We introduced the concept of Data Usage Reports a year ago. Posting prototypes to officials unannounced led to a DH commitment for HSCIC to look at a roadmap for implementation.

3 weeks later, NHS England announced that they had done no work on implementing the care.data consent codes, and so transparency took a back seat to consent for most of the year. Not forgotten, not less important, just less urgent. Given that HSCIC only had 2 full time people working on either issue, this priority was clearly correct (although the hordes of staff digging care.data in deeper suggested a political allocation of resources).

As HSCIC moves towards an announcement on consent implementation in the new year (we have sent them some questions), it’s time to look at what we’ve learnt in a year of discussions about Data Usage Reports. Most of it is relatively dense detail, but the final section is the one missing piece.

It is necessary to close the Data Trust Deficit. The last year of work on Data Usage Reports, looking at all the details, shows this is entirely achievable, where there is political will.

Restating the Principle

You should have a complete knowledge of how individual level data about you has been used or disseminated. Any individual should be able to freely read the outcomes of those projects, the new research, the new knowledge, that they contributed to creating.

It’s that simple.
Continue reading →

The most important aspect of digital medical records is data flows along care pathways.  Despite all the political interest in care.data, and in secondary uses more widely, it is vital that clinically relevant medical information flows along care pathways where patients have not objected. It must be done consensually, safely, and transparently – and while the first two aspects of that considered in current implementations, they generally get stuck because there is no transparency in the system. Individual patient transparency should come via a data usage report, but that does not give the system an overarching view.

A systematic solution to transparency of the use of EHRs

For every organisation (or pathway, as relevant) that makes use of EHRs, there should be two figures added to NHS Choices:

• % of inbound patients that receive records via EHR
• % of outbound patients where records are sent via EHR

Created automatically off care provider systems, this should give a measure of how widely EHR transfer is used, rather than how often it could be used.
While a data usage report will tell an individual patient where their data has been used, this shows patients the level at which organisations are handing data off as patients move along care pathways.

Research is vital, and it is always unfortunate when any research project fails to deliver the promise in the funding proposal, irrespective of the reason. But railing against the custodian of the nation’s medical histories (BMJ 2015;351:h5087), the HSCIC, seems an odd choice if given any consideration.

The author’s institution was unable to give the assurances required that they were capable of looking after the data to the standard that the public expects. The standards have barely changed; what’s changed is that HSCIC has started checking the assurances more carefully – something it should have been doing all along.

Those necessary assurances are steered and delivered by institutions and supervisors on behalf of their students, not individual students themselves. It is not the students’ fault if their institution refuses to assure that it will take due care of 1 billion health events. And it is precisely the lack of verification of such assurances that sent 25 years of medical records to insurers, to marketers, and elsewhere.

Academia emerged with its reputation pretty much unscathed from the data debacles of 2014 and 2015. The high standards legitimate institutions expect of their researchers are one of the factors that justify the access to sensitive medical data, sometimes without consent, that academia is in a position to receive. Complaining that the standards are too high for your institution to agree to meet says more about the institution than the standards.

All research is important, but no single project – and no one institution – is more important than public confidence in all research. That is why a wide range of organisations support the “one strike” principle for abuse or misuse of medical records. With the Hospital Episode Statistics, i.e. linked, longitudinal medical records of the population for the past 30 years, every woman with 3 children is uniquely identifiable – and with 2 children that’s about 90% likely (quite literally, a birthday attack).

In the last week, the ICO has fined the UK’s largest internet pharmacy for selling NHS patient and customer details to spammers, quacks and charlatans, pushing “innovative treatments” and lottery scams (paragraphs 49, 51, 52). Those participating in the abuse of these records stand to make a great deal of money, and until there is a ban on marketing to patients that leads to jail time for these predators, there will continue to have to be deep scrutiny of every project, and every release.

The “promotion of health”, as undefined in the Care Act 2014, is a loophole so broad you could slip a Saatchi advertising hoarding through it, quacking.

The author’s experience is unfortunate. Both the researcher and their funder deserve a clear answer as to why their institution doesn’t provide them the infrastructure necessary for modern data-driven health research. But corners cannot be cut if patient confidence is to be maintained.

