The government is failing to ensure that insurance companies will not be able to buy patient medical records through the controversial NHS data scheme, shadow health secretary Andy Burnham has said.
Mr Burnham said government amendments to the Care Bill which will be voted on Tuesday are too wide ranging to provide the protections necessary to assuage concerns that confidential information will be sold for commercial purposes.
His intervention came as health minister Dan Poulter outlined the government amendments to the Bill which say care information can only be disseminated “for the purposes of the provision of health care or adult social care” and “the promotion of health”.
Mr Burnham said this was unclear and did not fulfil health secretary Jeremy Hunt’s commitment to provide ”rock-solid” assurance to patients that confidential information will not be sold for commercial insurance purposes.
During the Bill’s report stage in the Commons, Mr Burnham said: “Where in the amendment does it say that? It doesn’t say anywhere in this amendment that it can’t be passed to private health insurance companies.
“The section… says that information could be passed ‘for the purposes of the provision of health care or adult social care’.
“This is a very wide provision and see no clarity in here that actually delivers on the commitments you are giving to the House.”
But Dr Poulter insisted the amendment gave a robust assurance that the information can only be used for the benefits of the NHS or the benefits of the health and care system.
He said: “[The amendments] provide robust assurance that this kind of data cannot be disseminated for purposes such as commercial insurance or for assessing an individual’s mortgage application.”
He added: “It’s very clear from the clauses that information can only be used for the benefit of the health and care service or for the purposes of promoting health.
“They are very, very clear that it happens for the benefits of the NHS or the benefits of the health and care system.”
The Care.data programme was pushed back until the autumn after NHS England, the body behind the scheme, bowed to enormous pressure from patient and medical groups including the Royal College of GPs and BMA.
Patients, doctors and other professional organisations, raised concerns that they had not been given enough time to learn about the project. NHS England has said it will work with patients and professional groups to promote awareness of the scheme.
The idea behind the programme is to link data from GP records with information from hospitals to give an idea of what happens to patients at all stages of the NHS.
The data that will be extracted from GP systems includes information on family history, vaccinations, referrals for treatment, diagnoses and information about prescriptions.
It will also include biological values such as a patient’s blood pressure, body mass index and cholesterol levels. Personal confidential data will also be taken, such as date of birth, postcode, NHS number and gender. The written notes a GP makes during a consultation will not be extracted.
The data will be held by the HSCIC and anonymised by officials there. Fully anonymised data will be made available publicly to anyone outside the NHS.
Data considered to be potentially identifiable - for example where a patient in a small town has a rare disease - will only be released to approved organisations for the specific purpose of benefiting the health and social care system.
Many including a large number of medical research organisations have backed the scheme, saying it will alert the NHS when standards drop, help create a better understanding of what happens to people, especially those with long-term conditions, who are cared for away from hospital, and provide information needed to assist and support research into new medicines, prevention and treatment of disease.
Labour has moved an amendment which could result in unlimited fines and up to two years in jail for misusing information obtained under Care.data.
The proposal makes it an offence for a person or a company to misuse or negligently allow the misuse of information received from the Health and Social Care Information Centre.
An individual found guilty of the offence would be liable to an unlimited fine and/or up to two years in prison.
A company found guilty would be subject to an unlimited fine and must also disclose the conviction on all future applications to access data from HSCIC.