BMA warns against letting patients have access to their electronic records (BMJ)

Update 3 pm ET: Thanks to Gilles Frydman for pasting in, in a comment below, the BMA’s actual statement, which as he says isn’t nearly as paternalistic as I thought from reading the BMJ piece. Need to discuss how this happened.

According to the British Medical Journal, the British Medical Association (BMA) has taken a big, paternalistic step backward regarding patient participation. Or perhaps it’s a step in the right direction, formalizing their position as embracing 20th century thought: they warn that it’s not wise to let patients see their records, doctors will be deluged with emails, etc.

The concerns are familiar but archaic. Kaiser has ten years of experience showing that email reduces the total number of patient touches, and besides, patients love being able to read and write 24/7; etc. Our co-founder Dr. Danny Sands said, “How can patients participate if they can’t see the same information?” And how are they supposed to participate in shared decision making?

It’s not sufficient to say “The doctor will tell the patient whatever they need to know.” The record shows that time-pressured physicians commonly do not. And as we’ve said many times, whose data is it, anyway? Whose health is it?

You’re welcome to comment on the BMJ site. Anyone can submit a “rapid response” comment at this link. The online extract is here.

Note: the BMA was responding to an initiative described in the National Health Service’s white paper Equity and Excellence: Liberating the NHS (PDF, 339k), which we wrote about in November.

Full text of the article follows:

BMJ 2011; 342:d206 doi: 10.1136/bmj.d206 (Published 12 January 2011)
Cite this as: BMJ 2011; 342:d206

BMA warns against letting patients have access to their electronic records
Michael Cross

Plans for NHS patients in England to take control of their own medical records have received a cool reaction from the BMA.

The association’s response to the government’s vision of a computerised health service, set out in its paper Liberating the NHS: An Information Revolution (, also warns of GPs being deluged with emails from patients.

The government’s paper, published last autumn, proposes a locally led strategy for computerising the NHS and for patients to have greater access to electronic information, including their own medical records.

In its 20 page response the BMA sounds a note of caution on the cost, likely benefits, and ethical acceptability of the plan.

Chaand Nagpaul, a GP and member of the BMA’s working party on information technology, said in a statement, “Improving NHS IT while the NHS is under huge financial pressure will be extremely challenging.

“While the principle of patients controlling aspects of their records is a good one, there must be safeguards to reduce the risks involved in sharing such sensitive data.”

The BMA’s response says that some information in health records may not be suitable for sharing with patients. It cites examples, such as reminders to doctors to look up the management of depression in pregnancy or the appearance of alarming terms such as multiple sclerosis. “Whilst patients may wish to have access to such information, it will require a change in practice,” it says.

Enabling patients to access their records “should be a gradual process” implemented in stages only after successful piloting, the BMA says. “There should only be investment in this area if evaluation provides evidence of patient demand and clear benefits.”

Privacy is another concern. “The one significant element which we feel is absent is confidentiality and the need to balance the benefits of new technologies with appropriate information governance models in order to protect patient data,” the response says. It warns that commercial online services and internet social networks may not be covered by UK or European Union laws on data protection.

Patients should also be better informed about secondary uses of data, for audit and research, and should be allowed to opt out of having identifiable data used for such uses.

While backing the coalition government’s emphasis on local choice of IT systems for NHS organisations, in contrast to the last government’s National Programme for IT, the BMA raises concerns about the cost of computerisation. IT systems have “significant implementation costs” and a “significant time lag” before any resulting savings appear.

The BMA is also concerned about the prospect of GPs communicating electronically with patients. Although this may have advantages, such as reducing patients’ temptation to seek advice and treatment from unregulated websites, potential dangers include the risk of missing symptoms that would be spotted in face to face consultations and the threat of “a deluge of communication” diverting clinicians from seeing patients.

“Electronic communication needs further piloting and should be introduced on a clinician voluntary basis,” the response says.

Consultation on the government’s white paper closes tomorrow (Friday 14 January). The Department of Health is expected to publish an information strategy by early summer.


Posted in: general | medical records | policy issues




29 Responses to “BMA warns against letting patients have access to their electronic records (BMJ)”

  1. JSimons says:

    Believes that Doctors should think again or do the think they are little demi gods

  2. Karen says:

    Doctors tend to tell you ONLY what you ask, and if you think of another question later you feel that you are wasting the doctor’s time making another appointment just for that. It would be helpful to access your own records and answer your own questions :)

    Mind you, having been a medical receptionist at a GP Surgery in UK, I’m not sure the doctors really want their patients to read some of the things they write about them in their notes!

