Care dot data

Care dot data was explained to every English household by way of a leaflet delivered with the junk mail. I don’t think I got one, though I haven’t been through my recycling to see if it ended up there, but I have looked at the online leaflet. It explains that your GP is required to upload your electronic coded data to the Health and Social Care Information Centre (HSCIC) will extract coded data only. When you visit your GP, certain words are coded when they are added to your electronic record. GPs vary considerably in how much data they code. A significant part of our income is linked to accurate registers for heart disease or cancer, or for numbers of patients who have smoking status recorded, or for blood pressure control under a certain level. Codes enable us to count these up, see how good we are at identifying patients with different conditions and at treating blood pressure, diabetes or other conditions. The things we have to code change frequently and so some GPs try to code absolutely everything, to be on the ‘safe side’, whilst others don’t code enough. The following is an example of a GP consultation. I have written all the information that is coded, usually automatically as it is typed in, in bold:

Harold Smith. Male D.o.B. 14/10/1948. NHS number 4744 4394 3205

Address: 30 Chester House. Hoxton N1 5HL

Ethnicity: white British. Religion: Catholic

Problem: Type 2 diabetes

History: since bereavement hasn’t been taking meds regularly, often misses doses, tired/ tearful.

No previous DKA/ last HbA1c 7.9

Has also been drinking up to bottle of wine at night to help with sleep, would like a few sleeping tabs. Has used them before when she was on ITU last year. No concerns r/e overuse. Discussed risks with alcohol. Prefers not to drink.

Results: Alcohol consumption 69 units/ week

Plan: see other entries/ review at next apt in 2w

Problem: Bereavement.

History: see under T2 DM entry

Problem: Moderate depressive episode

History: 1 month since Evie’s death. Unexpected. Still v. upset. Prefers not to see bereavement counsellor, daughter Sue is around / supportive. No sig. PMH depression/ no suicidal thoughts

Results: PHQ9 18

Prescription: Zopiclone 7.5mg 7 tabs. One to be taken at night prn.

Problem: Essential hypertension

History: see entry under T2DM

Results: BP 140/80

Problem: Tinnitis

History: worse since Evie died. Bilateral. Assoc with hearing loss. Interferes with sleep/ conversation. Would like ref to audiology

Examination: ear canals clear, Webers/Rhinnies symmetrical.

Referral: Audiology

Active medications:


Zopiclone 7.5mg. 7 tabs. One to be taken at night prn.


Metformin 500mg. Take 2 tabs bd

Amlodipine 10mg. Take 1 tab od.

Ramipril 5mg. Take 1 tab od.

Atorvastatin 10mg. Take 1 tab at night.

Allergies: Penicillin

Recent results: 12/02/2014

Hb A1c 7.9 (marker of diabetic control)

Cholesterol 3.9

Creatinine 110 (marker of kidney function)

ALP 122 (liver enzyme, measured in patients taking medication to lower cholesterol)

It is important to note that none of the conversations are coded, only words referring to diagnoses, results and medications. Some of the will be fully anonymised so that any details that could link this to a particular person are not included. This will allow us to study disease prevalences, medication use and so on. Some of the will be pseudonomysed by the  HSCIC so that the dataset they intend to release to researchers and public health analysts will have a pseudonymised ID number (to filter all records by that patient), a five year age band rather than a date of birth, and an output area rather than a postcode. This will make it possible to see, for example, how many elderly white men in an a particular area with diabetes are being prescribed Atrovastatin and what affect it is having on cholesterol levels and compare it to different parts of the country or different ethnic groups. In theory, someone could back track and identify you with this data, but it would be pretty difficult and illegal. It is worth noting that in Wales and Scotland they’ve decided that the English method of pseudonymising isn’t sufficiently secure and have opted to do things differently.

But like the vast majority of doctors and researchers, and many patients, I think has great potential. When very large numbers of people are studied, researchers are more likely to spot rare effects or rare conditions. You could study, for example whether different drugs used to treat high blood pressure are better at preventing strokes in men or women of different ages or ethnicities. It can help to monitor the effects of the massive changes and swingeing cuts to the NHS by looking at, for example inequalities in referral rates for physiotherapy or fertility treatment in different parts of the country.

Potential risks.

