The NHS is in trouble.

£2 billion pounds’ worth, according to healthcare bosses.

The demands of an ageing population, higher NHS pension costs, rocketing population growth and numerous other forces are conspiring to make the 66-year-old healthcare service buckle.

Suggestions for saving the NHS range from charging patients £10 for each GP appointment, all the way to radical cuts in NHS budgets. But one idea being launched by a small government body may end up actually saving the National Health Service.

The government body is the Health and Social Care Information Centre (HSCIC). And the idea, believe it or not, is carrying out data audits.

An almost perfect plan to change the world

Formerly known as NHS Connecting for Health, the HSCIC has been on a decade-long mission to create a centralised electronic patient records database. This database would serve to connect 30,000 GPs around the country with 300 hospitals, giving total access to patient records to all authorised health professionals.

This unprecedented level of connectedness would revolutionise the delivery of healthcare services to patient, eliminate massive amounts of waste and lay a foundation for medical innovation.

There was just one problem: data security.

From 2005 to 2013, NHS Connecting for Health was hit with waves of criticism over its plans to computerise patient records without putting in place adequate privacy safeguards”.

Concerns over confidentiality and the secure data transfer of medical records were rife. Surveys of clinical staff showed a lack of conviction about the benefits of the project. In fact, 66% of doctors said that they would refuse to have their own medical records on the system being developed.

Then when NHS Connecting for Health became the HSCIC, and was testifying before a select health committee in February 2014, MPs were unconvinced by arguments that ‘patient privacy had been safeguarded’.

A very bleak picture indeed

This prompted an intense investigation led by Sir Nick Partridge, which revealed a very bleak picture indeed.

  • Unauthorised ‘data sharing agreements’ with a French multinational reinsurer
  • Illegal access to NHS records by research programmes
  • 3,059 data releases between 2005 and 2013

Phil Booth (coordinator at medConfidential) put it best when he said:

“This is clearly system failure over a period of years. Patient data is out there and the public don’t know where it is. Companies receiving it did not know their duties as data controllers and they have not been able to distinguish between data sharing and reuse. This means we will never know who got hold of the data.”

The beginning of a data audit revolution

Following the investigation, the HSCIC announced that it would be carrying out a rolling, on-going programme of spot checks on companies, charities, government bodies and other organisations that have received medical records.

This perpetual audit will help establish a base level of compliance in terms of the secure data transfer of patient medical records.

But that’s not all.

Because in the same way that auditing is a critical enabler of the profitable transfer of finances through the stock market, the data audits by the HSCIC have the potential to enable the profitable and secure transfer of patient medical records…in every sense of the word.


Maytech specialises in helping huge names in the healthcare industry share sensitive information, completely secure and compliant with HIPAA. For more information on how we can help, visit our healthcare page today.