Hello again from medConfidential,
Given the upcoming general election on 4 July, we thought it might be helpful to give an update on what’s happened since our March newsletter, and to give a brief summary of the current ‘state of play’.
What just happened?
NHS England’s “Federated Data Platform” (FDP), running on the half-billion pound Palantir platform, went live with two national ‘dashboards’ in late March. NHSE officials say it is now being used for four such dashboards – none of which use individual-level patient data directly, at present.
Meanwhile, the Data Protection Impact Assessment for the FDP is being withheld by ‘the Department of Health in England’ (i.e. NHSE) because it is so controversial that its publication could affect the election. Statements made before launch that FDP would be used for direct care omitted to say that it would also be used for anything else…
Around the country, a number of NHS Trusts across England are continuing to use Palantir without telling their staff what to tell patients, or even what they are using it for. According to the Department of Health in England, you should be able to check if your hospital is one of them on this list – but as you will see if you click on the link, they’re keeping the membership of that list secret, so you have no way to know if your hospital is involved.
The Department of Health in England has also been doing a bunch of ‘public engagement’ work, to try to justify taking your choices away in future. Ignoring the ‘spin’, the first published results are in fact very damning: 21% of patients either strongly or slightly disagreed with the statement, “I trust the NHS to keep my patient data secure” (Table 2), for example – and two thirds said they wouldn’t want anyone who isn’t directly treating them to have access to their medical records (Figure 3). The numbers who are concerned that the NHS may sell their data to companies without their permission speak for themselves.
Digging further into the detail, Table 4 suggests that up to 11% of patients are not happy for the NHS to use their data for purposes beyond their direct care, a proportion which increases to over 25% if that means “work[ing] in partnership with companies” (Table 3). Meanwhile, when the ‘dashboard’ isn’t broken, official figures show that only just over 5% of patients have actually opted out. There’s clearly still a lot to do.
Published days after the election was announced, the Public Administration & Constitutional Affairs Committee’s report on Transforming the UK’s Evidence Base says, on page 35:
101. Although statisticians and researchers publish a wealth of information on which data sources they hold, and how they are used, very little information is made available about how personal data are being used for the purposes of government analysis.
102. We recommend that the analysis function explore options for improving transparency around the use of personal data in official analyses, and that this work be made publicly available.
We agree. And hopefully a new Government will do something about it.
The General Election
The best time to commit to transparency is early in a new Government of a new Party, when the legacy of toxic behaviours all belong to the previous Government.
Public and manifesto statements to date, however, show there is no substantive difference on uses and misuses of your health records between the two major parties. You should of course know how your medical records are used, but the government of the day will always prefer a quiet life…
Behind the scenes, the Conservatives have been lobbied by Palantir – and those lobbyists are led by a Labour Peer. Meanwhile, Labour’s ‘kingmaker’ at the Tony Blair Institute continues to receive funding from the runner-up for the FDP contract, Oracle. So whatever election spin you encounter, whether or not there will be any changes to your rights around confidentiality, consent, and non-care uses of your medical records is not the partisan issue you might think.
medConfidential will, of course, continue to keep a close eye on whoever wins.
In order of publication, the Liberal Democrat manifesto says they will be “’Protecting patient data and patients’ rights to opt out of data sharing”; the Conservative manifesto means continuing with the Palantir platform while widening (the risks via) ‘Pharmacy First’ and access to GP data; and the Labour manifesto hints at large changes to data policy, but offers no detail as to what they will be – beyond giving children identifiers that ‘follow them for life’ (remember ID cards?).
On one specific data item, Labour’s “data library” could perpetuate the calamity of contradictions in the outgoing Government’s “Integrated Data Service”, or it could enable commercial exploitation of data in secret, as desired by UK biobank and HDR UK. Or it could be closer to the safe and transparent approach of OpenSAFELY… as ever, the detail and execution matters.
Neither the Green Party nor Reform say anything specific on health data policy that affects the Department of Health in England. And if you would like some longer analyses, others have focused on data and health.
Whoever wins the election, the new Government is going to be doing more on data. Beyond health, and whatever its focus, central Government should copy the model of the NHS National Data Opt-Out – creating something like a ‘Data Preference Service’ for the (non-NHS) rest of Government; a single place to opt out once. (Outside government, that same model – akin to the Telephone Preference Service – would help reign in the secretive companies that make money selling data about you without your knowledge or consent.)
After the election, actions will speak much louder than words.
What’s next
Next comes the voting. We hope all candidates offer clarity on their own views, and we encourage you to vote however you think best for the future of the country.
We will still be here, whatever the result of the election – and whatever it is that the next Government wants to do to your medical records…
Just to confirm, as of this Bulletin, your current opt-out choices still boil down to this:
If you want to express your objection to your NHS data (“confidential patient information”) being used for purposes beyond your care, i.e. to opt out, you should use this paper form for your GP and post this paper form to Leeds Redditch for your kids and you.
(If you’re single and over 13 years old, this online page works only for you – and NHS England states that this opt-out will not apply to the Federated Data Platform, which rather undermines it as a so-called ‘National Data Opt-Out’…)
For other data flows around your direct care, you should ask your hospital doctors what your hospital currently does and what your choices are there.
Please note: in the current situation, your GP Data Opt-Out is just as crucial as your National Data Opt-Out.
As ever, as we learn more, we will let you know. Thank you for your support.
Phil Booth & Sam Smith
21st June 2024