GP surgeries must inform patients about data plan - or face legal action

 

Charlie Cooper
Wednesday 07 August 2013 06:00 EDT
Comments

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

GP practices could face prosecution under the Data Protection Act if they do not take steps to inform patients that data will be taken from their records and used by the NHS and private companies from this autumn.

The data will be sent to the Health and Social Care Information Centre (HSCIC) and researchers and private companies will be able to bid to access it, the general practice magazine Pulse reported.

Patients who do not want their data to be extracted can opt out, but the obligation has fallen on GP surgeries to inform patients about the plan - or face legal action.

A spokesman for the Information Commissioners Office told Pulse: “We'd expect GPs to take reasonable steps to inform patients of the changes. If they fail to do so they leave themselves open to possible action for failure to comply with the Data Protection Act.”

GPs have criticised the plan, saying that practices will be caught between their lawful obligation to provide data to HSCIC and their duty to protect patient data.

HSCIC said all data would be securely stored in their database accordance with strict information governance rules and that would be robust regulations around who can access the data. While private companies are eligible to apply, they must meet a very strict set of rules and regulations and HSCIC is responsible for ensuring there is an appropriate legal basis to permit the release and subsequent processing of data.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in