The care.data debacle includes lessons for many. While BMJ readers would always uphold the highest standards of Information Governance, readers may consider (former) colleagues who might – in similar or related circumstances – find themselves with a highly-cited paper, for all the wrong reasons?

HSCIC is the custodian of the nation’s medical histories. In making it available for legitimate research, it simply requires you fill in a form honestly. That shouldn’t be too high a bar*.

* Paragraph 62

-ENDS-

Excerpt from our last newsletter on the Saatchi/CHH bill:

medConfidential had some questions for Mr Heaton-Harris on the content of the draft Bill, and had a meeting with him last week. Our comments and suggestions arising from that meeting covered a ban on marketing to patients, Data Usage Reports (including our example of what one might look like) and an alternative approach that might deliver the policy intent of the Bill without creating another new database, or giving DH duplicates of powers it already has.

In practice, the ICO has a very simple test for fair processing:

Do data subjects know (i.e. have they been they fairly informed) what (processing of their data) you’re intending to do?

That’s it – is the organisation being completely honest?

If yes, that’s fair processing.

If no, that’s not “fair processing”.

It’s that simple. It’s not a high bar, and it’s not a complex bar.

If you end up in trouble, it’s because of surprises – you weren’t completely honest with the data subjects about what you were going to do.

With regard to fair processing, the ICO doesn’t make a distinction as to whether or not you should do something; it solely looks at whether you said you would. The ICO is often seen as facilitating data flows, because this test isn’t what people often seem to think it is.

The ICO considers itself to have one job in this regard, defined by the Data Protection Act, and that human rights are the remit of a Court. If someone is honest and informs you about using your data to breach your human rights, the ICO believes this is not a consideration for the data protection authorities. This may be an incomplete or incorrect reading of the law, but the current ICO has made its consideration.

In many controversial cases, organisations themselves – including the Government, Ministers, the NHS – all add additional requirements. These are not data protection constraints, they are moral constraints, they’re other legal constraints or they’re ‘ministerial gifts’ (e.g. the care.data opt out).

Remember, it’s only fair processing so long as what you tell people you’ll do matches what you actually do. (You can tell them you’ll do something and not do it – that’s still fair processing.)

When you want to do something new with data, if that wasn’t in the old rules, you need to tell people about the new rules. It is here that NHS England’s various data grabs have run into trouble, mainly because they don’t want to tell people quite what it is they want to do.

So in short, be completely honest.

No wonder the political machinations in the Department of Health and NHS England keep screwing it up…

P.S. Complaints about “fair processing” basically boil down to, “we don’t want to be honest with you”. Any fines simply show that you weren’t honest; one reason organisations get fined for losing data is because they’ve said that they won’t. If they didn’t say that, then losing your data mightn’t be a breach in those terms – but then no-one would do business with them. Which is why such promises get made in the first place.

NHS England and Rewired State recently ran a competition with a £30k prize fund for apps around obesity

We didn’t win a prize (they get announced next week), but http://simonsayswalk.com/ was our submission. 

“I know I should really go for a walk 3 times a week, but I’m just too busy…”

‘Middle-aged, managerial-class, overweight white man’ – let’s call him ‘David’ – knows he’s at risk of health complications from being overweight, he just doesn’t do anything about it for a host of legitimate reasons; he has meetings… he has dinners… he has an important job that puts many constraints on his time… he has a family with caring responsibilities…  (While we use a male example above, SimonSays:Walk is gender-indifferent)

This is not primarily an information problem amongst those who, over time, are likely to make disproportionate use of NHS services. SimonSays:Walk is designed to help people make a commitment; to schedule time to go for a walk.

Quite simply, SimonSays:Walk provides a ‘button’ people can press to add such a commitment to the calendar / electronic diary they already use (or which their personal assistant manages for them) on their smartphone, PC or tablet. Having made such a commitment, by reminding them and providing them with a simple map, SimonSays:Walk assists someone to get into the habit of taking regular walks.