    • Hi Karen – nice to meet you. You may be amused by the 1996 Seinfeld episode where Elaine tries to get her medical record – before our law that gave her the legal right. We posted about it here.

      To evaluate these non-evidence-based worries, the Robert Wood Johnson Foundation’s Pioneer Portfolio is funding OpenNotes, to gather data on what really happens. Does the sky fall? Does the world end? We introduced it here; other posts are on this search page.

  3. […] BMA warns against letting patients have access to their electronic records (BMJ) by e-Patient Dave on January 14, 2011 13tweetsTOP5Kretweet […]

  4. Am I the only one who’s OUTRAGED by the BMA’s stance? “Gimme my damm data” seems like the appropriate response here.

    • Hey Vince – here’s hoping OpenNotes allays some of those concerns – or perhaps proves the concerns are valid!

      If the latter happens, we just need to get to work on making it all function well, for all the reasons you’ve written about.

      • Thnx Dave.

        It’s worth noting that there are really 2 separate issues here:

        1) WHETHER patients have access to their data requires no discussion or debate

        2) HOW patients have access is worthy of level headed dialogue.

  5. As I have said on Twitter, I don’t believe the BMA statement is as paternalistic as one may believe if you only read the BMJ take on it. Let’s also make sure that our analysis is not blind to cultural differences between the largest single-payor health system in the world and the intensely capitalistic US medical system.

    Be your own judge.

    Here is the full, official BMA statement:

    National Programme for IT (NPfIT) and NHS Connecting for Health

    NHS Connecting for Health, formed on 1 April 2005, is a Directorate of the Department of Health. Its primary role is the delivery of the National Programme for IT (NPfIT), a multi-billion pound programme which was set up to provide modern integrated systems and services for all NHS organisations in England. In September 2010, following a review, the Department of Health announced a more ‘locally-led’ approach to NHS IT with NHS organisations making IT decisions in line with local requirements, with national infrastructure still being managed centrally.

    BMA general position on NPfIT

    The BMA has welcomed the benefits to patients that NPfIT has delivered, but concerns persist over delays, cost, reliability and the usability of systems. It has called on the government to ensure that the programme, especially in the current economic climate, is not wasteful of public money. Simple strategies can develop into complex problems and the current government should learn from the difficulties encountered by NPfIT. The BMA believes that giving NHS organisations more choice over IT systems makes sense, but has also pointed out the problems that might arise from a more local approach. It believes there still needs to be some central accountability to ensure consistent and equitable delivery, manage local implementation, avoid wasteful duplication of effort, and support local decision-making. The involvement of clinicians in taking forward changes to NHS IT is essential.

    ‘Information Revolution’ Consultation

    On 18 October 2010, the Department of Health’s ‘Information Revolution’ consultation, published as part of its White Paper reforms, set out measures to give patients more information and more say over their care. Key proposals were:

    · that patients should be able to keep their own copy of their care record, to access it online, and to share it with others as they see fit

    · easier patient access to services, including being able to contact healthcare professionals online or via email

    · more patient information to be input at the point of care

    · a much greater focus on transparency and openness, and the use of data to improve patient care

    · to encourage more widespread feedback on services from patients

    BMA position on Information Revolution Consultation

    In its response to the Information Revolution consultation,, the BMA agreed that high quality care is dependent on good information, that the NHS should be more intelligent in its use of patient data, and that patients should in principle have easier access to and control over elements of their records.

    However, it also pointed out that the extremely sensitive nature of health records meant that the proposals need very careful management. While the BMA has supported patients having greater control – for example in its call for Summary Care Records not to be created without their explicit consent – it should be remembered that records are the tool by which clinicians deliver care. There would also need to be safeguards in place to protect patients from sharing more information than they intend, either inadvertently or through coercion. A 2009 survey found that 20% of internet users had posted confidential or personal information online, 22% had been victim to phishing attacks, and 21% had been a victim of an identity theft. Even if a patient decides to share information, for example via an online support forum, they will effectively lose control of it once posting it online.

    The BMA response argued that delivering the government’s vision would be extremely challenging within the resources available to the NHS. It pointed out that many NHS organisations currently do not have the necessary systems in place to realise the government’s vision, and that IT is often one of the first areas to be downscaled during times of financial difficulty because it is not considered a frontline service. At a time of financial restraint, organisations may be unwilling to invest in the technologies needed to record more patient information at the point of care. The BMA believes that delivering the information revolution cost-effectively will depend on building on the systems that are currently in place and working well, and on involving clinicians and engaging professional bodies.