One of the main risks is that the data is inaccurate. In the example above, Harold has a code for ‘Moderate depressive episode’, but he is not depressed and has no past history of depression. The code will stay in his records unless someone deletes it. The alcohol consumption has also been coded and will stay on his record. It is quite common for results like this to be coded when a patient presents in exceptional circumstances, in a particular context. Unfortunately a code doesn’t come with a context and once the circumstances have changed, the doctor and the patient may know that alcohol is no longer a problem, but not add a new code. In my experience of working in GP surgeries for the last 14 years, every patient with a significant medical history, has erroneous codes. Often they are relatively minor, such as a code for ‘sciatica’ instead of ‘back pain’, but it’s quite common to have a code for ‘angina’ which is due to heart disease, instead of ‘chest pain’, which can be due to anything.

It’s important to understand that GP records are like a notebook or aide-memoire for GPs who might be trying to figure out what to make of their patients’ symptoms. We note down lists of potential diagnoses, different symptoms and possible investigations as we go along. The coding was designed to facilitate payments but not to help us with diagnostic puzzles. To make the coding easier, words are recognised and allocated a code, whether or not they are significant. Many GPs uncode words as they go along, but it can slow things down so others are less fastidious, thinking, not unreasonably that it makes no difference, because they are not treating it as a diagnostic code, for insurance or research purposes, but as a form of note-keeping. When codes are extracted from GP records, they are stripped of context. If coding was designed for insurance or research purposes it wouldn’t work the way it does.

I think that a pre-condition for should be that patients can check their coded data. A tiny minority of GP surgeries already allow this, and it would help improve the accuracy of the records and improve trust. At the same time, this coded data should be available for hospitals to access should you be admitted, saving time and improving safety. Whilst some GPs are worried that anxious patients will be made more anxious by having access to their data, evidence refutes this. In nearly 20 years of working in the NHS in hospitals and general practice, there have been constant complaints that information about medical conditions, medications and allergies cannot be easily shared. Unfortunately doesn’t address this.

Insurance companies.

Hospital data is already being sold to health insurance companies. If you apply for health insurance you have to disclose your present and past medical history and any medications you are taking and your GP has to confirm that the information is correct. It is likely that in the event of being made to insurance companies, it will be significantly more detailed than the information you are required to disclose at present, unless they ask for your entire GP record, which they can do, but only with your signed consent. A lifetime of coded GP data, is clearly much more detailed than the boxes ticked on a form that you fill in yourself. This is very important, especially when you consider the practice of rescission, when an insurance company will retrospectively examine a patient’s medical records to find a reason to cancel the policy. In the example given above, the code for alcohol consumption will be picked up, but the context – contained in the free-text- will not. As a result, the insurance premiums may be increased and any conditions related to excessive alcohol consumption, whether or not they are caused by it, may be excluded.

Effective care depends on doctors and patients being able to trust each-other, especially in general practice where very personal, emotional issues are so often wrapped around other health concerns. If patients are afraid that everything they say will be coded and potentially used against them, trust will very rapidly and perhaps irreparably, be lost.

Where things also get interesting is in the use of for commissioning and how this might relate to insurance companies.

Most commissioning in the NHS is done by groups of GPs in Clinical Commissioning Groups (CCG). They work with local hospital and community healthcare providers to design contracts for everything from diabetic eye checks, physiotherapy, cancer-care and so on. After the NHS act, Clinical Support Units were developed to support groups of CCGs because commissioning is technical, legalistic work beyond the skill set or capacity of CCGs working alone. The government have announced that CSUs can be privately run and managed and are actively seeking private investors.

It is generally acknowledged that is essential for effective commissioning which in essence is the planning and contracting of care for a population. This kind of work is also done by health insurance companies. They are also in the business of risk selection – picking individuals at low risk of disease who least likely to cost them money, and service restriction – contracting with a limited range of providers for a limited range of services. The think tank Reform, whose recent chief executive Nick Seddon was appointed adviser to David Cameron, have been employed by the Shelford group of top NHS trusts to look at, amongst other things, personal payments for NHS care. Changing the NHS to an insurance system might be political suicide but technically it would be enormously facilitated by

The main effect of the NHS reforms has been a massive destabilisation of the NHS with the future of hospitals and services less certain than in any time in its 65 year history. Many of us are very concerned that out of this chaos, insurance companies will be given the job of NHS commissioning and is part of that. This does not negate the enormous potential benefits for research and public health, but does help to explain the concerns of people who are objecting.

