How you gain if doctors can call up all your health records
https://www.straitstimes.com/opinion/how-you-gain-if-doctors-can-call-up-all-your-health-records
2026-01-14
By--- Teo Yik Ying is vice-president for global health and dean of the Saw Swee Hock School of Public Health at the National University of Singapore.
=====
It is the year 2029 and I am visiting my Healthier SG general practitioner (GP) for my annual check-up. The moment she opens my file on her screen, she sees that I have already completed a health screening the previous month arranged for all employees at my university. My weight, blood pressure, blood sugar and cholesterol levels were all within a healthy range.
When I mention a persistent pain in my knee, she notes that I recently had an MRI scan at a private specialist clinic. She can view my medication list and even the notes from the specialist I have been seeing.
The orthopaedic surgeon she refers me to at a public tertiary hospital calls up the same consolidated record, sees my scan results along with my past medical history, and is ready to decide on the next steps without unnecessary delays or repeated tests.
This seamless transition across GP, specialist clinic, imaging centre and public hospital is made possible because every licensed healthcare provider, whether public or private, contributes data to a central repository called the National Electronic Health Record (NEHR), as required by the Health Information Bill (HIB). In return, healthcare providers are allowed to access information in the NEHR to support patient care.
What’s behind the Bill?
To understand the motivation behind the HIB, we must view it through the broader vision of Healthier SG, which aims to transform Singapore’s healthcare system from one that is hospital-centred and episodic to one anchored in long-term relationships with primary care.
For this to work, health information cannot remain in institutional silos but must follow the patient across care settings: from GP clinics and polyclinics to specialist clinics, acute hospitals, community hospitals, licensed rehabilitation centres and long-term care facilities.
Singapore’s NEHR has existed since 2011, but participation by private providers has always been voluntary. As at October 2023, only about one in seven private institutions contributed any data at all.
This voluntary model meant that Singaporeans who used both public and private healthcare often ended up with fragmented records, with diagnoses, medications, lab results and imaging reports scattered across different clinics and hospitals.
It is therefore common for tests to be repeated simply because there is no easy way to confirm whether they were recently performed, or what the results were.
Medication errors can also occur due to incomplete or inaccurate medication histories, or when there is a breakdown in communication when transiting between care settings.
Under the HIB, submission of selected health information to the NEHR becomes a statutory requirement. All licensed healthcare providers under the Healthcare Services Act must contribute key data such as diagnoses, medications, allergies and lab and imaging reports.
The Bill also strengthens data governance, cybersecurity safeguards and standards on access and use. It introduces penalties for misuse, requires systems to meet cybersecurity standards and clarifies who may access a patient’s information and under what circumstances.
Privacy and sensitive information
Individuals retain control over access to their records, and may impose access restrictions that determine which healthcare institutions can access these records. These restrictions, however, apply only to access, and not to the mandatory contribution of information to the NEHR.
It is understandable that patients may feel uneasy about certain diagnoses being recorded, particularly conditions they consider sensitive or embarrassing, such as sexually transmitted infections or mental health conditions.
Such sensitive information is in fact double-locked, with an additional safeguard that attending physicians need to clear before they can see this information. In other words, sensitive health information that is sexual or psychiatric in nature is not easily visible.
More On This Topic
Your office could be Singapore’s next big health intervention
Singapore built a nation underpinned by public health, but new threats loom
The alternative – omitting such information entirely – can compromise care. A doctor treating an unrelated condition may unknowingly prescribe medication that interacts dangerously with existing treatment.
In emergencies, withheld information can delay or misdirect care. When a patient is unconscious, confused or unable to communicate, immediate access to allergies, chronic conditions, current medications, recent procedures and critical test results can be lifesaving, allowing emergency teams to make faster and safer decisions.
Importantly, access to NEHR data is limited strictly to care-related purposes. The HIB explicitly prohibits its use for employment screening, insurance underwriting or premium setting. As such, a patient’s health record cannot legally be accessed to judge employability or insurability.
Just as important, access is not universal across all licensed healthcare providers. Access is role-based and limited to the specific data fields necessary for the care being delivered. As a result, a nurse and a dietitian may see different information in the NEHR, depending on their clinical responsibilities.
While patients retain the right to impose access restrictions and can do so via HealthHub, this is ultimately an informed choice. On balance, I believe patients should be encouraged to allow access, as the safety, continuity and convenience of a unified record outweigh the perceived risks, especially when safeguards are robust and enforceable.
Countries such as Denmark, Estonia, and the United Kingdom, which place a high premium on privacy, have nonetheless implemented national health records with strong access controls, audit trails and penalties for misuse. Their experience demonstrates that privacy and integration need not be mutually exclusive.
What does it mean for doctors?
