Presentation on theme: "Medical information systems Ian Brown. Key questions What are the benefits and costs of medical information systems? How do design decisions affect patient."— Presentation transcript:
Key questions What are the benefits and costs of medical information systems? How do design decisions affect patient privacy? What is happening in the National Health Service?
NHS Connecting for Health £20bn programme to develop and run NHS IT systems Patient Summary Care Records stored on centralised database (Spine) with pointers to Detailed Care Records in regional databases Electronic prescriptions Choose and book
Benefits to patients Online access to NHS Summary Care Record via the Internet, so they can be more informed and involved in decisions about their care and treatment.Summary Care Record Faster, safer diagnosis and treatment because vital information (such as test results or allergies) will be available from their NHS Care Record wherever and whenever care is required, even outside hours or away from home elsewhere in England. A faster, easier way to make hospital appointments at a convenient time, date and place using Choose and Book, whilst at the GP surgery – or later via a call centre or the Internet.Choose and Book A safer way to obtain medication with the Electronic Prescription Service (EPS), which will reduce prescription errors by enabling medication history, adverse drug reactions or missing information to be checked on their NHS Care Record.Electronic Prescription Service (EPS)
Benefits to clinicians Ready access to more comprehensive, up-to-date patient information and a fast, reliable and secure means of sending and receiving information. Streamlining of clinical practice and smoother handovers of care, supporting multi-disciplinary team working. Online decision support tools, easier access to best care pathways and faster access to specialist opinions and diagnosis. Guidance on referral procedures and clear protocols for clinical investigations. More efficient referrals, alerts to conflicting medicines, and early detection of disease outbreaks. Reduced administration, paperwork, repetition, duplication and bureaucracy – less time spent chasing missing notes, x-rays, referral, admission or discharge information.
Benefits to NHS Value for money and millions of pounds of savings on hardware and software through national procurement of IT. Further savings over the lifetime of IT contracts through direct negotiation with prime contractors and Enterprise Wide Agreements with around 80 sub-contractors.Enterprise Wide Agreements Better intelligence on how the NHS works, and on the health of citizens, with anonymised information collected nationally. Real numbers, in real time, not just a sample from spotter practices. Better outcomes for the same resources. Real improvements in every patients experience of care.
Spiralling costs Originally budgeted at £6.2bn Currently estimated at £12.4bn 10-year estimate: £20bn
Confidentiality problems Sealed envelope supposed to limit access to especially sensitive records… …but it can be opened by the NHS and police and doesnt actually exist yet!
Security requirements Data held securely to prevent unauthorised access and modification Extensive protection against data loss or corruption Resistant to Denial of Service attacks All transactions must be logged and monitored
Measuring system security requirements 1.Scale and complexity 2.Number of users 3.Sensitivity of data 4.Connections to other systems, particularly untrusted 5.Connectivity to the Internet 6.Attractiveness as target
Can the system be made secure? Prof. Martyn Thomas: almost every IT supplier in the world today is incompetent… the typical rate of delivered faults after full user acceptance testing from the main suppliers in the industry over many years has been steady at around 20 faults per thousand lines of code. We know how to deliver software with a fault rate that is down around 0.1 faults per thousand lines of code and the industry does not adopt these techniques. Evidence to Home Affairs Select Committee, 24/2/2004
Evaluation Assurance Level Part of internationally-recognised Common Criteria govt security standards Complex, sensitive, widely used and connected systems should be EAL 6+ UK certified products list contains no operating systems, firewalls, networking software or databases at EAL 4+
Insider fraud Source: What price privacy?, Information Commissioner, May 2006
Availability problems More than 110 major incidents during May-Aug 2006 Failures of Picture Archiving and Communication Systems (Pacs) and Patient Administration Systems E.g. datacentre in Maidstone crashed for 4 days in July, stopping services to 80 trusts
Privacy worries How many staff in NHS (largest employer in Europe) will have access to patient records? Pretexting found in N. Yorkshire HA to be occurring 30 times a week Leeds Teaching Hospitals NHS Trust found 70,000 cases of "inappropriate access" to systems in 1 month
General Practitioners worries 50% of GPs will refuse to upload medical records to central "Spine" without patients' permission 80% think Spine puts patient confidentiality at risk 79% think new system will be less secure Source: Medix poll of 1,026 representative GPs, Nov. 2006
Conclusions Centralised storage of NHS records is proving highly controversial due to privacy, safety and security risks Opt-out campaign launched Nov. 2006 [http://www.nhsconfidentiality.org/] 11% of Iceland population opted out of national DNA database – will we see the same for NHS?