Author Archives: Phil

Discussing the impacts of care.data; some thoughts for Health Conference organisers

With care.data trying to get underway again, we expect to see NHS England on the conference circuit, talking about how this time they’ve got it perfectly right.

Unfortunately, with several significant – indeed fundamental – problems as yet unresolved, such a line suggests that (while HSCIC may soon be in a position to provide a fix for one of the most egregious consent screw-ups of the entire programme thus far) NHS England itself still hasn’t learnt the lessons.

So, if you’re running an event where care.data is going to be a topic – and for the next year, we reckon there should be at least one such session at every conference that wants to be taken seriously by either the public or the profession – medConfidential suggests that, rather than providing a platform for a casuistic monologue from NHS England, care.data-related sessions should take the form of a panel.

A useful panel would probably include at least 3 representatives drawn from these different groups:

  • A GP, psychiatrist or other Registered medical practitioner;
  • A patient representative (not someone funded or employed by a DH body);
  • A research advocate (not currently employed by a DH body);
  • A commercial company that sells products or services based on NHS medical records;
  • A human rights advocate* (not someone funded or employed by a DH body);
  • NHS England (not HSCIC, who can only speak to particular things);
  • And, if it is a local meeting, a representative of the CCG.

*Please note, medConfidential is not angling for an invitation – though we are always happy to provide a speaker, where we can. There are many great people who understand the fundamental necessities of patient privacy / confidentiality and consent.

Conference organisers should take particular care to ensure that DH Arm’s-Length Body staff aren’t banging the drum for the Department line, while claiming to represent research.

The only way to prevent a repeat of the previous care.data debacles is for people to fully appreciate the diverse views and motivations of the various “stakeholders”. The story of care.data from its suspension in February 2014 to the pathfinder ‘relaunch’ in late 2015 (or beyond) has been characterised by various stakeholders talking to each other – mostly quite sensibly – until NHS England had to ‘join the consensus’, having ignored it for over a year.

It would be a disservice to your audience and to your event to allow NHS England to preserve silos that allow it to pretend areas of controversy do not (still) exist.

medConfidential does not seek unanimity of views; we seek a properly-engaged discussion, fully representing the diversity of perspectives from which a solution can be drawn.

As Phil has said, following a panel discussion at the 2015 Sowerby eHealth Symposium, until patients and doctors, commissioning, research, and commercial (re)users are all in the same room, everyone will be talking past each other.

If they’re ‘appy and you’re worried clap your hands…

medConfidential mostly works on issues to do with confidentiality and consent around what the NHS (and wider care system) do with your data beyond your direct care; what are called ‘secondary uses’.

However, the world of ‘health-enabled’ smartphones has slipped into almost everyone’s pocket, and the NHS is beginning to notice. Unfortunately, NHS England is starting from its usual cultural assumption that it can do things by dictat, ignoring the rules – even ones it made up – if they prove less than convenient.

Health apps are quite different to most of what the NHS does; in many ways they are more like a pharmacy than a hospital. Apps are something that patients do for themselves – possibly with professional advice, possibly without. Apps are done by patients, not something the doctor or the system does to, or for, the patient.

Apps are the rough equivalent of a prescription, in that it’s up to patients themselves to ‘take the pills’. Apps are not some sort of “machine doctors” that NHS England can bend to its will. (It rarely turns out well when NHS England tries to do this, but that doesn’t stop it trying again and again and again.)

For the main part, apps exist between a patient and a third party without a medical consent relationship. The Terms and Conditions of some (should you read them) set you up to have your data exploited and sold on – quite legally, under the contract you signed up to when you installed the app and gave it permissions – in ways even Pharmacy2U would never dream of.

Unfortunately, compliance with the Data Protection Act – a legal minimum – offers nothing like the standards of ethics and confidentiality you should expect for your medical records. And consent in the ‘planet of the apps‘ is merely a tick box, or a flick of the finger.

That’s not to say that app providers can’t do “mass participation surveys” properly, ethically and in ways impossible by other means. Some certainly do. It’s just that – as with all innovative but immature markets – there needs to be guidance, and proper oversight, to help members of the public distinguish between legitimate research and profit-seeking charlatans.

Requirements

In a future NHS world, if an app had access to an individual’s details and offered services which could receive that individual’s consent settings from the Spine, then their existing consent choices could, in principle, be honoured (though whether widening access to NHS Spine is a good idea or not is a subject for another blog post). What’s for certain now, though, is that app screw-ups and scams will continue until consent improves.

Most health apps don’t and will not connect to anything in the NHS, other than maybe allowing a patient to e-mail a standardised report to somewhere. In the Apple ecosystem, where health apps have to write data to the protected ‘HealthKit repository’, it’s at least possible that the 4 UK GP IT providers could handle reading and integration of your data with NHS systems, under the control of the patient. [UPDATE 7/8/15: EMIS already does something along these lines – thanks to @theABB for screenshots.] So building something useful doesn’t necessarily require dealing with the idiosyncrasies of the Directorate of Patients and Information at NHS England.

The NHS ‘Health Apps Library’ right now is in a mess. The positive intention may have been to help patients navigate shark-infested waters, the reality in some cases is more like being left up a creek without a paddle.

