Skip to content or view mobile version

Home | Mobile | Editorial | Mission | Privacy | About | Contact | Help | Security | Support

A network of individuals, independent and alternative media activists and organisations, offering grassroots, non-corporate, non-commercial coverage of important social and political issues.

The Spine

Damian Abbott | 06.12.2007 10:33 | Health | Technology

As HM Revenue & Customs loses 25 million confidential records in the post, the programme to introduce a centralised NHS database slouches on, only delayed by a classically wasteful PFI project. Total data transparency may be good for corporations and security obsessed governments, but what does it mean for the recipients of ‘joined-up care’?, asks Damian Abbott

Just over a week ago, doctors in the north west of the UK became the first to be able to access 'The Spine'.

The Spine is a centralised database of medical records and has already been primed with the details of approximately 50 million patients. Those living in Bolton, some 237,000 people, were recently sent a letter explaining the scheme. Although failure to respond to the letter will be taken as implied consent to the use of their personal data, so far only a small minority have taken the opportunity to opt out.

Although it sounds like a character from Dr. Who, the database programme’s moniker was no doubt chosen to evoke an indispensable component of the NHS’s target animal. The Spine is publicised on the government’s 'Connecting for Health' website as performing five main functions:

– to store personal characteristics of patients, such as demographic information

– to store summarised clinical information which may be important for the patient's future treatment and care, such as allergies, current medications and adverse reactions to drugs

– to ensure the security of systems required to restrict access to the national and local systems [For example, hospital doctors will carry a smartcard as a 'password' to access the database. A 'sealed envelope' system into which patients will be able put their most sensitive information is also under development and will be piloted ‘in the long term’.]

– to provide a Secondary Uses Service (SUS), supplying anonymised data for business reports and statistics for research and planning purposes

– to interface with all the local IT systems within the National Programme.[1]

The national programme was created in partnership with British Telecom and a host of often beleaguered sub-contractors including the consultancy Accenture and healthcare software provider, iSoft. Run as a Private Finance Initiative (PFI), it was initially touted as costing just over £2 billion.[2] However, over a decade of development this figure has risen to £12.4 billion. Rumours are now rife that the true final cost will be £20 billion.

A quick review of the history of PFI aka Public Private Partnerships (PPP) makes it clear that value for money has never been the primary motivation for this form of public project. It has always been, first and foremost, a polemical weapon deployed against the very notion of public funding, against the principle of providing services equally to the population through taxation. The first privately financed public project in Britain was a bridge connecting the island of Skye to the Scottish mainland. The governing Conservative party began seeking contractors in 1989 and construction started in 1992. Estimated to cost £25 million, there were numerous other hidden costs: sweeteners to entice a private consortium of UK and overseas companies into doing the job in the first place; access roads to the bridge which were not part of the deal and were paid for purely from the public purse; decommissioning of the ferry, which would have been the bridge's main competitor for tolls, again at a cost to the public purse. Once the ferry was abandoned, government then had to subsidise bridge tolls for the otherwise marooned islanders, many of whom were enraged enough to carry out a campaign of civil disobedience resulting in about 500 arrests and 130 subsequent convictions, putting pressure on mainland courts. All in all, the hidden costs added up to at least three times that of the publicised cost; the consortium walked away with over £33 million in collected tolls, before the Scottish Parliament bought them out for a further £27 million.

Let’s just pause and ask who was on the best side of that deal? It certainly wasn’t the taxpayer, but how could it be any other way? PFIs mix the worst of both the private and the public worlds: companies offering to do stuff on the cheap for government bureaucrats with severely limited experience of driving a mutually rewarding bargain. If you were looking for the best bang for your buck – a quality product for the right price, not a fully featured public project from your local Pound Shop – would you really want a civil servant to be your primary negotiator? PPP would probably best be read as standing for Piss Poor Performance, unless your benchmarks for efficiency were distinctly other than financial.

The NHS’ IT programme, however, is hugely ambitious and its size may well ensure a less happy outcome for its corporate partners. The many sub-contractors have had to commit a considerable amount of resources and are consequently shouldering an equally large burden of risk. The contracts were under scrutiny from the beginning, with the National Audit Office beginning an investigation in 2004, at an unusually early stage of the project. The published report in 2006 criticised the speed of progress and lack of consultation with doctors and clinicians. However, the general feeling was that the report itself was lacking, failing to criticise the lack of staff training in the programme.[3] The sub-contractors, too, have been critical of the process, but more because of increased strictures on the deal. Accenture pulled out of its commitments, announcing $450 million in losses due to the delays. Presumably the contract which they handed over to Computer Sciences Corporation, potentially worth £2 billion, seemed unlikely to live up to its promise given that it stipulated payment in full only on delivery of a fully working system.

iSoft are similarly dubious project partners, although they remain on board. The ‘healthcare software solutions’ group made a pre-tax loss of £343 million in 2006 on revenues of £210 million, apparently unable to deliver their ‘solutions’ within any kind of timescale, reasonable or otherwise. In May of this year they announced a board change, kicking out their Chief Technology Officer (with a £250,000 payoff and benefits), then, at the end of October, the company was taken over by IBA Healthcare. The merger has created the largest healthcare IT provider outside of the United States, but whether they too will be swallowed up by their commitments remains to be seen.