Ben Goldacre wrote an excellent summary of which complements this blog. In short he says that the government must explain what data will be used, by who and for what. They must give examples of what will be allowed and what will not. Secondly they must explain how this data will save lives and how risks will be mitigated. Finally they must make it clear very severe penalties must be imposed for misuse of data, fines, for example, are useless. (I await news on this with baited breath, Ben suggests hanging miscreants from lamposts …)

An opt-in system would mean that overwhelmingly patients who are vulnerable, demented, illiterate and disorganised will not be included. This risks leaving the people who most need care out of research.

The government promised no more top-down reorganisations, no NHS privatisation and ‘nothing about patients, without patients’. When we raised concerns, we were patronised and told that we didn’t understand the reforms properly. They paused the reforms, ‘re-communicated’ them and continued without any substantive changes. The pause just announced in the programme is highly reminiscent. They have lost public trust, and will have to work very hard to gain it back before the pause is over.

Update 25/02/2014

Unanswered questions via Bengoldacre today:

1.Do team accept they should’ve had processes in place, to adjudicate on applications for data, *before* launching to public?

2. Do they accept this is more than a comms problem; and will they set a *date* for making a proper, concrete offer for the public?

3. Will HSCIC make fully available ALL documentation on the dodgy applications they incorrectly approved: minutes, attenders, application.

4. What are the data security risks for the organisations and individuals for whom the HSCIC incorrectly gave millions of patients re-identifiable patient data?

MPs say is at risk after Tim Kelsey and other members of the HSCIC give evidence to the Health Select Committee today. BBC News.


If you use twitter, read tweets from @bengoldacre and #caredata to see the proceedings of the Health Select Committee today (25/02/2014) in which those in charge of the program gave a pitiful performance and were completely unable to give any assurances about data safety.

NHS Choices

Care data leaflet

HSCIC admits rules were not followed when hospital data was handed to insurance industry’.  BBC News 24/02/2014 This report is particularly worrying because the HSCIC won’t say which rules were broken, nor will they say who data was shared with until ‘later this year’…

Ben Goldacre: The NHS plans to share data can save lives, but must be done right. Guardian: 22/02/2014

Summary of my views about by Professor Sir Brian Jarman. Technical, but clear and critical analysis of confidentiality issues. 

Paul Bernal. and the community. Excellent blog about other potential misuses of 23/02/2014

Flying Blind – Assumptions, metaphors and an alternative way of looking at the scheme. – NHS staff are drowning in data, they need time with patients and time for dialogue. David Gilbert. Centre for Patient Leadership

Care Data. Why are Scotland and Wales doing it differently? Margaret McCartney British Medical Journal.

Will Care.Data Lansleyism prefigure reconfiguration conflagration? Health Policy Insight

Your bits in their hands. Kings Fund Health Economist John Appleby on lessons from hospital data sharing.

NHS England’s director of patients and information Tim Kelsey says ‘pseudonymisation at source’ technology is not ready for use on the programme. E-Health insider. 21.02.2014

Dr Neil Bhatia. GP website about

Allyson Pollock: Why the public should opt in to and out of data privatisation.

Alcohol unit calculator. 

20 responses to “Care dot data

  1. “overwhelmingly patients who are vulnerable, demented, illiterate and disorganised will not be included. This risks leaving the people who most need care out of research.”
    On the other hand, the existing proposals mean people who are unable to assess the risks involved are unable to give informed consent. The absolute failure to address privacy issues in the Care.Data leaflet (assuming people received it at all) means only those of us who also have an interest in IT privacy issues and have followed the Care.Data issues are currently in a position to make a decision based on informed consent.
    My primary concern with Care.Data is that it opens up individual patient records to a hugely increased number of NHS personnel, greatly increasing the risk of a massive leak of data, a risk illustrated by the Chelsea (Bradley) Manning and Edward Snowden leaks from US intelligence databases. The more personnel who have access, the greater to unity becomes the risk of a major leak.
    While linking one medical record back to an individual represents an investment in effort unlikely to be worth the investment in time, the process of linking tens of thousands, hundreds of thousands or even millions of records to identities becomes an obvious case for automation, and the resulting database has clear potential for monetisation. The phone-hacking scandal has demonstrated just how widespread is the risk from people willing to go to any length to access personal data.
    Having already faced career-destroying employment discrimination over disability issues, and facing a clear dilemma over whether to declare to a prospective employer all of my disabilities or not, the idea that a black-hat hacker might be able to set up a service checking medical backgrounds of prospective employees (in much the way that the Consulting Association used to run a blacklist for engineering firms) is not one I can face with equanimity. I can see the clear potential of Care.Data to do good, but as it stands my concerns over security mean I am likely to opt out.