To be included in the NHS Apps Library, there must be far tighter restrictions on data transfer, sale and exploitation – burying a statement somewhere on page 97 of the terms of use, because “this is part of our business model”, may suffice for the Android Play Store and the Information Commissioner – it cannot be sufficient for an endorsement by the NHS.

If an app is able to connect to the NHS infrastructure, it must honour the consent settings available to whatever NHS service it connects to – which includes providing a complete, patient-accessible audit trail. The vast majority of apps will not be connected, so they must proactively request consent – with informed opt-in (not opt-out) for any and all data transfers to third parties, and a separate opt-in for any sale of data.

In fact, good apps should probably follow Apple’s lead or equivalents that are beginning to emerge in other places: health data stays in a locked silo on your device, in your control, and all transfers and processing must honour your wishes. If you claim to be doing research, and you want to use the NHS brand, then your project must have received ethics approval.

When you walk into a pharmacy, if you look, there’s a sign which tells you the name and registration number of the professional currently responsible for dispensing from that pharmacy. On the page for each app in the NHS Apps Library, the equivalent information should be visible: who is responsible for the quality of this app? NHS England may decide the answer “no-one” is OK as an answer – but patients deserve to know that.

If all these and the existing – and emerging – criteria for apps are not met, NHS England’s Apps Library (which sits on MPA Red-rated NHS Choices) will simply accelerate the race to the bottom for predatory data sale, and public confidence in its recommendations will collapse. Again.

You would hope by now that NHS England has been “listening” and learning enough to realise the very real risks of jumping feet-first into a “visionary” programme; there’s a lot at stake, but it’s your medical data they’re gambling with.

care.data missing documents

“The care.data programme has yet to routinely publish agendas, minutes, highlight reports and finalised papers which arise from the care.data Programme Board, something which other programmes, such as NHSmail do routinely. The publication of papers will increase confidence in the programme by demonstrating progress and good governance.”

– HSCIC, November 2014, ‘Background to the decision to publish

And yet: [update see below]

  1. Missing: Video of care.data Advisory Group public meeting in London (our copy)
  2. Missing: Video of care.data Advisory Group public meeting in Manchester (our copy)
  3. Missing: January 2014* care.data Programme Board meeting – all documents
  4. Missing: February 2014 care.data Programme Board meeting – all documents
  5. Missing: March 2014 care.data Programme Board meeting – all documents
  6. Missing: April 2014 care.data Programme Board meeting – all documents
  7. Missing: May 2014 care.data Programme Board meeting – all documents
  8. Missing: June 2014 care.data Programme Board meeting – all documents
  9. Missing: July 2014 care.data Programme Board meeting – all documents
  10. Missing: August 2014 care.data Programme Board meeting – all documents
  11. Missing: September 2014 care.data Programme Board meeting – agenda and papers
  12. Missing: January 2015 care.data Programme Board meeting – all documents
  13. Missing: February 2015 care.data Programme Board meeting – all documents
  14. Missing: March 2015 care.data Programme Board meeting – all documents
  15. Missing: April 2015 care.data Programme Board meeting – all documents
  16. Missing: May 2015 care.data Programme Board meeting – all documents
  17. Missing: June 2015 care.data Programme Board meeting – agenda and papers
  18. Missing: July 2015 care.data Programme Board meeting – agenda
  19. Missing: Freedom of Information Act requests for the above – October 2014 Request
  20. Missing: Freedom of Information Act requests about the above – May 2015 Request
  21. Missing: Letter from care.data SRO and Chair of Programme Board, Tim Kelsey, to medConfidential – should be published with June care.data Advisory Group notes, following 24th July meeting.

“This is the most transparent programme I’ve ever worked on”

*We have listed only those papers missing from 2014 onwards, but a care.data Programme Board must have existed for some while before January 2014, given the first application to extract patient data was made (and knocked back by the now-abolished GPES IAG) in February 2013.

 

Update 14/August: A seemingly incomplete dump of documents has now been published and has been collated here pending review:

[PRESS RELEASE] Prime Minister’s secret data trawl through your GP appointments

A letter from a senior NHS England official [1] to EMIS, the UK’s dominant provider of software to GP practices across England [2], reveals plans to extract details of millions of patients’ GP appointments within the next few months [3].

The letter, which claims “backing from the most senior levels of Government including ministers”, seeks the assistance of GP IT providers “to obtain extracts of de-identified patient level data from systems that either record appointments or record consultations or in some cases both.

Approaching the IT providers to extract patient-level data rather than GPs themselves is a serious breach of medical confidentiality – let alone data protection. GPs are the ‘data controller’ for the records they hold, not the companies they choose and pay to provide software, and it is GPs who have a professional and ethical duty of confidence to their patients.

A statement from NHS England makes the bizarre assertion that details including the date, time, “type of professional” and “Reason” for each appointment, linked to the sex, year of birth and postcode sector of each patient [4] aren’t “personal” – and potentially highly sensitive.

The “specification of requirements” also makes it clear the data extraction will not be a one-off; NHS England wants appointment data from the past two years and continually into the future, for purposes that could change with the political interests of the Prime Minister.

Phil Booth, coordinator of medConfidential, said:

“If NHS England thinks a complete list of when and how often you visit the doctor, and who it is that you see, isn’t personal information then maybe someone involved should have gone to medical school, rather than politics school.

