This site is intended for health professionals only

Hunt: CQC will investigate data security and protocols will be enforced

by Lucy Trevallion
3 September 2015

Share this article

The Care Quality Commission (CQC) will investigate the effectiveness of data security in the NHS, creating a new set of protocols that will hold NHS organisations to account, health minister Jeremy Hunt announced yesterday at the NHS Expo in Manchester.

The national data guardian, dame Fiona Caldicott, will oversee this. She was was appointed in 2014 when this new role was announced,  and her role will be given a statutory footing, the health minister announced yesterday.

The report for this investigation will be completed by the end of January, with the implications of the report implimented in April 2016, “to which we will hold every NHS organisation to account,” for the protection of personal data.

Hunt said: “I’m also going to… ask the CQC to do an independent investigation of the effectiveness of data security when it comes to protecting our personal medical data throughout the NHS. They’re going to use their inspection process to actually look on the ground at how good we are at looking after people’s personal medical data.

In terms of the cost of this scheme, he said “It’s completely affordable within the budgets we have for the NHS… To give credit to NHS England they’ve delivered every IT ambition I’ve asked them to deliver”.

The secretary of state for health also announced that patients will be able to access their full health record online, and contribute to it, by 2018. He also promised to ensure that the health record of any patient can be accessed anywhere in the country, and that within three years one quarter of all smartphone users will be electronically accessing their data and booking appointments.

“At the moment we can only access online a summary of our medical record. By 2018 we will make sure that every NHS patient can access their whole medical record, and we’re going to try and make sure that [there] is a read and write access as well, so they can actually contribute to their own medical record. By 2018 we’ll make sure that, with a patient’s consent that medical record can be accessed not just in your local hospital but anywhere in the country.

“It’s really important that this isnt just about your ability to access your record or book appointments online or order prescriptions online, take-up really matters. And so, NHS England has agreed to try to deliver the ambition that within the next three years a quarter of all smartphone users, which we saw from the earlier slide is about two thirds of the population, will be electronically accessing their NHS services, their record and booking their appointments online using a great suite of health apps.”

He said that this matters in terms of convenience, but also in terms of the doctor-patient relationship.

“Where they have allowed people to access their own medical record in the US, the first thing they’ve noticed is that patients spot mistakes, and they say actually you didn’t give me that medicine, you gave me that medicine, I didn’t meet you on this date, I met you on that date. And so medical records become a lot more accurate.”

“In a way that’s just the start… I mean people wear these FitBit devices that measure how many steps you’ve taken every day. If you were willing, and obviously this is something that has to happen with consent, to connect that information to your medical record it would be incredibly helpful for a doctor to know how much exercise you’ve been taking everyday.”

However, he said that “we will throw this all away if we lose patients trust” in terms of their data security.

He said that this “partnership” between medical staff and patients would make medical records “much more meaningful”, especially to manage long-term conditions, such as type 2 diabetes.

Hunt also suggested that there will be more apps to access their medical records, and that what he hopes for is “a lot of condition-specific apps” for example the chariry Diabetes UK could do a diabetes app, and the Alzheimer’s Society could do a dementia app.