NHS patients database could be open to identity fraud
THE Department of Health is investigating fears by a North Staffordshire doctors' leader that a new IT system of patient records could make it easy for paedophiles to stalk their victims.
He also fears that it could open the door to identity fraud and allow people to snoop on each other.
To prove his concerns, Norton GP Dr Paul Golik, below, has tapped into the national database to find the address, date of birth, NHS number and telephone number of patients from other practices.
And he claims that with tens of thousands of NHS staff able to access the system with a new-style smart card, the potential for a security breach is "enormous".
Now Dr Golik, who is secretary of the 250-GP Local Medical Committee, has raised his worries with Stoke-on-Trent Primary Care Trust, which has passed them on to be looked into by the Department of Health at a national level.
He said: "It is possible to track down an estranged spouse, or even for a paedophile to look up the address of someone who they may have contacted on the internet – the possibilities are endless.
"I was shocked to find that I can now access details of anyone registered with the NHS and that's just about everyone. It also appears possible to make amendments to their address so there is potential for identity fraud.
"If you have a smart card and a pin number, as thousands will have by now, all you need are a person's name and approximate age.
"With the consent of friends registered with a different practice I have managed to get hold of all this personal information on them within seconds. They were staggered.
"And you can do this with anyone from ordinary people to Tory leader David Cameron."
The smart cards have already been issued to doctors and their secretaries and receptionists, PCT staff and those working in GP out-of-hours services and A&E departments.
And in future, dental surgeries, opticians, pharmacies and ambulances services would all be linked to the system.
The database was initially introduced to give access to the records of patients as surgery staff arrange specialist hospital appointments for them.
But in May it was extended to allow A&E staff to access the records of those needing emergency treatment.
Dr Golik said: "It's as dangerous as being able to Google someone's name and approximate age to get hold of all sorts of things about that person. Imagine the fuss if that could happen.
"But although the database will initially only store details of medication and allergies in the longer term, it is planned to store personal medical data on all our patients.
"I remain far from convinced that this would be secure with access limited to those who have a legitimate right to know.
"The proponents of the system claim there are benefits in sharing medical information and that it is important that anyone treating a patient knows of their health needs.
"I don't think there is any proof that it might be lifesaving. The risks are enormous."
A PCT spokesman said: "This issue is being looked into."
Jailed NHS boss lands new top job
Why won't they give me cheaper life-saving drug?
Latest: Swine flu inquiry to discover source of virus (AUDIO)
Comments