Patient online medical records’ access in England was promised by April 2015.
Just last month headlines abounded “GPs ensure 97% of patients can access summary record online“. Speeches carried the same statistics. So what did that actually mean? The HSCIC figures released in May 2015 showed that while around 57 million patients can potentially access something of their care record only 2.5 million or 4.5% of patients had actively signed up for the service.
In that gap lies a gulf of a difference. You cannot access the patient record unless you have signed up for it, so to give the impression that 97% of patients can access a summary record online is untrue. Only 4.5% can, and have done so. While yes, this states patients must request access, the impression is somewhat misrepresentative.
Here’s my look at what that involved and once signed up, what ‘access your medical records’ actually may mean in practice.
The process to getting access
First I wrote a note to the practice manager about a month ago, and received a phone call a few days later to pop in any time. A week later, I called to check before I would ‘pop in’ and found that the practice manager was not in every day, and it would actually have to be when she was.
I offered to call back and arrange a suitable date and time. Next call, we usefully agreed the potential date I could go in, but I’d have to wait to be sure that the paper records had first been retrieved from the external store (since another practice closed down ours had become more busy than ever and run out of space.) I was asked whether I had already received permission from the practice manager and to confirm that I knew there would be a £10 charge.
So, one letter, four phone calls and ten pounds in hard cash later, I signed a disclosure form this morning to say I was me and I had asked to see my records, and sat in a corner of the lovely practice manager’s office with a small thinly stuffed Lloyd George envelope, and a few photocopied or printed-out A4 pages (so I didn’t get to actually look at my own on-screen record the GP uses) and a receipt.
What did my paper records look like?
My oldest notes on paper went back as far as 1998 and were for the most part handwritten. Having lived abroad since there was then a ten year gap until my new registration and notes moved onto paper prints of electronic notes.
These included referral for secondary care, correspondence between consultants and my GP and/or to and from me.
The practice manager was very supportive and tolerant of me taking up a corner of her office for half an hour. Clutching a page with my new log-in for the EMIS web for patient records access, I put the papers back, said my thank yous and set off home.
Next step: online
I logged on at home to the patient access system. Having first had it in 2009 when I registered, I hadn’t used the system since as it had very limited functionality, and I had had good health. Now I took the opportunity to try it again.
By asking the GP practice reception, I had been assigned a PIN, given the Practice ID, an Access ID and confirmation of my NHS number all needed entry in Step 1:
Step 2: After these on screen 2, I was asked for my name, DOB, and to create a password.
Step 3: the system generated a long number user ID which I noted down.
Step 4: I looked for the data sharing and privacy policy. Didn’t spot with whom data entered would be shared or for what purposes and any retention or restrictions of purposes. I’d like to see that added.
Logged on using my new long user ID and password, I could see an overview page with personal contact details, which were all accurate. Sections for current meds, allergies, appointments, medical record, personal health record and repeats prescriptions. There was space for overview of height, BMI and basic lifestyle (alcohol and smoking) there too.
A note from 2010 read: “refused consent to upload national. sharing. electronic record.” Appropriately some may perhaps think, this was recorded in the “problems” section, which was otherwise empty.
Drilling down to view the medication record, the only data held was the single most recent top line prescription without any history.
And the only other section to view was allergies, similarly and correctly empty:
The only error I noted was a line to say I was due an MMR immunization in June 2015. [I will follow up to check whether one of my children should be due for it, rather than me.]
What else was possible?
Order repeat prescription: If your practice offers this service there is a link called Make a request in the Repeat Prescriptions section of the home page after you have signed in. This was possible. Our practice already does it direct with the pharmacy.
Book an appointment: with your own GP from dates in a drop down.
Apple Health app integration: The most interesting part of the online access was this part that suggested it could upload a patient’s Apple health app data, and with active patient consent, that would be shared with the GP.