  2. ‘Ben Goldacre wrote an excellent summary of today which complements this blog. In short he says that the government must explain what data will be used, by who and for what…..Finally they must make it clear that fines will be imposed for any misuse of data.’

    If you read the article more carefully you’ll find he doesn’t say that at all. He actually says:

    ‘Fines are useless, like parking tickets, for individuals and companies: anyone leaking or misusing personal medical data needs a prison sentence, as does their CEO. Their company – and all subsidiaries – should be banned from accessing medical data for a decade.’

  3. “This risks leaving the people who most need care out of research.” as it stands today is approved solely for commissioning purposes I was told by GL/CDO NHE. That is why there is no definition of ‘research’ available. The second code 9Nu4 relates only to HES, from which we have no opt out. We can only restrict the identifiable data sharing flow out of HES – pseudonymised ‘amber’ remains compulsory for all. So, for HES, there is no risk anyone will be left out. There is only ‘no opt out’ for anyone who wants to be left out.
    So in fact, for no one is going to be included in research. As it stands. So, will be interesting to see if scope & directions change. At the moment many in favour seem ‘sold’ on the positive benefits of adding this GP data to research. That is not planned as yet, if it is only for commissioning purposes.
    Opinion – what if those purposes never get added/changed? We have given away GP confidentiality and data control, only for commissioning, which happens today already. The only actual real change of this scheme so far, is that if we were to apply the second code 9Nu4 it restricts ‘red’ data going to researchers. ie they will get less than they can request and get today with 251 approval.

  4. It’s been stated (by Tim Kelsey I believe) that insurance companies won’t even get the amber data, whereas you imply they will get the red data. Of course whether you believe that is another matter, but that’s the official line.
    Also, last time I bought insurance I had to give consent for the ins company to see my full GP records- so the same contextual issues you describe probably already apply.

    • Thanks for these clarifications.
      This story was in the Telegraph today: Hospital records of all NHS patients sold to insurers
      If you choose to have health insurance, you need to consent to them seeing your records and can choose to exclude material (but have to say that you have done so) and you do so on the understanding that the care you get will be subject to a wide range of caveats and restrictions on the basis of your medical history. The NHS provides care irrespective of your medical history. A concern is that insurance-based care won’t be a choice, but will be forced upon us. Other concerns – perhaps more likely are that you will be targeted with advertising for a wide range of health and health insurance products.

  5. I know lots of patients who dutifully fill their prescriptions every month but don’t tell their doctor that they aren’t in fact taking the prescribed medication. Their records will be inaccurate.

    I also know lots of patients who buy drugs off the internet from abroad which they take without the knowledge of their doctor. Their records will be inaccurate.

    In both cases, I don’t think that simply allowing* patients to check the accuracy of their records will be helpful as these patients won’t want to discuss the issues with their doctors.

    I’m surprised that more people aren’t questioning the quality of the data that will be collected in the database. It’s not just about GP’s miscoding, there are so many other factors involved eg. undeclared patient behaviours.

    * I say allowing but in reality the records should belong to the patients and it should be up to the patient to decide who does or doesn’t see any aspect of the record. The high level of paternalism among NHS professionals stinks.

  6. Thanks for your thoughts, I’ve added a few lines to the blog that I hope clarify things. The problem is that GP records are like a notebook or aide-memoire for GPs who might be trying to figure out what to make of their patients’ symptoms. We note down lists of potential diagnoses, different symptoms and possible investigations as we go along. The coding was designed to facilitate payments but not to help us with diagnostic puzzles. To make the coding easier, words are recognised and allocated a code, whether or not they are significant. Many GPs uncode words as they go along, but it can slow things down so others are less fastidious, thinking, not unreasonably that it makes no difference, because they are not treating it as a diagnostic code.- even though that’s what the computer thinks it is.
    If coding was designed for insurance or research purposes it wouldn’t work the way it does.

