Protect “confidential” medical records from the authorities

I am calling for medical confidentiality to be respected and for the practice of allowing the police and CPS access to a person's medical records to be stopped and indeed made illegal and a ban on using a person's medical history or records in criminal proceedings.

Currently, in certain circumstances the police can obtain a warrant to get a copy of a person's supposedly confidential medical records, including mental health records.

Sometimes, the clinical staff responsible for protecting the records will not even require a warrant, but will provide the records on the basis of a request from the police or CPS.

Why should the authorities be able to look at and use your "confidential" medical records against you, when questioning or prosecuting you?

I'm particularly concerned that if someone has a mental health problem,  the fact that medical records are not confidential will put people off seeking help and sharing their thoughts and feelings with a therapist/psychologist/psychiatrist, because they might worry that these probably quite strange thoughts could be used against them in the future. If they don't seek help, their condition will probably get worse and they might become a danger to themselves or others.

The thoughts and feelings expressed in therapy may be no more weird than those that most people have from time to time, but if the person becomes a suspect in an investigation in the future, the fact that they have shared their thoughts in therapy means that they can then be used against them by the police, or as "evidence" or to make them out to be some sort of wierdo and turn the jury against them in court.

If a person is fortunate enough to be able to pay for private therapy, the notes from this will not be available to the authorities, mainly because they will not know that you had therapy or who you saw, but if you are poor and have to accept therapy on the NHS, the authorities will see this from your GP's records and then go fishing in your mental health records for anything they think will help their case.

I think it's disgusting that we don't protect medical confidentiality so that people can seek help without worrying that it might cause problems for them in the future, but currently the NHS and the Government regards your records as their property to do with what they wish.

Why is this idea important?

I am calling for medical confidentiality to be respected and for the practice of allowing the police and CPS access to a person's medical records to be stopped and indeed made illegal and a ban on using a person's medical history or records in criminal proceedings.

Currently, in certain circumstances the police can obtain a warrant to get a copy of a person's supposedly confidential medical records, including mental health records.

Sometimes, the clinical staff responsible for protecting the records will not even require a warrant, but will provide the records on the basis of a request from the police or CPS.

Why should the authorities be able to look at and use your "confidential" medical records against you, when questioning or prosecuting you?

I'm particularly concerned that if someone has a mental health problem,  the fact that medical records are not confidential will put people off seeking help and sharing their thoughts and feelings with a therapist/psychologist/psychiatrist, because they might worry that these probably quite strange thoughts could be used against them in the future. If they don't seek help, their condition will probably get worse and they might become a danger to themselves or others.

The thoughts and feelings expressed in therapy may be no more weird than those that most people have from time to time, but if the person becomes a suspect in an investigation in the future, the fact that they have shared their thoughts in therapy means that they can then be used against them by the police, or as "evidence" or to make them out to be some sort of wierdo and turn the jury against them in court.

If a person is fortunate enough to be able to pay for private therapy, the notes from this will not be available to the authorities, mainly because they will not know that you had therapy or who you saw, but if you are poor and have to accept therapy on the NHS, the authorities will see this from your GP's records and then go fishing in your mental health records for anything they think will help their case.

I think it's disgusting that we don't protect medical confidentiality so that people can seek help without worrying that it might cause problems for them in the future, but currently the NHS and the Government regards your records as their property to do with what they wish.

Give each individual a memory stick with their NHS records on

The idea of a centralised NHS database of everyone's personal records is proving to be unpopular, difficult to implement & riven with security issues.  Rather than continue down this route, why not issue each member of the public with their own password protected jumpdrive / memory stick (with a key ring perhaps for ease of carriage) containing their health records.  It would then be up to the individual to look after them & take them along to appointments, where it could be plugged into the GP's / hospital's computer and viewed / updated accordingly.  If the patient wished for their GP to keep a copy then it would be up to them.

This is a similar / neater (electronic) version of the current (paper based) system used for pregnant women.  Then people will be in control of their own records & have them with them most of the time.  Each memory stick would need to be password protected & have a unique identifier printed on the outside – then all you would need is a freepost address for the return of lost sticks and a (relatively small) database with the ID No & the address of it's owner but no other records.

Why is this idea important?

The idea of a centralised NHS database of everyone's personal records is proving to be unpopular, difficult to implement & riven with security issues.  Rather than continue down this route, why not issue each member of the public with their own password protected jumpdrive / memory stick (with a key ring perhaps for ease of carriage) containing their health records.  It would then be up to the individual to look after them & take them along to appointments, where it could be plugged into the GP's / hospital's computer and viewed / updated accordingly.  If the patient wished for their GP to keep a copy then it would be up to them.

This is a similar / neater (electronic) version of the current (paper based) system used for pregnant women.  Then people will be in control of their own records & have them with them most of the time.  Each memory stick would need to be password protected & have a unique identifier printed on the outside – then all you would need is a freepost address for the return of lost sticks and a (relatively small) database with the ID No & the address of it's owner but no other records.

Patients should have control over their data – there should not be any surprises

Patients should have the right to choose whether or not their personal and/or clinical data is processed (including but not restricted to, uploading to databases, shared, accessed and so on).  Explicit informed consent should be required BEFORE any personal or clinical data can be added to databases or other means of storing or sharing data.  Automatic opt-in should not be allowed to avoid patients being surprised to find out that their data is being processed for any purpose other than the specific purpose they were provided for.

IT should not drive patients' rights – patients need to be in control of their data.  Going to your GP should not be a worry as to whether your data is going to end up on some database that you are not aware of, or that some researcher is going to be able to trawl through your records without your consent.  This is not acceptable.

This applies to all data processing possibilities concerning patient data (personal and clinical).  To help to avoid surprises and to ensure that patients are kept fully informed of any processing of their data (and to ensure that only processing that has been consented to is taking place), patients should be provided with a regular list of all potential forms of data processing possible regarding their data together with a list of any processing that they have currently consented to.

Why is this idea important?

Patients should have the right to choose whether or not their personal and/or clinical data is processed (including but not restricted to, uploading to databases, shared, accessed and so on).  Explicit informed consent should be required BEFORE any personal or clinical data can be added to databases or other means of storing or sharing data.  Automatic opt-in should not be allowed to avoid patients being surprised to find out that their data is being processed for any purpose other than the specific purpose they were provided for.

IT should not drive patients' rights – patients need to be in control of their data.  Going to your GP should not be a worry as to whether your data is going to end up on some database that you are not aware of, or that some researcher is going to be able to trawl through your records without your consent.  This is not acceptable.

This applies to all data processing possibilities concerning patient data (personal and clinical).  To help to avoid surprises and to ensure that patients are kept fully informed of any processing of their data (and to ensure that only processing that has been consented to is taking place), patients should be provided with a regular list of all potential forms of data processing possible regarding their data together with a list of any processing that they have currently consented to.