“With this letter, NHS England has shown it’ll prioritise political motivations over patient trust. It quite evidently thinks it’s above the law when it comes to the protections around patient data. And it’s intentions are clear: route around doctors and patients, trample on every rule of confidentiality, and collect it all.”

Notes for Editors:

1) As reported in http://www.dailymail.co.uk/news/article-3168803/Privacy-storm-GP-visits-No10-demands-details-millions-confidential-appointments.html The official identifies herself as “Programme Director for Prime Minister’s Challenge Fund Digital Team” and “Head of Digital Primary Care Development”.

2) medConfidential presumes a version of the letter was sent to each of the other GP IT providers as well – TPP, INPS and Microtest. It would be extraordinarily anticompetitive were EMIS the only supplier to have been approached.

3) The letter states, “This extract needs to be in place by September 2015”.

4) A “specification of requirements” attached to the letter lists 38 items or fields of data to be extracted – including the date, time, duration, “type of appointment”, “type of professional” and “Reason” for each appointment, linked by means of a “Patient ID” to the sex, year of birth and postcode sector of each patient. This appears to conflict with NHS England’s statement:

It is crucial not to misunderstand what is being proposed. We are not talking about individual personal information in this letter. What we are referring to is overall statistics for GP surgeries on issues such as total numbers of appointments. Practices have asked us if we could secure more help from the system suppliers in auditing their data so as to reduce their costs and workload. Such information is clearly needed to ensure the £125 million is wisely invested through the Prime Minister’s GP Access Fund. To repeat, there is no question whatsoever of patients’ personal information being shared.

 

medConfidential campaigns for confidentiality and consent in health and social care, seeking to ensure that every flow of data into, across and out of the NHS and care system is consensual, safe and transparent. Founded in January 2013, medConfidential is an independent, non-partisan organisation working with patients and medics, service users and care professionals.

For further information or for immediate or future interview, please contact Phil Booth, coordinator of medConfidential, on 07974 230 839 or phil@medconfidential.org

medConfidential Bulletin, 18 July 2015

Are YOU their guinea-pig?

NHS England has finally allowed the lists of chaos.data pathfinder practices to be published. We are unsurprised that in one of the Leeds CCGs, only two GP practices have signed up.

medConfidential has been asking since last October for this information to be published, so that people can know if they and their family are to be guinea-pigs for ‘care.data round 3’. Some patients may also have questions as to why they have been volunteered in this way – so might some GPs – and we hope those supporting this mess have some sensible answers. (The boilerplate from NHS England hasn’t changed much, and isn’t very convincing.)

Now at least, patients who do have concerns can know that they need to make a choice very shortly about whether they trust a scheme that, 18 months after its last attempt, has still not honoured the opt-outs of over a million patients – a fact that NHS England is wilfully ignoring as it tries to push ahead with its still-flawed Directions for the care.data ‘pathfinder phase’.

HSCIC upgrades DAAG

As the now-statutory Confidentiality Advisory Group at the HRA is recruiting new experts, meanwhile, at the Information Centre (HSCIC), there have also been some changes.

HSCIC has listened hard, and apparently learned, and is currently consulting on a replacement for the Data Access Advisory Group (DAAG) which performed so poorly in previous years. The interim DAAG, which is operating at present, foreshadows a much more transparent, independent advisory group for the “release” of data which will be called IGARD.

You can check for yourself what the interim DAAG is doing as – unlike, for example, the care.data Programme Board – they publish their minutes and recommendations in a timely fashion on their webpage. The IGARD proposal is by no means perfect, so we have published medConfidential’s response to the consultation so you can see what we think – and maybe respond yourself. For your information, audits of commercial re-users of your medical records have begun to be published as well.

However the new IGARD will only consider dissemination of patient data, i.e. who gets to use it. The body that will now decide what data is extracted or ‘collected’ from your GP record – and the systems of every other care provider across the NHS – is a sub-committee of the National Information Board; a group called the Standardisation Committee for Care Information (SCCI).

But Who Collects What?

As you will see if you click on the link above, there’s a BIG problem with this; SCCI is not independent. Indeed, it is comprised of the very bodies that are some of the biggest ‘customers’ for data – and it has no equivalent properly transparent, independent advisory function to replace what GPES IAG, the Independent Advisory Group for the GP Extraction Service, used to do.

We say “used to do” because GPES IAG was abolished on 30 June. The one single body that stood up to care.data; the single independent group that pointed out serious problems with the multiple applications that NHS England submitted on care.data. Gone.

So the decision to suck up your data will from now on be taken by a sub-committee of the National Information Board (NIB, chaired by Tim Kelsey) which has just published a slew of ‘roadmaps’ for what it wants to do with your data in the coming years.

There is no sign of a consultation on SCCI, matching the current one for IGARD, and we strongly suspect we won’t see one – because Mr Kelsey and NHS England would far rather keep what they are doing with your data hidden from view.

Southend: “pioneering” intrusion & ignoring consent?

Elsewhere in the country, we are tracking and taking action on a number of ‘mini-care.datas’ – most urgently one in Southend, which we were compelled to report to the Information Commissioner’s Office (ICO) when a patient informed us that their GP had said that their existing opt-out would be ignored by Southend’s new “pioneer” scheme. The scheme apparently aims to use identifiable data from people’s GP-held medical records and other places to identify “high cost” patients, amongst other things.

