The standard letter points out that the government is asking GPs to transfer medical data without patients’ individual consent, against BMA policy. “I do not believe that such a large database, with so many staff users, can be regarded as secure,” it continues, and quotes 93C3, a special code which records the patient’s refusal to consent to the national shared electronic record.

Helen Wilkinson, founder of TheBigOptOut.org campaign which hosts the letter, says interest has picked up since the HM Revenue and Customs disaster, although the letter was first uploaded in November 2006. Following that, the Department of Health told NHS trusts to send personal data encrypted and by courier. “In the past, we can assume it was sent unencrypted and by normal post,” she said.

Wilkinson added that 400 000 people working with the health service, including staff at chemists, already have access to the existing NHS Personal Demographic Service, which includes names and addresses in addition to ex-directory numbers and next of kin. As the system is not publicised, she believes this puts at risk victims of domestic violence and others with a need for privacy. People can opt-out only if police or social services request it.

During the Christmas holidays, nine English NHS trusts admitted they had lost personal data on patients. The Department of Health said it did not have figures on how many patients were affected, but the Sunday Mirror newspaper reported that London’s City and Hackney primary care trust lost a CD holding the names and addresses of 160 000 children.

The other trusts reporting breaches were Bolton Royal Hospital, Sutton and Merton, Sefton Merseyside, Mid-Essex Care Trust, Norfolk and Norwich, Gloucester Partnership Foundation Trust, Maidstone and Tunbridge Wells – which suffered two such incidents – and East and North Hertfordshire.