The regular dates begin after a delayed start: the first appointment to walk will be scheduled two weeks ahead of the point at which someone first chooses to make a commitment. This will help make the decision to commit a bit easier – a decision with consequences two weeks in the future may be easier to make than one that imposes more immediate demands (this is, of course, testable) – and should help ease any diary issues / conflicts. It is also logical, on the basis that if someone decided to go for a walk today, a diary app wouldn’t be particularly helpful!

The use of the person’s existing electronic diary means appointments can be moved if necessary, and means that other people (e.g. personal assistant) with access to the person’s dairy can take account of other considerations and, hopefully, assist the individual to pick up the habit.

SimonSays:Walk is also ‘infinitely forgiving’; if you didn’t go for a walk today, there’s no shame other than that you impose on yourself – you can just go next time. (Someone else with access to your diary may be less forgiving, however!)

SimonSays:Walk does not aim to solve the whole problem of obesity; different people need different things. This tool is designed for those who are busy, and who use some form of electronic diary – though one need not necessarily be busy to make use of it.

In terms of functionality, if you are within a mile or so of an NHS pharmacy – which SimonSays:Walk  determines using open data from the NHS via data.gov.uk – it will suggest you may want to walk past it. We chose this particular function for a number of reasons: firstly, because NHS pharmacies tend to already have helpful information on display in their street-facing windows; and secondly, because those windows offer a low cost way to provide positive reinforcement for individuals who have engaged with the app, and also to promote (the goal of) SimonSaysWalk and the benefits of regular physical exercise more generally.

If the person is not that close to a pharmacy, there are probably nicer walks available. SimonSays:Walk suggests a direction and ‘walk radius’, not a specific route. Suggesting people walk through an industrial estate might not be sensible, or wise. In any case, it better for individuals – who are likely to know their immediate area better than an online tool – to make those decisions for themselves.

The simple premise of SimonSays:Walk is that it matters far less where you are, and exactly where you walk, than that you are sitting in a chair all day long. Any walk is better than no walk; this is about making it happen. When it’s in your diary that you use every day, you can make a commitment that it actually happens.

SimonSays:Walk adopts a privacy-preserving model – and using information and processes that people already use day-to-day – and tries to work with people’s lives, rather than trying to impose a major life change on them.

Once people become used to walking regularly, non-confidential phone calls, etc. could be done via mobile while going for a walk – or meetings could be scheduled about 25 minutes walk apart. We appreciate that in the UK, this would probably work better in the summer months.

If there is no GPS information available, e.g. from a non-location aware desktop browser, the map is centered on the pavement East of the Cenotaph, with a generic message about a walk.

People already have plenty of information that being overweight is bad for them; this is a tool to help them do something about it.

http://simonsayswalk.com/

No newsletter this month, so we thought we’d do a quick round-up on the blog of some things you may wish to read, “chillaxing” on a beach.

What difference does 10% make?

Dribs and drabs of information about care.data are beginning to leak out. Many may have missed the Minister for care.data, George Freeman MP, give a very carefully couched answer to Parliament about the number of patients who have opted out.

As you may recall, the last time anyone said anything to Parliament directly was when Kingsley Manning suggested “about a hundred” patients have been affected by NHS England’s ‘Type 2’ cockup. His follow-up written answer “actually it’s more like 700,000” was somewhat buried by being published in the run-up to the Election.

Mr Freeman, however, had the more difficult task of announcing a much bigger number – which he did by the time-honoured tradition of hiding behind percentages and ranges. Even so, his answer meant we had to update our own estimate to between 950,000 and 1.6 million.

We had increased our estimate based on an extraordinarily detailed series of FOI requests by Dr Neil Bhatia, which he very kindly shared with us (and others). Dr Bhatia’s figures showed that – while what Mr Freeman told Parliament was true in as far as it went – the picture was somewhat more complex, possibly even alarming.

Mr Freeman limited his comments to a range which he said “the majority fall between 0.5 – 2.5%” opt outs. Dr Bhatia’s figures show quite a number of practices with opt outs in the 4 – 6% range, running as high as 12% or even 14% in a handful of practices. And don’t forget, these are the pathfinders – the volunteers, the supposedly keen practices. No one has detailed figures from any urban areas yet, as NHS England is still struggling to recruit practices in Leeds.