Before I go any further I have to declare an interest; I have to say that I'm not writing this article from any kind of objective distance (those who know me will be aware that I rarely do that anyway). I've had Crohn's disease for over twenty years. An inflammatory disease affecting the alimentary canal, and with no known cure, it has positioned me into a regular, almost daily relationship with the NHS for most of my adult life. The many additional symptoms of the disease, affecting peripheral parts of the body, have meant that my sense of self has been fragmented for equally as long, since each new symptom means being shuffled into a new hospital department. Iritis sends me over to the ophthalmic specialist, pyoderma to the skin department, tumours to the oncologist. Drug treatment has been overseen by a 'medical' team, whilst surgical intervention has been the territory of yet another group of professionals. Sometimes they have argued over whose discipline should take precedence, and most of the time it has been as if my body were segmented by a bureaucracy over which I have had little control. And yet I cannot say that it has been an entirely alienating experience. The form of surveillance to which I have been subjected has been of the most intimate and probing kind; my doctors and I have watched parts of my body, even touched parts of my body that my most adventurous partners in love have never even seen, could never even approach. A body composed of nothing but discrete organs, each organ having its own retinue of observers and functionaries. Yes, I feel worshipped, loved even, and have nothing but gratitude for the men and women that have kept me alive, watched over me, and kept me going in one form or another.

So I am, in many ways, the ideal customer for The Spine. It is being sold on the basis that it will provide me with a form of further empowerment:

Once the NHS CRS [National Health Service Care Records Service] is fully implemented, having each patient's Summary Care Record stored on the Spine will mean that wherever and whenever a patient seeks care from the NHS in England, those treating them will have secure access to summary information to assist with diagnosis and care. This should provide safer, more joined up care.[4]

How many times is the word 'care' repeated in that paragraph? Someone really wants me to know that this is all about 'care'. The Spine offers the fantasy of uniting all the disparate parts of (one more time) my ‘care’, creating a holistic understanding of my disease. That a digital stitch could create a unitary realm of communication between my disease, my guardians, and ultimately my life, is a very attractive idea. Over the past two decades I have attended most of the hospitals in London (and a few outside of London); sometimes through the gateway of Accident and Emergency, and sometimes by appointment, but rarely however, has communication been a problem. Admittedly my Britannica sized folder of notes has strayed or been delayed on occasion, but thankfully a cross examination of the patient and an assessment of the particular symptoms as presented is what most doctors base their decisions on. While I can see that, for example, storing x-ray images electronically has many benefits, I am quite capable of informing a doctor of my name, address, and occupation. There must be very few occasions when emergency treatment is dependent on the kind of general, personal information and history that is contained in medical notes. Beyond the sales pitch, I'm sure that most of us, familiar with peer-to-peer music downloads, bit torrents, and the internet generally, were under the impression that a centralised data processing model was a digital anachronism. So whom will the database really benefit? Who will really find the demographic information useful?

The NHS itself is gradually being segmented and territorialised in much the same manner as my own body, but the infection at root of this process is much more easily diagnosed and discerned. Regarding The Spine from much the same perspective as a meningococcal bacterium are the medical corporations with products and services ready to fit the niches being created. As the foreword to the Cooksey Review, a report commissioned by Gordon Brown into ‘the best institutional arrangements for the new single fund for health research’, explained:

Combined with the reorganisation of the NHS R&D function to make it more accessible and transparent for industry, this [the ‘Connecting for Health’ IT database] opens the door for the UK to excel again in healthcare innovation and service delivery.[5]

The BioIndustry Association has already expressed an interest in using patient information to seek out test subjects, but there is a deeper effect to consider than the prospect of commercial data mining.[6] The modularity indicated by the spinal metaphor is itself the medical industries’ preferred commercial model for the NHS. Taken to its logical conclusion modularity means that the NHS will become less a provider of services to the public and more a purchaser of them on the public’s behalf. Suddenly, the spinal metaphor becomes less something that makes the medical process directly and instantaneously accessible to me, but more of an obfuscatory mechanism, a middle man for a market that I will not have any direct control over.

