Patient Privacy in the NHS

The NHS cares for most of us at some point in our lives. Patient privacy affects everything from the curtain around your bed to the access to your medical records. How does your Trust protect your privacy without compromising its healthcare services?

Privacy in Practice

When you are treated as a patient you’re probably worried about the privacy of more than just your information. The NHS has a duty to treat you with respect and autonomy, protecting your personal data and your physical person from privacy invasion.So what’s being done to ensure that you are treated in a fair and private manner?

• Single-sex accommodation. The Department of Health has recognised that patients prefer to be grouped by gender, and has been slowly getting rid of mixed wards for the last few years. Today, 97% of NHS Trusts provide single-sex wards with segregated bathroom facilities.

• Privacy on the ward. The old-fashioned image of a hospital ward features a line of beds with no separation between them, also known as a ‘Nightingale’ ward. This design fails to provide the essential levels of privacy and the Department of Health says that 98% of these wards have now been redesigned.

• Protecting patient dignity. This is a core standard in the healthcare industry. NHS Trusts are responsible for making sure that staff members are trained in maintaining dignity.

Accessing the NHS Records

Accessing your patient records from the hospital where they’re kept? It’s easy. Politicians, journalists and investigators know precisely where to look.

In 2002 MPs used the case of pensioner Rosie Addis as a “political football”, according to the British Medical Association, taking her case as an example of failed NHS care – and all without the patient’s consent. But how did they obtain Rosie’s information in the first place?

It soon emerged that the NHS was not protecting patient records well enough. One year later, research revealed the extent of the problem. The Foundation for Information Policy Research (FIPR) discovered that more than 10,000 bogus callers were able to access private patient information in 2003. Typically posing as health administrators or professionals, the callers were able to gain medical information that they would later use as part of an investigation or news story.

To make this research even worse, the NHS had trialled a telephone security system 9 years previously. Although the system – where callers were identified, approved, and called back – worked, it was abandoned anyway. FIPR called for the NHS to reintroduce the system, particularly as the pending centralisation will undoubtedly bring its own security flaws.

Centralisation of Medical Records

The NHS plans to centralise all patient records. This involves the gradual transfer of every medical record to an electronic database, which will be accessible to healthcare professionals all over the country. Privacy campaigners have severe doubts about the system, arguing that the government has a poor track record for storing private information, and asking who draws the lines for access. Many more people will have potential access to your medical record – unless you act quickly and deny permission. (Read more about centralisation in our article on Your Medical Records.)

More About Privacy in the NHS

The Department of Health’s Code of Practice for NHS professionals and GPs is available online. You can read more in our articles on Doctor-Patient Privacy, Genetic Privacy, and Your Medical Records.