Gavin Jamie



MSc in Healthcare Informatics – Unit One – Essay B

December 2003

Electronic Health Records Projects

The English Integrated Healthcare Records Service

Introduction

The Integrated Care Records System (ICRS) is the largest information technology project undertaken in the UK. It is the largest component of the National Plan for IT (NPfIT) which also includes electronic booking and N3 – the provision of networking for the entire National Health Service.

Its aim, in simplicity, is the unification of all methods of storing, transferring and recording of information throughout the health service. Additionally it is hoped to add social services data to provide a singe care record. This is not a new idea and has been tried before without success - but with great expense.

Several years have passed and technology is now more advanced. Once again the project is seen as feasible1.


Strategic and Tactical Planning

The current project can be traced back to the document “Information For Health” published in 1998, the year after the current government gained power. It was fixed more formally in the NHS Plan in 2000 and the National Plan for IT2,3. These documents outline the strategic plan. The project was formally given the go-ahead in 2002 with little public announcement4.

Spring 2003 brought the production of an output based specification (OBS)5 for the service. This too was initially meant to be confidential, although was widely leaked6. Snapshots were published later on the web, although no feedback was requested. This essay is based on version 2 - August 2003.

At the tactical level there was to be a central franchise providing national services such as demographic information, a clinical summary, a messaging service, basic clinical information and some supporting functions. Local franchises would provide implementation to end users including software and hardware functions for an electronic patient record.

The OBS also gave the functions of the system in some operational detail. It is very clear what the system should supply to users, in some cases down to which icons should be displayed. Most functions, such as management of patient data, authentication and decision support, are defined in the OBS. Central is the EHR – referred to as the care record - in which all patient contacts are recorded on which all functions are based.

How it was implemented was the responsibility of the contractor.

Most contracts were awarded in the December of 2003, events that passed barely noticed by the general media or most medical professionals. The press release changed the name to the NHS Care Records System7.


The technological challenges are enormous and the OBS acknowledges that the solutions may not currently be available. The bids are being made therefore on speculation of future capabilities8.


Making the system work to specification is one thing but producing systems that will be accepted though the 10,000 practices and 300 trusts in the NHS is quite another. There is no experience of how a centrally commissioned commercial company will interact with the providers of health care. The agenda has been, so far, largely driven by the political leadership and senior management. The agendas of clinicians and local management may be very different. There have been small consultations of 106 clinicians, but the participants have been forbidden from discussing their work.9


Political and Financial Factors

Politically, therefore, this is a very risky project. Failures of IT projects in the public sector have been many and various, and inevitably very publicly expensive. This is bigger than any of them. The NPfIT has been set a budget of 2.3 billion pounds over three years.

Failure would be politically embarrassing.

Lessons have been learnt from previous failures1. These have not been exclusively in public sector projects, and a scoring system has be developed to measure chances of success10. Similar criteria have been developed for public sector IT projects11. The identification of clear milestones and a solid business case were mandated.

The OBS sets functional criteria for the end of 2004, 2006 and 2010.


Several additional rules have been set in place for the planning of this project. There is to be a very stable team to bring the project to fruition, headed by Richard Granger - a recruit from the private sector; this has been unfortunately undermined as both the Secretary of State and the senior civil servant have already changed.


Tactical planning decisions have been made by Mr. Granger.

The details of the process have remained confidential to prevent the whole tender becoming a public “beauty contest” with rival bidders showcasing their technology to the public.

He has avoided appointing a preferred bidder because

“when the salesman walk out and the lawyers walk in to tell you you can't have what was promised - and that it will cost more.”4


With the contracts nearly all awarded the specifications are likely to become public soon. A full public debate can now take place, in addition to the limited consultation already undertaken.

The question of what happens if the specifications are unacceptable to a key group, such as professional bodies or regulators is not clear. If the contract is fixed then there is the prospect serious opposition to the clinical implementation of the system. Success depends on systems being purchased by individual trusts, although suppliers will be guaranteed payment for meeting the specification12.

If the contract is fluid and flexible then Mr Granger will not be far from the position of having a preferred bidder.


There is a large political drive behind the project. It is unfathomable to patients used to the internet and electronic banking may have to change your address at your each NHS body that you deal with. Despite almost all GP records being held electronically, the hospital doctor may not know what tablets you are taking unless you show them.


Modernisation is a central theme of government policy and the NHS is a priority. The NHS Plan marked the start of a huge investment in the health service tied to reform. This project should provide visible evidence of the delivery on this investment both direct and indirect.