The privatisation of health is little more than the consolidation of a triumvirate of power: health, education, and work. While our further education colleges are being exhorted to serve the needs of industry, the privatisation of health serves primarily to make people dependent on work in order to pay the insurance premiums. Everything locks together to make for a docile populace. Should things get out of hand, however, the ability to search a network that provides demographic information, cross-reference that data with an Oyster card trail, and triangulate the signals from a mobile phone, makes CCTV seem quaint.

Much has been made of the security implications of The Spine, primarily regarding the safety of the information contained therein. Apparently, every access to the database will leave its mark on an audit trail, so it is clear who is accessing information and when. This, of course, fails to take into account that tools are used in the most efficient and expedient way for their user, not necessarily in the way in which they were supposed to be used. For instance, there is already considerable evidence that the smart cards that should restrict entry to the Care Records Service are being shared among NHS staff, making it impossible to track exactly who has accessed the database:

An NHS trust board has approved the sharing of smartcards – a breach of security under the £12.4bn NHS IT programme because slow login times would otherwise restrict the time of doctors who are busy treating emergency patients.[7]

Ultimately it is impossible to guarantee the security of any database and it will be impossible to guarantee the accuracy of the data that is input. However, identity theft or any other random security breach is really at the lower end of the potential problem. The utility of the Spine to the state is of more concern. ‘Rasterfahndung’, an investigative process pioneered by the German Federal Criminal Investigation Office, involves mining networked databases for characteristics that fit a particular profile. First employed in the late ’70s during the search for Red Army Faction sympathisers and members, it only resulted in the arrest of Rolf Heißler. Its use re-emerged after the attacks on the World Trade Centre on September 11, 2001. German police started collecting data from universities, registration offices, health insurance companies and Germany's ‘Central Foreigners Register’. The profile used was simple: male, aged 18-40, (ex)-student, Islamic religious affiliation, native country or nationality of certain countries with predominantly Islamic populations. Such profiling, whether or not based on a simplistic ethnic, and ultimately racist, assumption erodes basic tenets of justice, adding caveats to the very functional notion of presumed innocence. Rasterfahndung is not even a very effective method of investigation, however. When the German Federal Constitutional Court declared the process unconstitutional in April 2006, it hadn’t resulted in a single criminal charge for terrorism-related offences being tried. Ineffective, but very tempting to a lazy or authoritarian government. In the case that the government decides that either a ‘serious crime’ has taken place, or ‘national security’ is threatened, patient confidentiality conveniently disappears and you may as well start wearing a t-shirt that advertises your number of pregnancies, the number of days you’ve taken a sickie, and those two empty bottles you’ve been trying to hide each morning from the boss.

The rise in gun crime has already been taken by the British police as an opportunity to make a moral attack on the ethics of medical confidentiality. The Guardian recently quoted a police officer as saying:

If your ethics are about the preservation of life, then there should be at least the possibility of you telling the authorities if somebody walks in with a gun or knife wound.[6]

With the state already considering the creation of a national DNA database, a privatised health service means a population reliant on the very insurance companies that would salivate over access to such information. Confidentiality and privacy really isn’t a matter of pedantic philosophising. It’s becoming a matter of self-defence.

Damian Abbott is a co-founder and editor of Inventory and has worked under various pseudonyms on other collective enterprises


Footnotes

[1] The Spine is part of a project called ‘The National Programme for Information Technology’ which includes the ‘Electronic Prescription Service’, and a ‘Picture Archiving and Communication System’, amongst other digital services,  http://www.connectingforhealth.nhs.uk/systemsandservices/spine/faqs/

[2] PFI,  http://tinyurl.com/33aq2d See also: Rob Ray, ‘The 3 P's – PFI, Private Equity, and Pensions’, Mute Vol. 2, Issue 7,  http://www.metamute.org/en/The-3-Ps

[3]  http://news.bbc.co.uk/1/shared/bsp/hi/pdfs/18_08_06_nhs_auditreport.pdf

[4]  http://www.connectingforhealth.nhs.uk/systemsandservices/spine/index_html

[5]  http://www.hm-treasury.gov.uk/independent_reviews/cooksey_review/cookseyreview_index.cfm

 http://www.hm-treasury.gov.uk/media/4/A/pbr06_cooksey_final_report_636.pdf

[6]  http://www.bioindustry.org/

[7] Computer Weekly,
 http://www.computerweekly.com/blogs/tony_collins/2007/01/smartcard-sharing-by-an-nhs-tr-1.html

[8] Reported by Vikram Dodd, crime correspondent, The Guardian, 29 October, 2007.

