assignment 9- Ethics
Patient privacy and confidentiality The debate goes on; the issues are complex, but a consensus is emerging
The NHS is engaged in a debate about what canand cannot be done legitimately with patients’data. On one hand, anxieties exist about who should have access to the data and for what purposes; on the other hand, requirements for more accountabil- ity, performance assessment, effective health protec- tion, and efficient administration are increasing the need for more and better information. How is this being addressed, and how can it be resolved?
Health services have belatedly realised that they have work to do in order to comply with modern legis- lation about data protection and recent professional guidance.1 In England and Wales a new Health and Social Care Act has been passed, leading to the estab- lishment of the Patient Information Advisory Group, and the NHS Information Authority has just completed a public consultation on the privacy of patients.2 3 In Scotland the Confidentiality and Security Advisory Group for Scotland has, after 18 months’ deliberation, recommended major changes in practice, although these do not include new legislation for Scot- land.4 Other countries are also wrestling with similar issues and there is a recognition that there is value in developing internationally consistent practices.
Confidentiality has always been an essential element in medical consultation. Privacy, however, is not an absolute right and has to be balanced against counterclaims such as the rights of others or societal groups.5 How are we to strike the correct balance? Should explicit consent always be sought from patients for any use of their data apart from direct clinical care? This was considered and rejected by the Confiden- tiality and Security Advisory Group for Scotland.4 The evidence implies that where informed consent is required completeness of data suffers and incomplete data, skewed by unquantifiable biases, are often not worth the cost of collection.6–9
Perhaps patients should be asked whether certain, specified items should only be shared with certain individuals or organisations or for defined purposes? Although this might be possible, it would create expensive bureaucracy and use up resources badly needed for health care.
At times the debate has been in danger of becom- ing polarised between unhelpful extreme views. Happily, signs of a way forward are emerging. The NHS Information Authority’s new draft code of prac- tice for NHS staff and the recommendations of the Confidentiality and Security Advisory Group for Scot- land emphasise similar priorities: access to identifiable data must be only on a “need to know” basis; patients must be told what happens to their information; they may refuse disclosure outside the immediate care team (but should understand the potential detriment to their care and that of others); the law requires that some information may be shared beyond the immediate care team; when health information is used for planning, management, surveillance, and research these activities should use “anonymised” data, and in these circum- stances consent is not required.3 4
Some details, however, remain to be clarified. For example, what levels of “anonymisation” are accept- able in practice? The Confidentiality and Security Advisory Group for Scotland after considerable debate concluded that for use in the NHS, removal of name, address, and full postcode should suffice for most purposes.4 In addition month and year could be used instead of full date of birth and the NHS number encrypted. It seems likely that this would satisfy most patients. Further restriction would be needed only if data were to be released to outside bodies.
The draft code of practice of the NHS Information Authority proposes more stringent anonymisation.3 Its requirement to remove “any other detail or combina- tion of details that might support identification” could, if strictly interpreted, produce data of little value. The law of diminishing returns operates here. Patients as well as doctors will resent resources being spent on complex information technology systems that provide little additional benefit.
Ensuring the accuracy of anonymised data presents additional challenges. For example, databases for cancer or congenital anomaly need to be assessed for quality and kept free of duplicates. It is still unclear whether information technology solutions that have been implemented in other countries can provide data of adequate quality.10 There may be no alternative, for some purposes, to identifiable data being quality checked by specially trained and supervised NHS staff. Patients will expect the data on which their health serv- ices depend to be of high quality and, indeed, the maintenance of accuracy is one of the principles of the Data Protection Act.11
One further ingredient will be required and that is trust. In general, when NHS patients are asked about respect for personal privacy, satisfaction is high.12 But trust relating to the use of data needs to be earned. In practice this means health professionals need to understand current anxieties about the ways in which health information is handled; they need to learn the rules and apply them and accept that unfettered access to personal health information is a thing of the past and that, among the many tools they need for modern clinical practice are those of skilled information management.
Jim Chalmers consultant in public health medicine (jim.chalmers@isd.csa.scot.nhs.uk)
Rod Muir consultant in public health medicine (rod.muir@isd.csa.scot.nhs.uk)
Information and Statistics Division, NHSScotland, Edinburgh EH5 3SQ
Competing interests: Both authors are employed by an NHS organisation responsible for data collection and processing. Neither has been paid any fees for consultancy or other external work in this field. JC is chair of the Information Committee of the Faculty of Public Health Medicine and RM is Caldicott guardian for the Common Services Agency of NHSScotland.
1 Verity C, Nicoll A. Consent, confidentiality, and the threat to public health surveillance. BMJ 2002;324:1210-3.
Editorials
BMJ 2003;326:725–6
725BMJ VOLUME 326 5 APRIL 2003 bmj.com
2 Department of Health. Section 60 of the Health and Social Care Act 2001 and the patient information advisory group (PIAG). London: Stationery Office, 2001. www.doh.gov.uk/ipu/confiden/index1.htm (accessed 11 Feb 2003).
3 NHS Information Authority. Confidentiality. The national consultation. www.nhsia.nhs.uk/confidentiality/pages/consultation/ (accessed 11 Feb 2003).
4 Confidentiality and Security Advisory Group for Scotland. Protecting patient confidentiality—final report. Edinburgh: Scottish Executive Health Department, 2002. www.show.scot.nhs.uk/sehd/publications/ppcr/ ppcr.pdf (accessed 11 Feb 2003).