    The BMA welcomed the intention to improve patient access to NHS data but pointed out that it is often subjective, and often generated to be of use to clinicians rather than patients. For example many notes are recorded as aides-memoires to healthcare professionals – they could be unhelpful or even alarming to patients, for example, when a doctor speculates on a possible diagnosis, which is an essential part of differential diagnosis.

    Information intended to help patients make informed choices, such as outcomes data, can be valuable as long as it is presented in a way that does not mislead or confuse. Raw data can be misinterpreted and external factors, such as the demographics of a hospital’s catchment area can have a significant impact upon outcomes data. The BMA therefore has concerns about the ‘Publish and Improve’ policy outlined in the consultation document – the media report on data when they are first available, which can have a detrimental effect on NHS organisations.The role of clinicians in interpreting and explaining data will be key. The experience of doctors is that when presented with data to inform their choices, patients still value the views of the professionals caring for them, and often ask ‘What do you think is best?’

    The BMA also called for more consideration to be given to the potential of the proposals to increase health inequalities, pointing out that a technology-driven policy will not deliver benefits to groups that do not have access to technology.

    The Summary Care Record(SCR)

    The SCR contains the core elements of a patient’s health information – medication, allergies and known adverse reactions to drugs – which, when uploaded to a central ‘spine’ can be accessed anywhere in England where a patient is being treated in an urgent and emergency care setting. Additional information should only be added to a patient’s SCR with their explicit consent.

    Before NHS staff can access the SCR they need to be registered and given role-based access, which defines access rights according to the role of the staff member. Staff are issued with an NHS ‘smart card’ – a chip and pin card which, when inserted into a card-reader attached to the computer, gives them access to records as appropriate. Responsibility for smart card access rests with ‘Registration Authorities’ based around the country. Patients are asked for their permission before their record is accessed.

    SCR history

    The first SCRs were created in June 2007. In December 2009, following limited piloting by local early adopters, the DH announced that the programme would enter national roll-out. Several Strategic Health Authorities announced plans to upload patients’ SCRs in early 2010.

    The consent model for the creation of SCRs has caused considerable controversy. It was initially intended that all records would be automatically uploaded under a model of informed implied consent, while the BMA argued for an opt-in system, under which records would only be created with patients’ explicit consent. It was eventually agreed that patients would have the right to opt out, and would be asked for their explicit consent for their records to be accessed each time they saw a healthcare professional. As the programme was rolled out, the BMA and other organisations voiced serious concerns that patients were not receiving sufficient information about the creation of SCRs, undermining the validity of an opt-out model.

    In March 2010, the BMA wrote to the Department of Health calling for a halt to the roll-out of the SCR in areas which had not yet begun Public Information Programmes, and for the inclusion of an opt-out form in the information sent out to patients. In April 2010, the Department of Health provided an assurance to the BMA’s GPs Committee

    that the upload of records should only take place once the practice and PCT agreed that patients had been adequately informed and enabled to opt out. In June 2010, an independent evaluation of the SCR by researchers at UCL concluded that its benefits were more modest than had been anticipated.

    In October 2010, by which time three million SCRs had been created, a government-led review concluded that future SCRs would be restricted to patients’ demographic details, medications, allergies and adverse reactions (with additional information only added with the patient’s explicit consent) that it should only be used in emergency or urgent situations, and that the Public Information Programme should be improved. In future all patients are to be sent a letter containing an opt-out form, but those whose SCR have already been uploaded will not be contacted again.

    BMA position on Summary Care Record

    The BMA has consistently stated that greater sharing of healthcare information has the potential to improve patient care. Its concerns about the SCR were not about the principle of shared records, but about theprogramme’s implementation, which failed to adequately inform patients of their choices, and in some areas made it too difficult to opt out. The BMA believes patients must have an informed choice as to whether or not their health information is kept on the system, and be sure they know who will be able to access their details. It welcomed the progress that was achieved through the 2010 review of the SCR, and stated its intention to work constructively with Connecting for Health.

  6. Gilles, Thanks for this clarification. I agree — the BMJ article paints an overly paternalistic interpretation of the British Med Association’s POV.

  7. Patients should have access to all test results, diagnoses and proposed treatment plans from their physicians. It is important that patients have copies of their medical records not only for their own information, and to correct medical errors that may be in their records, but to bring copies with them to each new doctor they see. Who wants to rely on a physician’s office to send medical records to another doctor’s office?
    It’s a valid concern that doctors don’t want to share sensitive information with patients. Maybe there is an option of not sharing a full report with the patient. Perhaps the patient receives only test results, diagnoses, and treatment plans.
    It’s also a valid concern that the BMA is concerned about communicating electronically with patients. An option would be to confine transmission of medical records to mail or fax.
    Perhaps patients need to be educated about how to communicate with physicians. What might allay a physician’s fears is a patient’s understanding of the boundaries of email communication

    • Penelope says:

      Could you perhaps share an example of a situation when you would not think it in the best interest of the patient to provide the full report?