Damian Abbott
- Homepage: http://www.metamute.org/en/The-Spine

Upcoming Coverage
View and post events
Upcoming Events UK
24th October, London: 2015 London Anarchist Bookfair
2nd - 8th November: Wrexham, Wales, UK & Everywhere: Week of Action Against the North Wales Prison & the Prison Industrial Complex. Cymraeg: Wythnos o Weithredu yn Erbyn Carchar Gogledd Cymru

Ongoing UK
Every Tuesday 6pm-8pm, Yorkshire: Demo/vigil at NSA/NRO Menwith Hill US Spy Base More info: CAAB.

Every Tuesday, UK & worldwide: Counter Terror Tuesdays. Call the US Embassy nearest to you to protest Obama's Terror Tuesdays. More info here

Every day, London: Vigil for Julian Assange outside Ecuadorian Embassy

Parliament Sq Protest: see topic page
Ongoing Global
Rossport, Ireland: see topic page
Israel-Palestine: Israel Indymedia | Palestine Indymedia
Oaxaca: Chiapas Indymedia
Regions
All Regions
Birmingham
Cambridge
Liverpool
London
Oxford
Sheffield
South Coast
Wales
World
Other Local IMCs
Bristol/South West
Nottingham
Scotland
Social Media
You can follow @ukindymedia on indy.im and Twitter. We are working on a Twitter policy. We do not use Facebook, and advise you not to either.
Support Us
We need help paying the bills for hosting this site, please consider supporting us financially.
Other Media Projects
Schnews
Dissident Island Radio
Corporate Watch
Media Lens
VisionOnTV
Earth First! Action Update
Earth First! Action Reports
Topics
All Topics
Afghanistan
Analysis
Animal Liberation
Anti-Nuclear
Anti-militarism
Anti-racism
Bio-technology
Climate Chaos
Culture
Ecology
Education
Energy Crisis
Fracking
Free Spaces
Gender
Globalisation
Health
History
Indymedia
Iraq
Migration
Ocean Defence
Other Press
Palestine
Policing
Public sector cuts
Repression
Social Struggles
Technology
Terror War
Workers' Movements
Zapatista
Major Reports
NATO 2014
G8 2013
Workfare
2011 Census Resistance
Occupy Everywhere
August Riots
Dale Farm
J30 Strike
Flotilla to Gaza
Mayday 2010
Tar Sands
G20 London Summit
University Occupations for Gaza
Guantanamo
Indymedia Server Seizure
COP15 Climate Summit 2009
Carmel Agrexco
G8 Japan 2008
SHAC
Stop Sequani
Stop RWB
Climate Camp 2008
Oaxaca Uprising
Rossport Solidarity
Smash EDO
SOCPA
Past Major Reports
Encrypted Page
You are viewing this page using an encrypted connection. If you bookmark this page or send its address in an email you might want to use the un-encrypted address of this page.
If you recieved a warning about an untrusted root certificate please install the CAcert root certificate, for more information see the security page.

Global IMC Network


www.indymedia.org

Projects
print
radio
satellite tv
video

Africa

Europe
antwerpen
armenia
athens
austria
barcelona
belarus
belgium
belgrade
brussels
bulgaria
calabria
croatia
cyprus
emilia-romagna
estrecho / madiaq
galiza
germany
grenoble
hungary
ireland
istanbul
italy
la plana
liege
liguria
lille
linksunten
lombardia
madrid
malta
marseille
nantes
napoli
netherlands
northern england
nottingham imc
paris/île-de-france
patras
piemonte
poland
portugal
roma
romania
russia
sardegna
scotland
sverige
switzerland
torun
toscana
ukraine
united kingdom
valencia

Latin America
argentina
bolivia
chiapas
chile
chile sur
cmi brasil
cmi sucre
colombia
ecuador
mexico
peru
puerto rico
qollasuyu
rosario
santiago
tijuana
uruguay
valparaiso
venezuela

Oceania
aotearoa
brisbane
burma
darwin
jakarta
manila
melbourne
perth
qc
sydney

South Asia
india


United States
arizona
arkansas
asheville
atlanta
Austin
binghamton
boston
buffalo
chicago
cleveland
colorado
columbus
dc
hawaii
houston
hudson mohawk
kansas city
la
madison
maine
miami
michigan
milwaukee
minneapolis/st. paul
new hampshire
new jersey
new mexico
new orleans
north carolina
north texas
nyc
oklahoma
philadelphia
pittsburgh
portland
richmond
rochester
rogue valley
saint louis
san diego
san francisco
san francisco bay area
santa barbara
santa cruz, ca
sarasota
seattle
tampa bay
united states
urbana-champaign
vermont
western mass
worcester

West Asia
Armenia
Beirut
Israel
Palestine

Topics
biotech

Process
fbi/legal updates
mailing lists
process & imc docs
tech