ICO moves to calm controversy over TTP patient data sharing

The Information Commissioner’s Office (ICO) says thousands of GPs using TPP should not switch off “enhanced” information sharing, despite ongoing concerns about the security of patient information, due to the potential impact on patient care.

Controversy over security in TPP’s SystmOne, the electronic patient record systems used by about 2700 GP practices in England, reignited over the weekend, after it was picked up by the Telegraph.

The Telegraph reported that that the security of up to 26 million patients medical records could at risk because of a sharing function in SystmOne, which potentially allowed patient records to be viewed by “thousands of strangers”.

Earlier this month, Digital Health News reported that the ICO was investigating SystmOne’s “enhanced data sharing” function, which allows people with access to SystmOne to view patient record remotely.

TPP have said users should only use the function to view records having first obtained patient’s consent for direct care but the ICO said it was concerned about SystmOne’s ” data protection compliance”.

In a new statement issued today, the ICO said while concerns around the enhanced data sharing function remained, GPs should not be turning off the sharing function.

“The ICO has data protection compliance concerns about SystmOne’s enhanced data sharing function and the potential risk to patients’ medical records held by GPs,” the statement said.

“However, given the possible impact to patient care, the ICO is not advocating that users switch off data sharing at this stage.”

Ongoing concerns about SystmOne related specifically “fair and lawful” processing of patient data and having adequate security around that information.

The ICO said NHS Digital, TPP and NHS England were already putting place an “initial plan” to fix these shortcomings, with “further work planned”.

In statement supplied by NHS Digital, covering “the NHS”, a spokesperson said: “We are aware that the Information Commissioner’s Office have raised data protection compliance concerns. NHS organisations are already supporting TPP to respond to the issues raised working closely with the ICO and GP leaders – and the full response plan will be implemented by summer.‎”

NHS chief clinical information officer Keith McNeil said access to good information was essential for effective care but it should be managed “fairly and lawfully, with the highest levels of security and safety”.

Any inappropriate use of patient data could also be picked up through electronic audits that were routinely performed by all major GP IT system suppliers, he said.

“We are currently working with TPP and GP representatives to address concerns raised by ICO.”

When the news broke earlier this month, medical privacy group MedConfidential said: “Failures of this sort are exactly why patients must be able to see by which organisations their GP records have been accessed by.”

However, the medical privacy watchdog also warned against patients hastily opting out of the information sharing scheme.

“For many people, turning off “sharing out” is an option that may affect your care, even in the medium term, while TPP fixes the problem.”

TPP introduced the enhanced data sharing function in 2012, creating a nationwide capability to share patient information across health and social care services organisations running the SystmOne electronic patient record system.

In a lengthy blog post responding the coverage of patient data concerns, the company said the sharing scheme is only meant to be used for direct care. Patients have control over who sees their health and care information through their GP, who acted as a data controller, the company said.

The company said it was not aware of any complaints being made against data controllers in respect to how they were the data sharing scheme.

Digital Health News approached TPP for additional comment for this story.