Chamber and committees

Currently, patients can restrict their personal health information being accessible by anyone other than the clinicians directly involved in their care, irrespective of the means by which this is done. Health professionals must respect these wishes, unless the disclosure would be justified in the public interest or by the law.

I have decided to defer any decision on setting up the group until after the next spending review.

The Scottish Government expect NHS Scotland systems and processes to comply with the Data Protection Act 1998, the Human Rights Act 1998 and any other relevant law. The European Court of Human Rights case predated the Data Protection Directive 95/46/EC and the Data Protection Act (1998) which set out the principles that organisations must comply with in the handling of personal data. Under the Data Protection Act 1998, NHSS organisations must be able to demonstrate that appropriate technical, managerial and organisational steps are in place. NHS boards therefore adopt a risk based approach to determine what measures are appropriate taking into account the state of technology at the time, the cost of implementing such measures and the nature of the data to be processed and the harm that might result from, for instance, unauthorised access. Issues of access control and audit of access will be important considerations as new systems promoting the sharing of information in the interests of safe effective and efficient provision of care are developed.

The NHS Scotland Security Policy states that boards will undertake a survey of their information systems and data and make an assessment of the likely security risks, including an evaluation of the likely impact and occurrence of any threats that may disrupt services. Boards then introduce measures to mitigate these risks. These include, but are not limited to, processes such as virus checking, regular patching of operating systems software and the provision of back-up systems.

TrakCare is a client/server system and therefore, in general, the servers will be located in a secure server room at some distance from the required access to the record. In boards the servers will normally be at a hospital site, but a third-party data centre could also be selected. These are choices for the boards to make. There should be no need for TrakCare servers in GP practices.

The national licence for a Patient Management System allows any NHS Scotland organisation to acquire a licence and deploy appropriate parts of the product on payment of agreed support charges. NHS24 currently does not have plans to use TrakCare.

A working prototype of clinical portal is currently under development within a consortium of South and East NHS boards led by NHS Lothian. North and West NHS board consortia are currently defining and assessing their delivery options. The incremental approach advocated in the eHealth Strategy is part of our design. The current phase of portal work is intended to give us much clearer indications of the benefits of different approaches, how much they will cost and how long they will take. We want this information to be available before we invite boards to commit to a particular route for delivering portal benefits. The three regional consortia, encompassing all territorial boards, are due to report in late summer 2010. The Clinical Portal Programme Board will then be in a position to consider issues of timing and affordability of clinical portal deployment.

Patients can object to their sensitive information being shared within the healthcare team, irrespective of the means by which this happens. Health professionals must respect these wishes, unless the disclosure would be justified in the public interest or by the law. We have no plans to provide patients with the electronic means to directly limit access to their sensitive data.

The Patient Management System will deliver improvements in the confidentiality, integrity and availability of the information held by integrating previously disjointed processes and reducing the reliance on paper-based records and manual activities. The system will introduce standard methods for recording and processing patient information that will make it more easily accessible and retrievable electronically, when and where required, but only by authenticated and authorised persons. Electronic access controls and audit trails will introduce levels of information assurance that are not feasible in paper-based systems. Electronic capture will improve the consistency of health records, and electronic data can be backed-up to provide additional resilience.

Access to all patient identifiable information including health records is on a strict need to know basis in accordance with the Caldicott principles, Data Protection Act 1998, NHS Scotland Information Governance Standards and various codes of professional conduct.

In July 2006, the Scottish Government issued, NHS HDL: (2006) 41 NHSScotland information security policy. It set out Information Security Policy Principles covering authority, accountability, assurance and awareness and makes clear to NHSS staff aware of the limits of their authority and the levels of their accountability for their actions.

In accordance with these principles, NHS boards define policies and procedures to audit the access to patient identifiable information.