NHS England is keeping the ICO busy with all its shenanigans; we have outstanding complaints on the million people’s (‘Type 2’ / 9Nu4) opt-outs from 2014 that have yet to be honoured, and have asked for a number of investigations – including flows of data that should be prevented by the ‘Type 1’ / 9Nu0 opt-out, but which don’t appear to be. And, of course, our Pharmacy2U complaint continues to work its way through the process.

What’s next?

Back in April/May, we spotted some serious problems with some of the ‘apps’ in the NHS Health Apps Library. We fed back using the forms provided, but heard nothing until the Major Projects Authority published its Annual Review in late June, which revealed all sorts of problems, and at which point two of the apps were silently removed.

We still have significant concerns about apps that are continuing to be endorsed in the Library right now, and have written to NHS England’s Caldicott Guardian to see what he will do about it.

For the first time, we have had a formal, substantive written reply from NHS England directly addressing concerns we raised in the care.data Advisory Group, on which we sit. We expect the reply to be published shortly. While some of the approaches NHS England has taken are only in its own interests, there is for the first time some extreme clarity and even some seemingly good news in parts.

What you can do?

Following the recent publication of the NIB’s “Personalised Health and Care 2020” Work Streams, a number of public events are being held around the country. medConfidential is attending as many (other) Work Stream meetings as we can cover, so if anyone did feel inclined to go along to one of these – and let us know how it went – we’d be most grateful:

  • MANCHESTER Tuesday, 21 July 2015, 10:00 – 15:30
  • BRISTOL Friday, 24 July 2015, 10:00 – 15:30
  • READING Tuesday, 28 July 2015, 10:00 – 15:30

(The first meeting in Sheffield happened earlier this week.)

In other news, we are very happy to report that medConfidential has been awarded a grant from the Joseph Rowntree Reform Trust Ltd, to help continue our work to defend the confidentiality and rights of the 900,000 – 1,600,000 people who have not had their opt-outs honoured – and, of course, everyone else as well.

We still need your help to ensure that every flow of patient data is made consensual, safe and transparent; it’s a mammoth task, of which care.data is just one component, so your support – including the information that many of you provide to us – is greatly appreciated. Thank you.





It’s shaping up to be a busy September. Phil is trying to persuade Sam to buy some (cheap-ish) ads outside NHS England’s office, but hasn’t had much success. What do you think should be on them?

Enjoy your summer; we’ll still be here.

Phil Booth and Sam Smith
medConfidential

18th July 2015

medConfidential response to “If you don’t share data…”

At a conference a few weeks ago, NHS England admitted it still had to “make the case to a large enough number of people that sharing data is fundamental”, as it insists this will (amongst other things, eventually) help the health service identify areas of good practice and reduce variation in quality of care. “If we can’t make the case for that then we will be in a very difficult situation,” said Tim Kelsey.

The crude assertion is this: if we don’t “share” your individual data, diseases won’t get cured, they can’t run the NHS, terrorists will win, and you may suffer directly. The rhetoric is largely the same, the projects vary only a little. But maybe there’s an alternative, which is to give people a choice and actually ask them about what you’re planning to do? (A decade or more of evidence shows this works, e.g. for ethically-approved research using medical records.)

So what’s the justification?

DH’s long-awaited response to its “Accredited Safe Havens” consultation on where “shared” data can go, will likely have to address comments from local authorities, some of whom feel morally obliged to take detailed individual-level data from the medical records of people in their area, to “share” with the social landlords, ‘just in case’ someone isn’t claiming a benefit they could.

That ‘initiatives’ like this may make some people’s (most likely bureaucrats’) lives easier is probably true – it’s easier to run a system if you never actually have to talk to the people using it. But the distress and harm that will come to someone who’d made an active choice not to reveal information which could have negative side effects, or when the wrong information gets used (and experience tells us no system is perfect) will most certainly not occur to those receiving the data; the impact will be on those to whose lives the information relates.

The same false comparison keeps being drawn by proponents of the institutional need for data sharing – transparent in their envy of what the commercial sector ‘gets away with’. People seem happy to “give” their data to Sainsbury’s or Facebook, they say – so why not some public authority?

Of course, no state actor would ever act against an individual’s wishes or best interests

Being a public servant means serving all of the public, including those you casually write off as “teenagers” – not just those that happen to agree with you. Sainsbury’s understands this, and its equivalence in a commercial context. Stores could refuse to serve individuals who don’t use their ‘loyalty’ cards, but they don’t. They recognise and (by and large) claim to respect individuals’ choices about which transactions they make using the loyalty card, and which ones they don’t.

The fact that this comparison is drawn time and again – most often out of naive misconception rather than any deliberate intent to mislead – shows a worryingly blinkered lack of appreciation for the fact that a supermarket can’t evict you from your home. It can’t can’t cut off your social security financial lifeline, attach your earnings, deny you medical treatment, restrict your movements, exercise powers of entry, or detain you at Her Majesty’s pleasure.

And were Tesco, for example, to do something to annoy you, there are a whole range of other supermarkets (ditto social networks, etc.) available – a choice that simply doesn’t apply in the public sector.