For clinicians, integrated records promise better continuity of care, but can also raise legitimate medico-legal concerns. If a centralised record exists, will doctors be expected to review every page for every consultation? Will missing a detail be construed as negligence?
These fears are understandable, but they can also be addressed.
The NEHR must always be seen as a supplementary tool rather than a replacement for standard medical practice. Doctors are not expected to exhaustively review all historical data for every encounter with a patient, but to make reasonable use of information relevant to the clinical context.
A GP treating an upper respiratory infection, for example, is not obliged to trawl through years of orthopaedic notes. Conversely, checking allergy history or current medications before prescribing would reasonably be expected.
Crucially, reasonable use does not mean doctors must call up previous physicians to clarify every unclear note. Clinical judgment remains paramount, and where information is unclear, doctors continue to rely on history-taking, examination and appropriate investigations just as they do today.
In this regard, the Ministry of Health’s (MOH) published guidelines on what constitutes “reasonable use” of the NEHR is critical. The guidelines provide reassurance that the presence of NEHR does not automatically raise the legal standard of care in an unrealistic way.
This clarity protects both patients and providers: patients benefit from integrated data, while providers can practise confidently without fear of unfair liability. It also reduces the risk of defensive medicine, which ironically drives unnecessary tests, referrals and healthcare utilisation.
More On This Topic
New law proposed to mandate sharing patients’ info among healthcare providers
1.3 million enrolled in Healthier SG, more urged to sign up
Burden on private GPs
Another concern is the operational burden on private GPs and smaller specialist clinics, particularly those still using paper-based systems. Transitioning requires digitising records, implementing secure platforms, training staff and redesigning workflows.
This is undeniably challenging, and may pose an existential challenge for some.
However, nearly all public institutions and large private groups, including Healthway Medical, Raffles Medical and Parkway Shenton, are already NEHR-ready. For smaller practices, MOH has committed transitional support, including training packages and a whitelist of compliant systems, to help clinics modernise and digitalise their operations.
What warrants close attention is the risk of opportunistic behaviour by cybersecurity vendors who may exploit uncertainty through fear-based marketing, pushing clinics to adopt costly and unnecessary infrastructure. That is why the minimum requirements for cybersecurity and digital standards, together with an authoritative list of approved systems and vendors, must be clearly articulated. This will prevent over-compliance and keep the transition viable and affordable.
To be clear, the intent is not to abruptly force clinics out of practice, but instead, to raise essential digital standards across the sector. Over time, participation in a modern healthcare system will increasingly require digital interoperability, just as how electronic billing and licensing systems are now the norm.
For a country like Singapore, progress in digital health cannot be indefinitely delayed to accommodate a shrinking minority of holdouts. Otherwise, it is patients who ultimately bear the cost of fragmented care.
Guarding against misuse and data breaches
Any centralised electronic data system carries risk, and the HIB explicitly addresses two categories of risks.
The first is external cybersecurity threats posed by rogue actors, hackers or international cyber criminals targeting the database for mass data theft or ransom.
The HIB therefore requires providers to meet essential cybersecurity and data-security standards, and MOH has committed support to help clinics upgrade their systems.
The second risk comes from within, through unauthorised access or misuse by individuals with legitimate credentials. The HIB draws a firm line here: access is strictly limited to care-related purposes, backed by audit trails and penalties for abuse.
Towards an intelligent health future
Beyond immediate clinical benefits, a unified national health record is foundational for the next phase of healthcare innovation.
Hospitals such as the National University Hospital and Singapore General Hospital already use AI-enabled tools to support the tedious task of clinical note-taking. With integrated records, these tools can evolve into real-time decision support, flagging potential missed diagnoses, identifying dangerous drug interactions or prompting follow-up on abnormal findings.
These applications may sound futuristic, but they are in fact already in use in parts of Europe, North America and China.
The HIB lays the foundations for a health system that is integrated, data-guided and future-ready. Mandating the sharing of essential health information, while strengthening safeguards, gives Singapore the unified data backbone it has long lacked.
Gaps remain in this first iteration, such as the exclusion of non-laboratory measurements like body mass index (BMI) or blood pressure readings from corporate screenings. But this is nevertheless an important start, and the system can be refined over time.
Singapore has already invested heavily in precision-guided health strategies, longitudinal monitoring and smarter resource allocation across the three health clusters. A fully integrated NEHR is the missing link to allow these investments to reach their full potential, especially across the different care services in the private sector.
In a society that is ageing rapidly and managing increasingly complex care needs, we cannot afford to let health information remain fragmented. The Health Information Bill is the crucial step that ensures it won’t.
Teo Yik Ying is vice-president for global health and dean of the Saw Swee Hock School of Public Health at the National University of Singapore.
More On This Topic
All healthcare service providers must contribute and share patients’ key health information
GPs upgrading to smart clinic management systems for Healthier SG
Posts
No comments:
Post a Comment