care.data: the creep begins

If there were ever any doubts that NHS England’s first care.data upload, planned for next March, is anything more than a toe in the door, recent developments should quash them. Speaking at the BCS Primary Health Care Specialist Group’s annual conference a couple of weeks ago, Geraint Lewis (Chief Data Officer at NHS England) said that the current data spec would not yield enough information to be of use to researchers. In other words, it’s going to need some significant expansion.

And now, recently-published minutes of the Information Advisory Group (IAG) show that before the programme has even started, the Health and Social Care Information Centre has already been back for more. In an addendum to the first care.data request, they have sought to expand the range of agencies with access to ‘potentially identifiable’ patient data. Currently this data is available to commissioning bodies. HSCIC now wants to include ‘research bodies, information intermediaries, companies, charities’… oh, and ‘others.

The IGA that accompanies the application provides the following caveat:

This information governance assessment of the addendum is not classified in the summary sheet as either identifying or non-identifying because no assessment is made, or can reliably be made, of all of the possible additional disclosures of data to the wide variety of recipients that could result from this proposal

Ah, so this is all a bit of a shot in the dark then.

The HSCIC’s application, which can be seen here, further suggests that they could avoid troubling the IAG further by in future deciding for themselves on a case-by-case basis who can have access.

The IAG has firmly knocked back the application and sent the HSCIC away to think about it. It’s worth reading the IAG minutes in full because underneath the specific issue of the care.data addendum, the small nuances in the wording reveal a welter of problems and irritations.