[if you are looking for opt out instructions, they’re on our how to opt out page]
The “pandemic-only” promise about uses of GP data has been torn up in favour of Biobank.
The Guardian then found the full patient-level NHS hospital data given to UK Biobank about its volunteers had been posted to the internet on several occasions – with signs of hundreds of instances of rule breaking and smaller breaches. UK Biobank insists that the NHS hospital records of their cohort are not personal data, despite The Guardian being able to reidentify individuals’ full hospital histories from other information in the dataset.
Why does this matter if you’re not one of the half million people in Biobank? It matters to you because the data leaked by UK Biobank is the same linked, patient-level NHS hospital data that is routinely sold (in full or in part) to hundreds of other organisations. And, even if you have opted out, your data is usually included.
If a UK Biobank volunteer can be identified in the Biobank file, as has now been proven, then you are at similar risk in the full file. The data UK Biobank lost included A&E visits – which includes clinical ‘codes’ that signify the full range of reasons why people end up in A&E through no fault of their own; experiences people may choose not to disclose to close friends or family. (Equally, some others may have posted details on Facebook…)
The risk isn’t that my next door neighbour can reidentify your next door neighbour, just as we have no idea when writing this who you are, let alone where you live. The risk is that your neighbour, your ‘friend’ or enemy, a fellow parent at your childs’ school – or someone you barely or don’t even know – will take what they already know about you and be able to learn everything in the rest of your health record.
“What they already know” doesn’t have to be published information. It can simply be things people know, or have heard; things people commonly share. NHS England will say they protect your kids’ dates of birth – but in the hospital data we are talking about, they do not protect the dates of the “maternity events” for their mother…
And it’s not that someone has to find your name in the dataset. (Indeed they won’t, because it shouldn’t be in there.) People interested in learning more about you already know your name – and perhaps they know the date of that one operation you disclosed to them, which is in the dataset. And then they can find out everything else about you from your ‘row’ in the dataset, including the treatments and care that you didn’t tell anyone else about.
When Wes Streeting talked publicly about his surgery, he didn’t waive all rights to privacy for his entire NHS record.
UK Biobank’s stated position is that he did, and that if you reveal or publish any information about your health then you (effectively) waive all privacy rights to everything in your record. Mr Streeting’s officials agree with UK Biobank – thereby not only blaming the victims, but demonstrating a catastrophic failure of decision making and assessment of risk.
People who choose not to accept that risk are told they can opt out of “Planning and Research”. Those opt outs should protect the people who opted out by making sure their data is not in those datasets – and help protect everyone else whose data remains, by increasing the uncertainty of data matches.
But DH/E’s policy is that, if they decide the “Planning and Research” opt out shouldn’t apply, they will simply ignore your opt out. And the official policy of blaming anyone who’s identified because they’ve told anyone else something about their health means that they will continue to blame victims for official actions.
DH’s position is simultaneously that “experts by experience” are important, and that they deserve no privacy from DH as a result of sharing that expertise. Mr Streeting is currently thinking about how to change that policy.
The opt out could do what people expect. Instead DH/E will once again try to tell patients that their expectations of confidentiality from the NHS are wrong.
Good research is vital, and its benefits are great – but if people are forced into having their data used over their objections then any mistake by any researcher or research project or research organisation could risk everyone’s reidentification. Everything about the new Health Data Research service will be affected by that decision, and dependent upon the actions of incumbents.
Those who chose to participate in UK Biobank chose that risk – according to Biobank – but Mr Streeting may force that risk onto you and your loved ones, because his staff think your data protection and other fundamental rights don’t apply to his Department.
The Guardian piece shows the risks and harms. Government policy may be to blame you when something goes wrong.
===
Find out what happens next: Sign up for our newsletter (we don’t email often) or get small frequent updates via Substack — free to follow, and we are grateful to all those who can donate to help more of this work.
Other new things:
The new Health Data Research Service could be good (but it might not be allowed to be)
with annexes (all combined into one file) for: