professional and ethical duty of confidence to their patients,” a statement said.