emply nhs patient seats

Ghost Patients: Cleansing the Patient Records that Haunt the NHS

If you haven’t been in contact with your GP in the past six months, you might be mistaken as a ghost. You could be one of the millions of ghost patient records that are haunting General Practitioners and the National Health Service of late.

Widely used to describe patients who have not visited their GP surgery within the last six months, ghost patients are a costly challenge to the NHS, as GPs are allocated £150 per patient record. What the NHS is discovering, however, is that many of these records belong to deceased or patients who have moved away – ghost patients.

As if this weren’t challenging enough, the NHS’s approach has created a costly and largely inaccurate patient database that appears to only be getting worse.

Does the NHS think you’re dead?

Despite a nationwide concentrated effort to decrease “ghost patients”, the number of ghost patient records is only growing. Recent figures show that the number of potential ghost patients was at a 10-year high of 3.1 million in 2017, a 43% increase from 2.2 million in 2007.

In the midst of these rising numbers, GPs warn that many of the scrubbed records are in fact legitimate patients who should never have been removed. Young children, elderly patients, disabled persons, or simply healthy people who haven’t had to contact their GP are removed as the NHS attempts to clean practice lists and squelch rising costs. Estimates figure that tens of thousands of genuine patients have been removed even after being flagged as validated.

In other words, the NHS may be incorrectly assuming you’re either dead or relocated.

Since 2015, the NHS has outsourced this list-cleaning endeavour to Capita, who requests GP’s send along a list annually of any patients who have not been in contact within the past five years.

Potential ghost patients are sent two notices in the mail: the first within ten working days and the next within six months. Those who fail to respond are removed from the GP’s list of active patients.

Aside from a cumbersome and expensive method of dealing with a seemingly straightforward problem, the NHS is now facing another issue: it’s not working.

How 4% Creates a Costly Problem

Why bother with such a costly and inefficient endeavour? In 2016 these ghost records accounted for only 4% of those listed with GPs, a percentage that at face value seems inconsequential.

The answer, as with most things, comes down to money. With a payout of about £150 per patient record and 1% of a GP’s budget, the NHS haemorrhages over about £550 million a year for patients who don’t exist.

Amid record numbers of so-called ghost patients, the NHS Counter Fraud Authority suspect many GPs are knowingly keeping outdated records on their lists in order to continue to receive larger payouts. The fraud team estimates as much as £88 million is being incorrectly claimed.

Considering a Better Way

While the cost-benefit is clear, the NHS’s attempt at a solution to the challenge seems as if it is making more work for themselves, especially when less manual and more accurate approaches exist.

Critics doubt the accuracy and cost-effectiveness of the NHS’s solution to a relatively straightforward problem. As Dr Maureen Baker, chairperson for the Royal College of GPs notably said in 2016: “It makes sense that lists are kept as accurate and up to date as possible – but methods for doing this must be properly risk-assessed, so that practices can be assured there are no patient safety implications.”

The NHS has obviously recognized the numerous benefits and importance of maintaining a list with the highest possible degree of accuracy, but failing to work with a data quality partner who understands proper list cleaning and maintenance has impeded, if not crippled, their efforts.

With the help of specialist list cleansing software and services, the NHS could avoid the need to write up to two letters to all these potential “ghosts”: they could effectively clean lists of deceased and goneaways and write to the new address for movers to check if they are now registered elsewhere. Readily available data from sources like Royal Mail, Equifax, and many more are already helping commercial organisations maintain updated databases and avoid regulatory and compliance fines.

With rising numbers of ghost patients and subsequent costs, it is confusing then why the NHS would continue conducting such an inefficient, inaccurate and laborious task.

The use of automatic suppression, change of address, and third-party deceased lists is well established across hundreds of industries across the UK and has been proven to save hundreds of millions in terms of revenue, productivity, operations, and customer experience.

In today’s digital age, the taxpayer is entitled to expect intelligent use of technology and data – and people who simply haven’t visited their GP for a while and still live within the catchment area are entitled to be kept on their doctor’s list!

uk election week

Suppression screening, terrorism and your vote

The election today and the aftermath of the appalling events at London Bridge and Borough Market have disrupted my momentum for writing about EU GDPR and what you need to know to get ready for next May 25th. I’m a frequent visitor to Borough Market and often walk across London Bridge, so like many others, this is the first time that terrorism has seemed so close to me.

Top of my mind this week is the news that the third mass murderer at London Bridge was an Italian/Moroccan whose name is apparently on the Schengen Information System – according to the BBC, “An Italian police source has confirmed to the BBC that Zaghba had been placed on a watch list, which is shared with many countries, including the UK.” Both the Westminster Bridge and London Bridge attacks were conducted using hired vehicles, the first a car and the second a van. Last month, the U.S. Transportation Security Administration announced that it wants truck rental agencies to be more vigilant in efforts to prevent these attacks and according to the same article, Penske (a nationwide truck leasing company in the US) screens customers using a watch list.

So, the first question that springs to my mind after London is “Should vehicle rental companies in Europe be screening customers against the Schengen list?” Obviously, not all such attacks are committed using hired vehicles, but many (if not most) are committed using hired or stolen vehicles – and stolen vehicles are likely to be on a police database with an active watch being kept out for them. The larger the vehicle, the more dangerous it is, the more likely it is to be able to crash through barriers and kill and maim people – and the more likely it is to be hired or stolen rather than owned.

The next question that rose to my mind was “Will the UK still have access to the Schengen list after Brexit?” Hopefully, however “hard” Brexit turns out to be, UK and EU negotiators will have cooperation on terrorism at the top of their list and such information will continue to be shared, so increasing systematic use of this data should be top of many people’s agendas.

Last, I worried whether the increased responsibilities for protection of personal data (and vastly increased fines) being introduced with GDPR next May will lead to companies putting their own interests first when it comes to (not) sharing information about suspicious persons with the authorities, or whether there need to be exemptions written into the guidance to ensure that individuals and organisations don’t get fined for breaches of GDPR through trying to do the right thing to help protect the public? I can ask this at next week’s techUK Data Protection Group, where one of the people developing the legislation and guidance from the Department for Culture, Media & Sport will be in attendance.

One other thought concerning data about people seems particularly relevant today – last Tuesday’s Telegraph “fears that thousands of postal ballots could have been sent out to voters who have died, putting their vote at risk of being used by somebody else”. Of course, speaking from personal experience, potentially a much bigger fraud could be all the residents of care homes, especially those with Alzheimer’s, being sent postal votes. Are additional precautions taken in checking that these votes are being filled in by the residents themselves? I know that in at least some cases, the postal vote addressee is not screened against the Power of Attorney registers. Given that GDPR obliges organisations to make sure the personal data that they keep is accurate and up-to-date, I wonder how the formula for fining an organisation 2-4% of global gross revenue under GDPR applies to a taxpayer-funded body such as a local authority!?