Misplaced priorities

For NHS England to claim that without the “sharing” of bulk personal datasets, it won’t know which hospitals to close, may prove to be an exceptionally risky strategy. But, as we have seen, NHS England’s priorities can be utterly unconnected to the wishes of local communities. The credulous assumption that “NHS England knows best” didn’t work out too well for care.data; it is unlikely to work much better on any other issue. Especially those that are already publicly contentious.

Mass “sharing” – though a better word might be transfer, or traffic, or trade – of bulk personal datasets between bodies and organisations includes very little scope for individual choice. (At least not yet). And it’s often the case that entrenched departmental and institutional egos are unlikely to respect – or trust – each other anyway.

So when patients are handed from Hospital into Social Care, they may be assessed for which services they will need and when by the NHS. But when they are ‘received’ by the Social Care system, the first thing that happens is a re-evaluation – and often a large downgrade in support – because the Social Care process (which cares about £££) doesn’t trust the NHS process (which cares about care).

If egotistical fiefdoms already don’t trust each other’s judgement and already won’t talk to each other, what makes you think more data will help? It’ll just be more stuff that gets ignored whenever it’s not in the direct interests of whoever looks at it, and abused whenever that serves a(nother) purpose.

A problem of trust

One of the features of Gov.UK Verify – the Government’s approved ‘identity assurance’ scheme – is the concept of “attribute exchange”. If there was genuine trust in the system, when a registered medical provider had given an individual an attribute – in essence a digital token, or certificate – that relates to disability, the DWP would simply honour it.

Will it? Or will DWP insist that it must “revalidate” the person, at great time and expense (for the person, for DWP and ultimately for the taxpayer) but under their control? What about the local council trusting the NHS? Or even NHS bodies creating a basis to trust other NHS bodies?

Until trust within and between the silos is discussed and resolved, departments and bodies will continue to hoard bulk personal datasets in their own narrow bureaucratic interests, rather than in the interest of the individual.

Culture-change doesn’t happen overnight. And it certainly doesn’t happen if what’s imposed from the top, and modelled by so-called leaders, is some of the worst possible behaviour. So, unfortunately, it would seem that the point at which all of the various bureaucracies are themselves respecting (and being trusted to respect) individuals and their data is probably quite a way off.

But bodies that want to establish their trustworthiness, and to help individuals, can do something very simple: don’t start with a data grab.

Less about data, more about quality

The quality of a hospital does not necessarily relate to the individual, detailed medical records of each patient. That may be how Dr Foster designed its business, but it certainly doesn’t have to be the case.

In a system that has integrity, the data that should be openly published is aggregated counts of volumes and outcomes at relevant point along a pathway or across an institution – measuring that which is important. There are many metrics that should be used to determine the quality of a hospital; the obsessive prioritisation of a single metric (as with political target-setting) leads inevitably to ‘gaming’ of the statistics or, even worse, bending the service out of shape.

If what must be published are multiple, diverse (data-driven, but aggregate) standards, then the easiest way to improve your standing – to change your metrics – is not to hire consultants to help you massage your statistics, but to actually provide better care.

Scaremongering and coercion

Telling people that if they opt out of your open-ended ‘secondary uses’ database, their direct care may be affected and they may not be called for vital screening is both dishonest and malicious; quite possibly, abuse of public office. It’s certainly scaremongering worthy of the worst kind of institutional bureaucracy.

That the million or more patients who opted out at the beginning of 2014 are being told mid-way through 2015 that their opt-outs can’t be honoured because – applying the strictest possible interpretation of some technical wording few patients ever saw – this would break the promise that their care wouldn’t be affected was all entirely avoidable.

NHE England made and then failed to correct its own error (probably due to a failure to fully appreciate what role the Information Centre plays) then, even when that error was pointed out in late 2013, relaunched care.data anyway and kept the problem hidden for the rest of the year. When eventually it needed a further excuse for having done nothing but keep the (hospital) data flowing, NHS England unceremoniously dumped the problem onto HSCIC November 2014, and continues to refuse to authorise or resource the practical solution which HSCIC proposed pretty much straight away.

This is not the way to ‘build trust’.

For that you first need to show you are trustworthy which, as Baroness Onora O’Neill has said, means demonstrating competence, honesty and reliability in all that you do.

A way forward?

If data can be shared, the criteria for services can also be clearly written down. Just because a citizen does not wish you to do everything with their data, that does not mean you should refuse to do anything.

There is no reason that services as a whole should be impacted by some people choosing to exercise their right to restrict the use of their sensitive data. This may mean some services have to evolve and not take the easy approach of “collect it all” for every bulk personal dataset they can imagine. But to minimise risk and take only what is absolutely needed is not only common sense: it’s the law. And it’s (your) right.

In a health context, any one individual refusing consent for their data to be “shared” will have an infinitesimal impact on whether new future treatments are developed as quickly, and it should most certainly never affect the choices or available treatments for your care. Bullying patients into surrendering their data with implied threats is no way to build trust.

medConfidential agrees with Tim Berners-Lee that you should know everywhere your data has gone, and why. The research world recognises that the data they need has some risks, and that these risks that cannot be mitigated completely, so other steps must be taken – such as keeping all individual-level data in a safe setting, and reporting back to patients. Do public bodies like NHS England think the problems of data handling that others have to deal with aren’t equally present for them?