Talking more about care.data (not just on a beach)

One thing that does need to massively improve is the way that care.data is talked about.

NHS England is still far too fond of hiding its dodgy commercial re-use ambitions behind the figleaf of research. At the recent “son of care.data” events – officially, NIB ‘Work Stream’ 2.2 – the only secondary use that NHS England really wanted to talk about was research; offering very little to those asking “What about the other uses?”, such as commissioning.

If you happen to be planning a discussion of care.data after the holidays, here are some thoughts we hope are useful.

There are some sensible discussions going on, and a number of positive developments we hope will be announced in the months immediately following the summer – not least HSCIC’s ‘fix’ for the yet-to-be honoured ‘Type 2’ (9Nu4) opt outs. There are several legal instruments in the pipeline: new Directions for the care.data pathfinders and patient objections; CAG Regulations establishing promised safeguards and sanctions, and closing “the promotion of health” loophole; and hopefully, “at the earliest opportunity”, primary legislation to put the National Data Guardian on a statutory footing.

Let’s hope NHS England reflects over the summer on how little its ‘head down, keep people in the dark and keep rolling at all costs’ approach has achieved over the past 18 months – except further eroding public trust – and starts meeting some of the many promises it has made.

NHS Improvement

You may have missed the quiet announcement, just before Jeremy Hunt went off on his holidays, that DH’s troubled arm’s-length body, Monitor, and the NHS “Trust Development Agency” (that’s Trust as in NHS Trusts) are to merge, under the new brand “NHS Improvement”.

When it comes to Monitor’s worldview on data, things can only get better; it seems to have been taking care.data as a handbook, rather than as a salutary lesson. So the new NHS Improvement may provide a springboard for a huge leap forward. Or backwards, depending on crucial choices that must be made. Will they follow NHS England’s past-its-sell-by-date worldview, or the best thinking and actions of the reformed and reforming HSCIC – and what about patients? We’ve pondered the potential…

Beyond this new merger, there are other areas that could be improved – not least the introduction of a data incident protocol aiming to provide patients in data crises with knowledge rather than media management, and to aspire to something more ethical than mere DPA-compliance. Also better consensual, safe and transparent sharing of medical records along care pathways, for patients’ direct care.

Use of data

With regard to the proper use of patient data, we’re still awaiting more details of what the high street pharmacies are looking to do with the Summary Care Record. Three were asked, two denied they were planning to abuse it. And our ‘old friends’ at PA Consulting have come out in their defence. (You may remember PA Consulting as the ones who made money uploading 25 years’-worth of our hospital data to Google, not to mention previous financial benefits from servicing the old Home Office ID cards scheme.)

One bright idea in the run-up to the Election by someone who probably hoped they’d never be responsible for implementing it – think mistakes like the Poll Tax – was to use people’s medical histories to deny them benefits. As we’ve discovered, sometimes “high level” political ideas interact badly on the ground; we wrote to David Cameron recently about just such an initiative, done in his name.

The Government gave the ‘employment problem’ to an Independent Review Panel, which currently has a consultation out. If you have a free moment, you may wish to respond to Question 7 (amongst others).

medConfidential is concerned that as DWP and HMRC are reengineered over the next 5 years, there’ll not only be more and more temptation, but a now practical ability to do similar things.

We would like to think that DWP and HMRC will take a decision that someone in the NHS is capable, though it seems to refuse to accept those same decisions when the professional outcome goes the other way. This type of discrepancy forms the basis for our draft submission to the Comprehensive Spending Review – if you have any comments, please e-mail them to coordinator@medconfidential.org

And finally…

In September, we’ll find out what happened when the deeply flawed Directions for the care.data pathfinders were considered by the HSCIC Board. If there were to be further delay, all the dates that NHS England has been announcing for the last month or more will have been misleading. Let’s hope NHS England didn’t screw anything up due to lack of consultation…

Phil’s on holiday for the next few weeks, so Sam’s really hoping NHS England doesn’t do anything catastrophically stupid before September. For that matter, NHS England probably is too…

We hope you enjoy your summer!
Sam and Phil