The Patient Information Advisory Group and the use of patient-identifiable data.

Patient confidentiality has been a matter of concern in the English National Health Service (NHS) for many years. A number of recent events have triggered the demand for a more concerted programme of change to eliminate the use of patient-identifiable data and to devise more acceptable alternatives. The Caldicott Committee, in 1997, set out the case for change and legislation in 1998 (the Data Protection Act and Human Rights Act) and emphasised the need for urgent action. A number of public inquiries into failures of care in the NHS (at Bristol Royal Infirmary and Alder Hey Hospital) pointed to the failure to seek consent as a major issue for the NHS. Whilst accepting the need for change, the Government, in drafting the Health and Social Care Act 2001, allowed for the fact that some organisations and individuals would need time to move towards anonymisation of data (reversible or irreversible) or to obtain patient consent. Under Section 60 of the Act it established the Patient Information Advisory Group (PIAG). PIAG advises government ministers on circumstances in which the continued use of patient-identifiable data should be permitted, as a temporary measure. PIAG faces a number of challenges as it develops its programme of work: how to maintain the pace of change towards anonymisation, how to ensure compliance with the law, how or whether to share information across organisational boundaries in the interests of citizens, how consent should be obtained and how to achieve 'joined up' working across those organisations that are charged with promoting confidentiality and privacy.