Or will the various silos continue to act like Gollum, hoarding and hissing “my preciousssss” over bulk personal datasets that don’t actually even belong to them? As this version of the story plays out, it is obsessing over the ring of data that drives Gollum insane…

care.data ‘pathfinder’ GP practices published

The lists of care.data ‘pathfinder’ GP practices have now been published. (medConfidential has been asking for these to be made public since October of last year.)

At least now patients in these practices can know that their GPs have volunteered them and their families to be guinea-pigs for care.data ‘Round 3’…

1) Blackburn with Darwen CCG – said they were “ready to start” at the end of June, now delayed until September 2015:

  1. Cornerstone Practice, Shadsworth Surgery
  2. St George’s Surgery
  3. Pringle Street Surgery
  4. Brookhouse Medical Centre
  5. Darwen Health Link, Darwen Health Centre
  6. Montague Practice, Barbara Castle Way Health Centre
  7. Spring-Fenisco Healthlink
  8. Audley Health Centre
  9. Limefield Surgery
  10. Hollins Grove Surgery
  11. Ewood Medical Centre
  12. Brownhill Surgery
  13. Dr Hirst Practice, Darwen Health Centre
  14. Darwen Healthcare, Darwen Health Centre
  15. Primrose Bank Medical Centre
  16. Roe Lee Surgery
  17. Oakenhurst Surgery, Barbara Castle Way Health Centre
  18. Redlam Surgery
  19. Little Harwood Health Centre
  20. The Waterside Practice
  21. The Family Practice, Barbara Castle Way Health Centre
  22. Bentham Road Health Centre
  23. Shifa Surgery, Bangor Street

2) Somerset CCG – due to start in September 2015:

  1. Abbey Manor Medical Practice, Yeovil
  2. Beckington Family Practice, Beckington, Frome
  3. Blackbrook Surgery, Taunton
  4. Brendon Hills Surgery, Washford
  5. Bruton Surgery, Bruton
  6. Burnham Medical Centre, Burnham-on-Sea
  7. Buttercross Health Centre, Somerton
  8. Cannington Health Centre, Cannington
  9. Cranleigh Gardens Medical Centre, Bridgwater
  10. Crewkerne Health Centre, Crewkerne
  11. Crown Medical Centre, Taunton
  12. Dunster Surgery, Dunster
  13. East Quay Medical Centre, Bridgwater
  14. Exmoor Medical Centre, Dulverton
  15. French Weir Health Centre, Taunton
  16. Frome Medical Centre, Frome
  17. Glastonbury Health Centre, Glastonbury
  18. Glastonbury Surgery, Glastonbury
  19. Grove House Surgery, Shepton Mallet
  20. Hendford Lodge Medical Centre, Yeovil
  21. Highbridge Medical Centre, Highbridge
  22. Ilchester Surgery, Ilchester
  23. Irnham Lodge Surgery, Minehead
  24. Luson Surgery, Wellington
  25. Meadows Surgery, Ilminster
  26. Mendip Country Practice, Coleford
  27. Millbrook Surgery, Castle Cary
  28. North Petherton Surgery, North Petherton
  29. Park Medical Practice, Shepton Mallet
  30. Polden Medical Practice, Edington and Woolavington
  31. Porlock Medical Centre, Porlock
  32. Preston Grove Medical Centre, Yeovil
  33. Quantock Medical Centre, Nether Stowey
  34. Quantock Vale Surgery, Bishop’s Lydeard
  35. Redgate Medical Centre, Bridgwater
  36. Somerset Bridge Medical Centre, Bridgwater
  37. Springmead Surgery, Chard
  38. St James Medical Centre, Taunton
  39. Summervale Surgery, Ilminster
  40. Taunton Road Medical Centre, Bridgwater
  41. Tawstock Medical Centre, Chard
  42. Victoria Park Medical Centre, Taunton
  43. Vine Surgery (L85029), Street
  44. Vine Surgery (L85060), Street
  45. Warwick House Medical Centre, Taunton
  46. Wellington Medical Centre, Wellington
  47. Wells City Practice, Wells
  48. Wells Health Centre, Wells
  49. West One Surgery, Crewkerne
  50. Westlake Surgery, West Coker
  51. Williton Surgery, Williton
  52. Wincanton Health Centre, Wincanton

3) West Hampshire CCG – due to start in September 2015:

  1. Alma Road Surgery, Romsey
  2. Alresford Surgery
  3. Andover Health Centre
  4. Barton Webb Peploe Partnership, Barton-on-Sea, New Milton
  5. Blackthorn Medical Centre, Totton
  6. Bursledon Surgery
  7. Charlton Hill Practice, Andover
  8. Cornerways Medical Centre, Ringwood
  9. Fordingbridge Surgery
  10. Forest Gate Surgery, Totton
  11. Friarsgate Practice, Winchester
  12. Fryern Surgery, Chandlers Ford
  13. Dr. S J Godfrey & Partners, Totton Health Centre
  14. Gratton Surgery, Stockbridge
  15. Hedge End Medical Centre
  16. Lyndhurst Surgery
  17. Park and St Francis Surgery, Chandlers Ford
  18. Red and Green Practice, Hythe, Southampton
  19. Ringwood Medical Centre
  20. Shepherds Spring Medical Centre, Andover
  21. St Andrews Surgery, Eastleigh
  22. St Mary’s Surgery, Andover
  23. St Paul’s Surgery, Winchester
  24. Stockbridge Practice
  25. Stokewood Surgery, Bishopstoke, Eastleigh
  26. Testvale Surgery, Totton
  27. Twin Oaks Medical Centre, Bransgore, Christchurch
  28. Watercress Medical, Mansfield Park Surgery, Medstead, Alresford
  29. Waterfront and Solent Surgery, Totton
  30. West End Surgery, West End
  31. Whitchurch Surgery