Access to health services is a political priority and the OBS describes the concept of a patient-centric health care system. This is never really defined although one of the key innovations listed is a service for patients to access and annotate their own health records, called 'myhealthspace'. The OBS gives little additional justification does suggested that this will allow patients to review their health advice and improve compliance. There are fears that patients will consume more health resources in comprehending what can be a rather technical document. Responsibility for acting on information annotated to the record is not clear, and patients will need to be clear on its use.



Social Factors

The ICRS also marks a significant change to the medical record itself. Currently records are based in institutions. Even electronic records have been based in individual hospitals or GP surgeries and, with the exception of pathology, there was very little communication between them. One of the most prominent features of the vignettes within the OBS is information passing freely as the patient moves through the system


The medical record purpose has changed through the years since it was a simple record of occurrence – in the manner of a scientific record. It has become a medico-legal document, but remains patient centred and used specifically for a named patient.

Clinical governance moved some of this data into clinical audit, but it has not moved from the area where the patient record was first generated.


A very strong feature throughout the OBS that this central database should be used for audit of medical care, particularly against National Service Frameworks. Audits can access to pseudonymised patient data, even before patient consent is given for the clinical use of information.

The record may well retain information such as date of birth and post code after the patient identifier has been replaced. To a determined intruder this level of protection is ineffective.


Information for Health

“NHS managers and planners at ever level of the service must have information that helps the better target and use the considerable resources deployed in the NHS to improve the quality of life for patients ... Such information forms a natural by-product of the clinical systems required to support the day-to-day care of patients”2


The final statement is controversial. It is argued that data taken the central database in isolation from cannot form meaningful information13 . There are different reasons and contexts for collecting information; data in aggregate may appear inconsistent and carry little real meaning.

This has become a practical concern as systems start to exchange data e.g. GP contract data extraction software or the GP2GP record transfer system.


These problems are not insurmountable, but they require effort at the time of data collection to build a record suitable for data extraction. This is not a 'natural by-product' but rather a culture of data collection to be introduced along with the systems in the health service.

There is some move towards this already. One of the effects of target setting in NHS trusts has been to produce standardised reporting for statistical purposes. Similarly the new GP contract encourages a standard set of codes and definitions for reporting14.


The central database can produce information in aggregate about the performance of a clinician, department, hospital or the whole health service. Doctors are appraised on their results and trusts are placed in league tables; ultimately government policy may be judged on this data. It is politically vital that there is a reliable source of information.


Patient confidentiality is a major planning issue. Paper based records have the advantage of physical security; they can only be read and altered by someone with physical access. Electronic records within an organisation have an additional level of password protection, but the difficulties of user management mean that much is still based on physical access. Even with this level of security there have been potentially serious breaches of confidentiality from electronic systems 15. Members of Parliament have implicitly acknowledged this by setting up a healthcare system for their own use based on pseudonyms16.


The proposed system does not add any additional risks but the sheer size of the database also makes the potential for security breaches greater17,18. A typical GP system there may contain 10,000 records, a hospital system up to half a million. The central data spine in the ICRS will hold over 50 million health records. Even patient identification could prove problematic.


For information that the patient wishes to restrict to a named person the 'sealed envelope' has been specified.

The sealed envelope is an appropriate metaphor as the seal may be broken by users who would normally have access to this data. It will be no more difficult to open than a paper envelope. Access will generate an alert; like an envelope it is tamper evident. For some confidential data, however, a single release into the public domain could be disastrous. It will be up to the user whether the value of the information (clinically, politically or financially) is greater than the cost of an alert.


Breaches of confidentiality are inevitable from the new system, as they are from all current systems. These are likely to be well publicised in the media, and trust in the system from users and patients may fall. Without this trust the service cannot continue to function effectively. The General Medical Council views the clinician as being responsible for the maintenance of the confidentiality of the clinical record. It cannot be seen as personally risky to a clinician to use the system19.


It is not only unauthorised access that has caused concern to some. This will be a government database, probably more complete than any other. Even census data gives information on a rather smaller number of people than of those who are registered with general practitioners. This database may prove irresistible to central government. The UK government has also legislated to allow the release of patient identifiable data by the Secretary of State20. The regulations are to be relaxed which caused concern21.


There has been some research on patients' views on confidentiality in electronic records undertaken as part of the planning process22. Despite a positive spin this shows a significant minority who do not want data sharing for anything other than direct care, even after anonymisation23. There is a need for more levels of patient consent to data use, although there would inevitably lose some statistical power.



