Memorandum by the Department of Health
1. The Department welcomes the opportunity
to contribute to the Select Committee's consideration of an NHS-wide
database of patient-specific genetic and clinical information,
for use by doctors, clinical researchers and epidemiologists.
2. It has been suggested that such a database
has the potential to act as a tool in the development of new or
improved methods of achieving better prediction, diagnosis and
treatment of disease and in establishing more cost-efficient ways
of operating health services. It also raises significant issues
about informed consent for use of data and tissues and confidentiality
as well as feasibility and cost. All these issues would need to
be explored fully with a wide public consultation before any decisions
could be made on whether the establishment of an NHS data base
was justified. These issues are dealt with in more detail from
paragraph 9 onwards.
3. This memorandum also refers briefly to
relevant research initiatives currently being led by the Medical
Research Council (MRC).
4. The Human Genome Project (due for completion
early in the new century) involves the determination of the genetic
code of the entire human genome and, combined with appropriate
studies, will eventually allow a much better understanding of
disease mechanisms. There is therefore significant potential for
developments in genetics and genetic technologies to provide new
routes to the understanding of complex disorders and the nature
of disease. The resources available to support developments in
the new science of genomics will be critical.
5. The creation of a system of electronic
health records currently under development within the NHS, with
standard terminology and rapid, anonymised access will in itself
create very important opportunities for research, evaluation,
and public health monitoring.
6. Over time, health records will come to
include more and more genetic information and diagnostic and predictive
tests will become more widely available, and cheaper, in routine
care. This information will add to the value of health records
for research and evaluation to some degree, but will also increase
the importance of a trusted system for protecting confidentiality.
IT SITUATION IN
7. Information for Health noted that use
of patient-based information is at present difficult at both a
clinical, operational and health authority level due to the lack
of tools presently available to aggregate such data consistent
and comparable ways. A range of actions that are to be taken in
the NHS were set out with the aim of ensuring that relevant, complete,
comparable data is available to support a range of functions,
including assessment of performance of the NHS.
8. The NHS Information Authority has a programme
of work to extend the development of electronic clinical records
across the NHS over the next six years. These records are intended
to have core standard elements, thus having the potential to provide
the required source data for a national clinical database. Equally,
work on classifications and groupings is continuing as part of
the Information Authority's work programme, which has the potential
to contribute to ways of analysing these clinical records for
various purposes. In April 1999, the NHS Executive entered into
an agreement with the College of American Pathologists (CAP) to
create a new world standard for computerising medical terminology.
This is necessary for the effective introduction of electronic
health records as outlined in the strategy document Information
9. In England, personal health information
is protected by the common law duty of confidence and, where held
on computer in an identifiable form, by the Data Protection Act
1984. The Data Protection Act 1998 comes into force in March 2000
and will cover both computerised information and information held
manually in certain types of files. This will include most if
not all clinical records. The Data Protection Act 1998, like its
predecessor, does not apply to anonymised information. Generally,
it requires that:
the common law of confidentiality
be complied with;
the data subject must not be misled
or deceived into giving the data;
the data subject must be given basic
information about who will process the data and for what purpose;
in the case of health data, one of
the conditions in Schedule 2 and one of the conditions in Schedule
3 of the Data Protection Act must be complied with (see Annex).
10. Under the 1998 Act, data legitimately
processed for research or statistical purposes are exempt from
certain provisions of the Act as long as the processing neither
causes substantial harm or distress to the data subject nor supports
measures or decisions in relation to individuals. Such data can
be kept indefinitely and are exempt from the subject access rights
if the results of the work are not made available in a form from
which data subjects can be identified. Use of such data for research,
although obtained for other purposes, is not unlawful. However,
this does not absolve the data controller from the obligation
to give the data subject general information about the intended
11. In addition to compliance with the specific
requirements of the data protection legislation, any disclosure
of personal health information must also comply with the common
law duty of confidence. Any disclosure made with the consent of
the individual concerned will meet these requirements. In English
law, confidential information can be disclosed without
the consent of the individual where the public interest in the
disclosure exceeds the duty of confidence to the individual. This
is a test that must be carried out on a case-by-case basis. In
other words, one research project may be sufficiently in the public
interest to meet the test but this does not mean all research
projects that could be carried out on the same data would meet
this test. Even if there is an overriding public interest, where
consent could be obtained to the release of confidential
information, it should be sought. This applies to both identifying
and non-identifying information.
12. A recent ruling (R v Department of
Health ex parte Source Informatics Ltd; Times Law Reports
14 June 1999) confirmed that anonymised data derived from
confidential patient information continues to be subject to a
duty of confidence. This ruling is subject to an appeal due to
be heard in late 1999.
13. Questions to be considered in relation
to any large scale database of clinical and genetic information
is the use of personal health information
in large scale database justified by the potential research and
should data be anonymised?
should explicit consent from an individual
be required before entering information on a database, even if
the data are anonymised?
what safeguards or legal controls
should be required to protect confidentiality, consent and use.
14. The use of DNA samples also raises broader
ethical questions because of their ability to reveal information
about an individual and members of an individual's wider family
that they may or may not wish to know. Issues about communication
of research results and ensuring that the right "not to know"
is respected would need further consideration. Broader issues
such as the implications of gene patenting, commercial ownership
of personal health information and questions about intellectual
property would also need to be investigated further.
15. The feasibility of establishing such
a large and integrated resource of medical data has yet to be
established. The current rapid development of genomic science
means that it is difficult to predict how such a database might
be used in the future. This would influence the data definitions
and criteria for data entry to ensure amongst other things compatibility
of data entered from different sources. The adequacy of existing
clinical records to provide such data would need to be investigated.
16. Appropriate security arrangements would
be needed to ensure that unauthorised access was prevented. Protective
measures would be likely to include access controls to authenticate
users, cryptographic techniques to scramble information and safeguard
storage and audit logs to record accesses to the information.
The exact methods to be adopted would have to be carefully considered
both for their effectiveness and for their potential impact on
NHS working practices.
17. Resource consequences would depend on
the model chosen but are potentially enormous. Techical and security
issues combined with the need for long-term maintenance suggest
that any national database would be an expensive undertaking.
18. Illustratively, the costs of the Icelandic
database of clincial information, which does not yet exist, have
been estimated by the Icelandic Ministry of Health and Social
Security at 10.5-19.3 billion ISK
129-244 million for a population of 270,000.
19. A number of small and medium-scale databases
have been or are being established to study patients with a particular
condition or for epidemiological studies. Such collections are
funded by various charities, the MRC and by industry. The MRC
is currently developing plans for a large prospective cohort to
study interactions between genetic and environmental risk factor
for disease. The studies will involve consenting patients selected
according to specific criteria and will be subject to aprpoval
by Research Ethics Committees.
20. In theory, a universal NHS health information
and DNA database could be created. In the short-term there are
questions about feasibility and affordability. There are also
central ethical and legal questions which need to be addressed.
Issues around confidentiality, security, control of data, consent
to use of health information both prospective and retrospective
would all need to be considered. Such issues justify widespread
public debate and consultation before decisions are made. It is
likely that the new Human Genetic Commission will wish to consider
these important issues as a priority when the body convenes for
its first meeting early next year.