      • Penelope,
        An example I thought of is a physician’s perceptions of a patient behavior or emotional state and that he/she might want to make note of to observe at the next visit ie: possible depression, anxiety, eating disorder etc.. The doc may not be sure and may want to make a reminder note to pay attention to that in the next visit. If his/perception is incorrect, sharing that info with the patient would not serve the patient.

  8. Ted Eytan says:

    Hey Dave/all,

    Fascinating direction in the conversation, and in the spirit of “if you don’t like the news, go out and make your own,” do you think this statement provides a reasonable basis for one that might be made by the Society for Participatory Medicine? The actual one seems to be more reasonable – could this be a template for “S4PM position on Americans Connecting for Health?”

  9. Sue Woods says:

    I totally agree with Ted. This is a great opportunity for a S4PM statement, backed up with solid rationale on multiple fronts.

    It’s interesting they talk about sensitive records, security and IT infrastructure. Yet at the heart of it is lack of TRUST — not trusting patients/people to have this information. See:

    “The BMA welcomed the intention to improve patient access to NHS data but pointed out that it is often subjective, and often generated to be of use to clinicians rather than patients. For example many notes are recorded as aides-memoires to healthcare professionals – they could be unhelpful or even alarming to patients, for example, when a doctor speculates on a possible diagnosis, which is an essential part of differential diagnosis.”

    The only thing that is alarming is how tight they cling to old medicine.

    Patients want to read all that “speculation”. Next week I finish interviewing VA patients who had access to all their records. They tell the story of how powerful it is. So will Open Notes.

    The collective intellectual property that is S4PM flies in the face of this narrow view. Speak now.

    • I am sorry, but I see NOTHING in the statement that shows the BMA not trusting patients having access to the information.

      They raise an issue which I personally consider to be valid and which I am sure will be a significant element of the work done by the OpenNotes project. What interests me most here is the potential for transformation of the way clinicians record their ideas, now that they know these records are viewable by all. I think the BMA is correct to raise the issue because much unknown remains.

      Keeping doc notes away from their patients is obviously not an acceptable behavior for the long term, but a gradual move to the fully open notes may be what’s best for many patients, in a national system that provides care in many ways differently that how it is done in the US.

      I wish we had the direct input of UK patients and physicians. Making conclusions about the UK without their input is what we tend to do. Remember the proud statements about the creation of a democratic Irak?

    • I agree with both Sue and Gilles. The BMA text that Gilles pasted in shows that they’re not nearly as paternalistic as I first thought; but I agree with Ted and Sue that this would be a great topic for a SPM position paper.

      It shouldn’t be vast – the issues here are clear and simple.

      Let’s keep discussing. Ted, Sue, Gilles, someone, when we seem to be converging on a consensus, who wants to draft something?

      • Dave, off the top of my head I can’t remember where (Markle Foundation?), but Im sure I’ve already seen principles/manifestos/white papers on patient access to medical records…it might be appropriate for SPM to develop a position paper but this wheel doesn’t need to be created from scratch. V

        • Sue Woods says:

          Markle has principles and rationale for consumer access. Where it’s more from scratch is the ‘what’ of information; few include discussion about progress notes. Several papers offer excellent work (S Ross, J Ralston).

          Agree I don’t know about the UK system. As a primary care doc, I believe wanting to keep notes sequestered comes from an honest and honorable place. Hearing from patients seeing all their notes was transformative – for them, and for me.

        • Sue, I’m intrigued by your comment but am not clear about your meaning when you write:

          “Where it’s more from scratch is the ‘what’ of information; few include discussion about progress notes.”

          Can you elaborate, pls? V

        • Sue Woods says:

          What I mean is – the definition of “information” as it pertains to ‘patient health information’ tends to vary. Markle’s framework is robust on access and control, but the answer to the question, What Information are We Talking About? this is less clear. Progress notes are not ususally discussed in the context of portals/PHRs and HIE.

          I’m not aware of any statements about progress notes. Further, S2PM memmbers may not all agree on open notes. So, there’s likely going to be some wheel inventing, I think, on this one. Tom Delbanco’s work is the most thoughtful on this issue (made Free by Annals!).