UPDATE 8/7/15: Freedom of Information requests by Dr Neil Bhatia reveal that just 12 GP practices across the three Leeds CCGs have signed up to be ‘pathfinders’:

4) Leeds North CCG – start date unknown:

  1. Foundry Lane Surgery
  2. North Leeds Medical Practice
  3. Oakwood Surgery
  4. Oakwood Lane Medical Practice
  5. The Avenue Surgery

5) Leeds South and East CCG – start date unknown:

  1. Kippax Hall Surgery
  2. Windmill Health Centre

6) Leeds West CCG – start date unknown:

  1. Burton Croft Surgery
  2. Thornton Medical Centre
  3. Craven Road Medical Practice
  4. Fieldhead Surgery
  5. Burley Park Medical Centre

medConfidential Bulletin, 12 June 2015

chaos.data

Over a year ago, Ben Goldacre wrote “Care.data is in chaos. It breaks my heart”.

Absent explicit instruction from the Secretary of State, it is now clear that NHS England is just going to keep on making the chaos worse. 16 months after it was “paused”, care.data is resurfacing in a way that gives some insight into the shambolic mess it is still in.

This Wednesday, after Blackburn with Darwen Healthwatch announced then withdrew (footnote 2) its announcement, Blackburn with Darwen CCG announced it is “ready to start” sending out patient communications “at the end of June”. But NHS England is nowhere near ready; vital preconditions for a restart – not least honouring the choices a million patients made last year – have yet to be met.

NHS England remains mute on Dame Fiona Caldicott’s 27 areas of concern and there’s ‘missing’ legislation: Directions defining how patient opt-outs must now work; Directions fixing the broken 2013 definition of the programme; Regulations to guarantee vital safeguards, including ‘one strike and you’re out’ sanctions for misuse of patient data, and closing the ‘McDonald’s loophole’ (p6) that legitimises a wide range of “commercial re-uses” of patient data. None of them in place.

It’s utter chaos. But to proceed without honouring a million patients’ existing opt-outs – not just to stop their information being extracted from their GP record, but stopping their hospital data from continuing to be sold for uses other than their direct care – would be a breach of trust on an unprecedented scale, breaking supposedly unconditional promises that Jeremy Hunt gave back as far as April 2013: “We will respect them” (timecode 13:30)

If their intention is to “regain public confidence”, the Secretary of State and NHS England are going about it in the strangest way. NHS England might claim to have been “listening” but, if it has, why is it wilfully ignoring a million patients’ concerns and express wishes?

The clock will start ticking again from the moment the first care.data letter is sent out – not the first data extraction, as some officials would have you believe. And at this point, having broken a million promises, what possible basis does NHS England think it has to ask patients to trust it with their most personal information?

What can you do?

medConfidential continues to push hard for everyone’s confidentiality and consent to be respected. Every use of your medical record must be consensual, safe and transparent. And be assured, we are taking this fight to the highest level – but we need your help.

The first thing you can do is tell your friends and family. If you are reading this, you are clearly paying attention – but many others simply won’t know anything about what’s going on. It’s been well over a year since care.data was “paused” and the vast majority of people probably think it was stopped for good. If nothing else, please forward a copy of this newsletter by e-mail to the people you know and care about.

Please keep posting links to medConfidential’s News feed: https://medconfidential.org/news/ on Facebook or Twitter if you use them, or forums and other social media. If you happen to know anyone in one of the four care.data “pathfinder” areas – that’s Blackburn with Darwen, Somerset, West Hampshire or Leeds – or if you know someone who does, please make sure to get in touch and tell them.

N.B. Given news in the medical press and papers this week about a more localised “care.data-like” scheme in Southend, please tell anyone you know in Southend as well. We’ll provide more details as we get them.

And finally, please take the time this evening or this weekend to write to your MP. The quickest and easiest way to do this is via https://www.writetothem.com/ – and it is particularly important to write if your MP was newly elected in May.

medConfidential has already written to all newly-elected MPs to tell them about the issue, but they need to hear about it from their constituents. And the message that needs to come across loud and clear to every MP right now is: “Opt-outs must be honoured. Trust is being actively damaged (again). Don’t let NHS England make any more mistakes.”

We cannot tell you exactly what to say – it’s actually far better if we don’t, and your letter will have far more impact if you write in your own words – but please write as clearly and concisely as you can about your concerns. If you have opted out, do make sure to ask your MP to ask the Secretary of State when he is going to honour his promise and ensure that your opt-outs are actioned and respected. Even if he or she does not agree with you, your MP should pass on a specific question to a Government Minister when asked.

What’s next?