    • Which is why we need more GP voices designing and testing the system. I wonder how many GPs were ever invited to do system tests, both individual transactions and string scenarios? It needs GPs to have decent system training and be involved in testing to find the fixes before they launch. But findamentally, it looks to me like it has been very much top-down by DH/ISCG target led, and not business-needs by users driven. Which will never work as there is little incentive to get your data quality and consistent notes/codings used in a way as to be universally understandable. Out of curiosity, when GPs log on in-surgery, do you first see the patient’s most recent history and ‘life story’ or do you see prescribing history? I’ve not seen it, but that will tell a lot about who it was designed for and how well it works for GPs and patient care.

      • Good points. We can see a summary of present and past problems, medications, allergies etc. very quickly. ‘life story’ is more complex as the electronic record doesn’t lend itself to narrative record keeping at all well. I tend to look at a summary of my own consultations if that’s what I’m after, plus we have good continuity of care

      • GPs aren’t the users of; the main users will be NHS Commissioners, researchers and (potentially and controversially) commercial organisations. GPs are certainly important stakeholders, though.
        GPs don’t all use the same systems, btw: there’s a market for GP IT systems with several big players- I imagine they all differ in UI etc.
        And in answer to a previous poster, medical records in general differentiate between prescriptions and medicine taken- it’s not assumed that they’re the same.

  7. @Mark

    But how can a record accurately differentiate between the prescription issued and the medicine taken or not taken?

    A medical record isn’t a record of compliance and in my experience many doctors don’t check patient compliance with the medications they prescribe. Also even if a doctor asks about compliance, patients often lie.

    In study designs for clinical trials, researchers often have to include measures specifically to deal with the issue of drug compliance so that they end up with accurate data that doesn’t include confounding variables like undeclared noncompliance.

    • Hospitals prescribe dispense and administer; pharmacies dispense; GPs prescribe. Each can (should) be recorded only as appropriate to the source… So GPs only ever know about prescriptions. They probably just assume that prescriptions are self administered according to their knowledge of each of their patients, but they can’t know for sure. Obviously, things like vaccinations can be administered at the GP site and can be recorded as such (presumably).

      Trials usually just ask the subjects about compliance, and maybe remind them a few times. It’s not perfect, but it’s a known problem.

    • Re trials it also depends on the type of trial: some will have the subjects take medication while under supervision. There are a lot of different types of trials (and I’m no expert in them!).

  8. it’s not possible to check medication compliance from GP records. You can see if patients are collecting repeat prescriptions more or less often than they ought to, and this may (or may not) be a measure of whether or not they are taking them. (patients ardently deny a relationship when challenged, for example they might have had some issued by a hospital) Theoretically you could cross ref with pharmacy records to see if prescriptions are collected, but that still doesn’t prove that it they are taken as directed.
    GPs/ hospitals/district nurses i.e. anyone directly involved with patient care won’t have access to Data by every GP IT system is designed primarily to help with QoF and LES data collection.Some are more efficient than others, e.g.
    Care data makes use of coded GP data, but neither the IT systems, nor GPs are coding with in mind.

  9. Nan Parkinson (@parkitwit)

    Have read all comments with great interest. Re: “..unless they [ins. companies] ask for your entire GP record, which they can do, but only with your signed consent…” If this is true, and true for the foreseeable future, then I’m happy that people can withhold their consent.

    • A large part of the problem lies with who gets the data without our consent and the HSCIC performance at the Health Committee today gave us no reassurances at all. There’s also the vast industry of quacks pedalling body scans, genetic tests, miracle cures etc. who would love a piece of our data. Knowing that lots of people with problem x are being denied treatment y in area z could be extremely valuable.

  10. Pingback: Redux | OUseful.Info, the blog...

  11. I’ve said it on Twitter and I’ll say it here. My objection is solely based on informed consent which is a fundamental medical ethic. If we allow access to millions of medical records without this principle being upheld it opens the door to other breaches by QUANGOS; however well intentioned.
    HSCIC is an unelected body without elected oversight suffering from attentional bias; it can genuinely only see the benefits of – which is chilling in itself. Researchers do excellent work however it us crucial non experts hold them to account and scrutiny. The real story of is the rise of the expert in whom we place too much faith and are too often too afraid to challenge.
    If nine people say something must be the right thing to do the tenth person has a duty to question it no matter what the circumstances.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s