5 Lowrance WW. Learning from experience: privacy and the secondary use of data in health research. London: Nuffield Trust, 2002. http://aspe.hhs.gov/ datacncl/reports/learning_experience2002.pdf (accessed 11 Feb 2003).
6 Parkes J, Dolk H, Hill N, Patterson S. Cerebral palsy in Northern Ireland: 1981-93. Paediatr Prenatal Epidemiol 2001:15:278-86.
7 Jacobsen SJ, Xia Z, Campion ME, Darby CH, Plevak MF, Seltman KD, et al. Potential effect of authorization bias on medical record research. Mayo Clin Proc 1999;74:330-8.
8 Becker N. Cancer epidemiology and privacy laws: recent trends in Germany. Eur J Cancer 1993;29A:661-3.
9 Brewster DH, Coleman MP, Forman D, Roche M. Cancer information under threat: the case for legislation. Ann Oncol 2001;12:145-7.
10 Dudeck J. Informed consent for cancer registration. Lancet Oncol 2001;2:8-9.
11 Data Protection Act 1998. www.hmso.gov.uk/acts/acts1998/19980029. htm (accessed 11 February 2003).
12 Cohen G, Forbes J, Garraway M. Can different patient satisfaction survey methods yield consistent results? Comparison of three surveys. BMJ 1996;313:841-4.
Bat rabies All bat handlers should be immunised
The death from rabies of a bat conservationist inDundee last year was the first fatality since 1902from rabies acquired in the United Kingdom. The lethal virus, isolated from brain tissue at autopsy, was not the classical rabies virus but a closely related negative stranded RNA virus, the European bat lyssa- virus type 2.1 The genus lyssavirus, named after the Greek for “frenzy,” includes the classic rabies virus, two European bat lyssaviruses, an Australian bat lyssavirus, and the African Duvenhage virus, all of which produce a similar fatal encephalomyelitis in humans—rabies.
Rabies is mainly transmitted in saliva during a bite from an infected animal. In the United Kingdom clas- sic rabies was eliminated from the animal reservoir in the 1920s, and the 20 or so deaths reported since then resulted from infection acquired overseas, usually from dog bites.2 European bat lyssavirus has its natural reservoir in bats, mainly the serotine bat (Eptesicus serotinus) for European bat lyssavirus type 1, and the pond bat (Myotis dasycneme) and Daubenton’s bat (Myotis daubentonii) for European bat lyssavirus type 2. Serotine bats are uncommon in Britain, and the pond bat is not found. Between 1977 and 2000 around 600 cases of infection with European bat lyssavirus were confirmed in bats in mainland Europe. By contrast a passive surveillance programme in the United Kingdom, involving about 2000 bats over 15 years, dis- closed only two infected animals, in Sussex in 1996 and in Lancashire in 2002.3 This indicates that European bat lyssavirus may be endemic in the United Kingdom, as in mainland Europe, but at a low level.
Both infected bats found in the United Kingdom were Daubenton’s bats, although only small numbers of this particular species had been tested. Daubenton’s bat, one of 16 bat species resident in Britain, rarely roosts in houses and rarely comes into contact with people. The two bat species most commonly found roosting in British houses, pipistrelles (Pipistrellus species) and long eared bats (Plecotus auritus), have not been found to harbour European bat lyssavirus so far.
Consequently the risk of a member of the public coming into contact with an infected bat seems very low. Even so bats, particularly if they are sick or injured, should not be handled. All bats are protected species, under the Wildlife and Countryside Act 1981, and it is unlawful to harm them or their roosts.
In both Europe and Australia, bat lyssaviruses seem to be maintained only in indigenous bat populations, although European bat lyssavirus has been detected in a few sheep and in a stone marten, which is an arboreal mammal.4 European bat lyssavirus has been responsi- ble for four deaths since 19771 and Australian bat lyssavirus for two deaths since first being described in 1996.5 Rabies infection, once clinically manifest, is invariably fatal. It is preventable by immunisation. Cur- rent recommendations in the United Kingdom are that all persons handling bats should be immunised.6 The bat conservationist who died in Scotland had not been immunised. More than 1000 volunteers in the United Kingdom are handling bats regularly for conservation and welfare and therefore should all be immunised against rabies. Other occupations or recreational activities bringing people into close contact with bats might also justify immunisation. Currently available vaccines are safe and effective against both bat lyssa- viruses and the classic rabies virus.
Derrick Pounder professor of forensic medicine Department of Forensic Medicine, University of Dundee, Dundee DD1 4HN
Competing interests: None declared.
1 Lumio J, Hillbom M, Roine R, Ketonen L, Haltia M, Valle M, et al. Human rabies of bat origin in Europe. Lancet 1986;1:378.
2 Public Health Laboratory Service. Rabies acquired abroad. Commun Dis Rep CDR Wkly 2001;14 June:2.
3 Whitby JE, Johnstone P, Parsons G, King AA, Hutson AM. Ten-year survey of British bats for the existence of rabies. Vet Rec 1996;139:491-3.
4 Public Health Laboratory Service. European bat lyssavirus—frequently asked questions. London: PHLS, 2002.
5 Hanna JN, Carney IK, Smith GA, Tannenberg AE, Deverill JE, Botha JA, et al. Australian bat lyssavirus infection: a second human case, with a long incubation period. Med J Aust 2000;172:597-9.
6 Department of Health. Memorandum on rabies prevention and control. London: DoH, 2000.
Editorials
BMJ 2003;326:726
726 BMJ VOLUME 326 5 APRIL 2003 bmj.com