It claims: “You can consent to the following health data types being shared to Patient Access and added to your Personal Health Record (PHR):”
- Height
- Weight
- BMI
- Blood Glucose
- Blood Pressure (Diastolic & Systolic)
- Distance (walked per day)
- Forced expired volume
- Forced Vital capacity
- Heart Rate
- Oxygen Saturation
- Peak Expiratory Flow
- Respiratory rate
- Steps (taken per day)
“This new feature is only available to users of IOS8 who are using the Apple Health app and the Patient Access app.”
With the important caveat for some: IOS 8.1 has removed the ability to manually enter Blood Glucose data via the Health app. Health will continue to support Blood Glucose measurements added via 3rd party apps such as MySugr and iHealth.
Patient Access will still be able to collect any data entered and we recommend entering Blood Glucose data via one of those free apps until Apple reinstate the capability within Health.
What was not possible:
To update contact details: The practice configures which details you are allowed to change. It may be their policy to restrict access to change some details only in person at the practice.
Viewing my primary care record: other than a current medication there was nothing of my current records in the online record. Things like test results were not in my online record at all, only on paper. Pulse noted sensible concerns about this area in 2013.
Make a correction: clearly the MMR jab note is wrong, but I’ll need to ask for help to remove it.
“Currently the Patient Access app only supports the addition of new information; however, we envisage quickly extending this functionality to delete information via the Patient Access service.” How this will ensure accuracy and avoid self editing I am unsure.
Questions: Who can access this data?
While the system stated that “the information is stored securely in our accredited data centre that deals solely with clinical data. ” there is no indication of where, who manages it and who may access it and why.
In 2014 it was announced that pharmacies would begin to have access to the summary care record.
“A total of 100 pharmacies across Somerset, Northampton, North Derbyshire, Sheffield and West Yorkshire will be able to view a patient’s summary care record (SCR), which contains information such as a patient’s current medications and allergies.”
Yet clearly in the Summary Care Record consent process in 2010 from my record, pharmacists were not mentioned.
Does the patient online access also use the Summary Care Record or not? If so, did I by asking for online access, just create a SCR without asking for one? Or is it a different subset of data? If they are different, which is the definitive record?
Overall:
From stories we read it could appear that there are broad discrepancies between what is possible in one area of the country from another, and between one practice and another.
Clearly to give the impression that 97% of patients can access summary records online is untrue to date if only 4.5% actually can get onto an electronic system, and see any part of their records, on demand today.
How much value is added to patients and practitioners in that 4.5% may vary enormously depending upon what functionality they have chosen to enable at different locations.
For me as a rare user of the practice, there is no obvious benefit right now. I can book appointments during the day by telephone and meds are ordered through the chemist. It contained no other information.
I don’t know what evidence base came from patients to decide that Patient Online should be a priority.
How many really want and need real time, online access to their records? Would patients not far rather the priority in these times of austerity, the cash and time and IT expertise be focused on IT in direct care and visible by their medics? So that when they visit hospital their records would be available to different departments within the hospital?
I know which I would rather have.
What would be good to see?
I’d like to get much clearer distinction between the data purposes we have of what data we share for direct and indirect purposes, and on what legal basis.
Not least because it needs to be understandable within the context of data protection legislation. There is often confusion in discussions of what consent can be implied for direct care and where to draw its limit.
The consultation launched in June 2014 is still to be published since it ended in August 2014, and it too blurred the lines between direct care and secondary purposes. (https://www.gov.uk/government/consultations/protecting-personal-health-and-care-data).
Secondly, if patients start to generate potentially huge quantities of data in the Apple link and upload it to GP electronic records, we need to get this approach correct from the start. Will that data be onwardly shared by GPs through care.data for example?
But first, let’s start with tighter use of language on communications. Not only for the sake of increased accuracy, but so that as a result expectations are properly set for policy makers, practitioners and patients making future decisions.
There are many impressive visions and great ideas how data are to be used for the benefit of individuals and the public good.
We need an established, easy to understand, legal and ethical framework about our datasharing in the NHS to build on to turn benefits into an achievable reality.