Measuring Success

In view of the above, success will be at partly measured by the lack of visibility of the system. Just as most people give the engine of their car little thought until it causes problems, an effective system should merge into the background of the NHS.

Publicly we will see increased access to health information from both health professionals and patients. We should see a great reduction in the movement of paper, and the weight of the daily mail through the post room of NHS Hospitals would not be a bad measure of success.


The formal measure of success is the functionality targets for 2004, 2006 and 2010. Whilst these will allow the contractor to be paid and some objective measure of success it does not measure the use of the system and the usefulness of data produced. It is likely that this cultural change will be more difficult to measure but will truly reflect the changes in the working patterns of the NHS that the system was designed to catalyse.


Summary

This project is huge in scale, ambition and cost. The brochure is glossy and the potential for improving patient care is significant. Like the latest Hollywood blockbuster only those close to it have seen the whole picture. It is due its premiere soon, and it remains to be seen if the desire to create a central management and audit database will significantly damage the project in the eyes of the government and health community.

The public test of the proposals is will to come soon, and the further planning is likely to be detailed, public and contentious24.


References

  1. David Thomas, " The Gremlins Strike - Again ," The Sunday Telegraph , 30 November 2003.

  2. Information For Health, Department of Health, 1998.

  3. The NHS Plan , Department of Health , June 2003.

  4. " A dose of technology: how the NHS hopes to transform healthcare with its high-risk Pounds 4bn investment in IT ," Financial Times , December 2 2003.

  5. Output Based Specification for the Integrated Care Records Services http://www.doh.gov.uk/ipu/programme/obs_icrs.htm

  6. " Granger: Rip and Replace Fears Unfounded ," E-health-insider , June 2003.

  7. Care Records Contract. NHS Update, Department of Health , 9 December 2003.
    http://www.nhs.uk/nhsupdate/news.asp?newsid=772&p=d

  8. "Big dreams relying on small print ," The Guardian , 10 Dec. 2003.

  9. Trefor Roscoe. Re: "Lockheed Martin ditches $15 billion NHS contract"” GP-UK mailing list. 3rd September 2003 http://www.jiscmail.ac.uk/cgi-bin/wa.exe?A2=ind0309&L=gp-uk&P=R3536

  10. The Standish Group (1995) The Standish Group Report - CHAOS . The Standish Group International, Inc, Massachusetts, USA. http://www.scs.carleton.ca/~beau/PM/Standish-Report.html

  11. PRINCE2. Central Computer and Telecommunications Agency Website http://www.ccta.gov.uk/prince/prince.htm

  12. NHS suppliers are given guarantees of payment. Computer Weekly December 2003 http://www.computerweekly.com/articles/article.asp?liArticleID=127238

  13. Berg, M; Goorman, " The contextual nature of medical information ," International Journal of Medical Informatics , vol. 56, pp. 51-69 , Dec. 1999

  14. Ewan Davis, " Avoiding the 'dataset mentality ," Informatics in Primary Care , vol. 11, no. 2, pp. 49-52 , 2003.

  15. Dissident Operation Uncovered BBC News Online , 2003. http://news.bbc.co.uk/1/low/northern_ireland/3038852.stm

  16. Protest as MPs 'jump NHS queue' BBCi, 15 December 2003. http://news.bbc.co.uk/1/hi/health/3319911.stm

  17. Ross Anderson, "Undermining data privacy in health information" BMJ, vol. 322, no. 7284, pp. 442-443 , 2001.

  18. Laurie Slater, " The Integrated Care Record Service and issues of security, confidentiality and civil liberties ," Health Informatics Europe , June 2003. http://www.hi-europe.info/files/2003/9980.htm

  19. Fleur Fisher, Paul Stevenson. Letters to Computer Weekly 25 July 2003 http://www.computerweekly.com/articles/article.asp?liArticleID=123809&liArticleTypeID=20&liCategoryID=2&liChannelID=28&liFlavourID=1&sSearch=&nPage=1

  20. Health and Social Care Act 2001. Section 60

  21. General Practitioners Committee of the BMA. “Response to Section 60 of the Health and Social Care Act 2001 : Consultation on proposals to revise regulations” January 2004 Unpublished

  22. National Health Service Information Authority “Share Care” http://www.nhsia.nhs.uk/confidentiality/pages/docs/swc.pdf

  23. “FIPR Response to NHS Confidentiality Consultation” Foundation for Information Policy Research http://www.cl.cam.ac.uk/users/rja14/fiprmedconf.html

  24. Nigel Hawkes, " Patient records go on database ," The Times , 21 July 2003.