        • Thanks…that’s helpful. I can see areas of discussion/controversy:

          * Best case scenario: patient and dr. work collaboratively using open notes
          * Many would argue that ANYTHING dr writes (or enters digitally) should be open to the patient.
          * If you leave an exception for progress notes not to be part of record and available to patient, that’s a great big potential loophole
          * Others might argue that physician should have the option to exclude specific info from patient IF justification is given

          …and probably more…

        • I hope that the OpenNotes project will look into something not yet covered here: will the patients direct access to all the notes produce measurable changes in the way docs write these notes. Will they become more or less useful, clinically?

        • Gilles, how / what might be measured?

          I presume you mean digesting some batch of notes. Things to compare, maybe:

          – before and during OpenNotes, with the same patient

          – physician’s overall use of various terms across all patients, before and perhaps a year after OpenNotes

          In any case I imagine it would require a large quantity of notes to have any credible validity. And it might be daunting to get the HIPAA approval forms for patient permission.

          I wonder if practices such as Group Health, which have been doing this for ages, show any different pattern than those who haven’t. And if there are differences, how would we ascribe it to patient access, vs a broader difference in physician culture in such practices.

        • The issues related to possible mental health conditions has been mentioned often as one example where docs may not want to show to their patients their private notes. I keep on wondering if in the OpenNotes project there are less mentions of these possible diagnoses than in pre-OpenNotes notes.

  10. Lynn Luc says:

    I have stage 4 melanoma NED and I have access and copies to all my files in the USA. I have no issue with sharing my own personal information. Confidentiality issues shold only arise when hospitals or others share the information. I would not be NED or alive had I not taken an active interest in my treatment…a patient should be given all the information to make informed decisions if they want to. My son had a rare cancer in Germany and subsequently died… he was 16. I found the medical society did not want to share any real information and resented being questioned. Once I asked a doctor a few questions and he fired back “if you don’t want my help, find another doctor”…

  11. Wendell Sykes says:

    There is one issue regarding the SCR that has not been mentioned in this thread. The SCR doesn’t list the diseases that are possibly or actually present, but insurance companies in the US would find lists of medications indicative of prior conditions that could be used to deny coverage. Thus, I would hope that HIPPA regulations would apply to a US version of the SCR, though I suspect that given the monetary value of pre-existing conditions to the insurance industry that there is probably significant leakage from both medical records and pharmacy companies of this data.

  12. Danny Sands says:

    This is a great discussion–sorry it’s taken me so long to respond. As some of you know, I co-authored the first national guidelines for the use of electronic communication in patient care, and also co-developed PatientSite back in 1999-2000, a portal that allow for secure patient-provider e-communication and patient access to health information.

    Based on these experiences and those of others that are well documented in the literature, the BMA is being overly paternalistic in their objections: no harm has come from either and both information access and e-communication provide tremendous benefits. Frequently, physicians concerns are thinly-veiled attempts to bill for additional types of services. If these perspectives become policy it will be a huge step backwards for the UK healthcare systems.

    Some relevant policy considerations include:

    Patient-Provider e-Communication

    1. Security (handled most efficiently through a secure portal, such as used for electronic banking)

    2. Rules of engagement (in what situations should it be used, turnaround time, etc., and what consequences of misuse are)

    3. Which personnel in practice can e-communicate (e.g., perhaps only triage nurses)?

    4. Will structured notes be required or will unstructured communication be permitted?

    5. How should parties agree to rules?

    Patient Access to Information

    1. Security

    2. Which information is available (e.g., types of results, notes, etc.)?

    3. When can patients access it (immediately vs. embargo rules vs. after ordering physician has seen +/- released)?

    4. Which patients can see (perhaps only those who can easily contact their health care provider in case they have questions)?

    5. How should parties agree to the rules?

    These are top-of-mind considerations. One could certainly drill down more.

    It’s remarkable to me that the BMA has arrogantly closed its eyes to the benefits of technology-enabled patient engagement.

    • Wendell says:

      Dr Sands:
      It seems as though there should be some economic considerations in this discussion. If an MD is swamped with emails from anxious patients it might make sense to have an economic cost associated with a response or even a receipt of an email that requires screening. One pediatrician that I know deals with the hyper-anxious and frequent emailing mother by suggesting an appointment to discuss the issue.

    • Danny, you wrote “It’s remarkable to me that the BMA has arrogantly closed its eyes to the benefits of technology-enabled patient engagement.”

      Can you point me to the part of the BMA statement where they do that? I haven’t been able to find it yet.

Leave a Reply