We await answers from the Commissioning Board (i.e. NHS England) about its re-issued care.data Directions, to replace its broken Directions from 2013. We highlighted significant problems before its last board meeting and the Board’s Chair said he will write to us. He hasn’t yet.

We await sight of Directions from the Secretary of State about ‘Patient Objections’ – the legal definition of how the opt-outs must work, on which NHS England’s Directions depend. HSCIC’s Board is scheduled to consider these in July, but that is after Blackburn with Darwen CCG says it could start contacting patients.

We await publication of the CAG (Confidentiality Advisory Group) Regulations, themselves now delayed for almost a year. Will they contain all of the promised safeguards and, crucially, a clearer definition of the deeply controversial “promotion of health” purpose that perpetuates the sale of patient data to Pharma marketers and other commercial interests?

We await public answers to Dame Fiona Caldicott’s 27 areas of concern but, even more importantly, we are still waiting for the Office of the National Data Guardian to be put onto a proper statutory footing “at the earliest opportunity”, to reinstate the independent information governance oversight abolished by the Health and Social Care Act 2012. Dame Fiona’s advice has been ignored by NHS England before.

We await the re-establishment of the Health Select Committee, and (hopefully) the re-opening of its Inquiry into the ‘Handling of NHS patient data’. Questions have already been asked in the Lords; we sincerely hope the Commons will demand answers about the continuing chaos too.

And finally

We are very grateful for all the support we receive – not just money, but the information people provide and the actions you take. Our thanks to all those who got in touch after our last newsletter; we’ve been a bit busy(!) but we will be contacting you shortly, with some specific requests.

medConfidential is still unfunded. We have submitted grant applications, and hope to hear back on the first of them by the end of the month. But for now we are doing this because we have to.

Last year, amongst other things, we helped hundreds of thousands of people opt out, believing no Government or arm’s-length body would be so stupid or arrogant as to break the promises that had already been made. medConfidential’s promise may have been implicit – “We’ll make sure this works” – but we, unlike some, stick to our promises. So we fight on.

If you can afford to make a donation, please do:





Phil Booth and Sam Smith
medConfidential

12th June 2015

[PRESS RELEASE] care.data restart announced

The restart of NHS England’s hugely controversial care.data scheme was announced on Wednesday afternoon, 10 June. Patients in one of the ‘pathfinder’ CCG areas (Blackburn with Darwen) may begin to be sent care.data “communications” [1] in as soon as two weeks’ time.

2015-06-10 BwD Healthwatch update

The “Update” on the Blackburn with Darwen Healthwatch website [2] states:

Blackburn with Darwen will be ready to start fair processing (the time patients have to make a decision whether to opt out) at the end of June; Somerset and West Hampshire wish to start at the beginning of September.  Leeds have not confirmed when they will commence testing communications but are also working towards the beginning of September.

It goes on to point out that:

Formal accountability for proceeding with the Programme sits with the SRO (Senior Responsible Officer), Tim Kelsey.  Dame Fiona Caldicott will express her view of the safeguards and arrangements in place to the Secretary of State and this will be taken into account by Tim and the Programme Board.

From the moment that “communications” begin to be sent out in each area, patients will have a limited amount of time to decide whether they wish for their identifiable medical information to be extracted from their GP record, or whether they want to opt out [3]. The Update indicates that patient data could begin to be extracted “between September and November”.

This announcement has been made despite that fact that nearly a million [4] patients who opted out of the scheme over a year ago have not yet had their opt-outs actioned, while their hospital data has continued to be sold to third parties – including for “commercial reuse” [5].

Phil Booth, coordinator of medConfidential, said:

“It beggars belief that care.data should be restarted before the serious outstanding problems with the scheme have been fixed and, just as importantly, been seen to be fixed. The shambolic mess that care.data has become must be cleared up before another single patient is contacted.

“What are the million patients who opted out last year supposed to think? Their objections have all been ignored, so why should they or anyone else trust a zombie data grab that hasn’t even got in place statutory backing for Jeremy Hunt’s guarantee to patients, or defined legal safeguards promised last summer?

“NHS England must make good on every opt-out, and demonstrate that every last promise and safeguard is in place, or it’ll show it cares more about getting hold of your most sensitive data than ensuring every use of it will be consensual, safe and transparent.”

Notes for Editors:

  • 1) The communications should include a letter addressed to each person over the age of 15 and three-quarters, an opt-out form and an information leaflet.
  • 5) Quarterly Data Release Registers from the HSCIC: http://www.hscic.gov.uk/dataregister show organisations provided with data in various forms since January 2014 include Experian, McKinsey & Co, General Reinsurance and a number of “information intermediaries” such as Harvey Walsh (which services pharmaceutical marketing clients as well as the NHS), NHIS Ltd and Dr Foster (recently acquired by a subdivision of an Australian telecommunications company).

medConfidential campaigns for confidentiality and consent in health and social care, seeking to ensure that every flow of data into, across and out of the NHS and care system is consensual, safe and transparent. Founded in January 2013, medConfidential is an independent, non-partisan organisation working with patients and medics, service users and care professionals.

Will Jeremy Hunt ensure that “700,000” patient opt-outs are respected?

In our last newsletter we said there’d be more news soon. While this isn’t quite what we meant, it is very important indeed.

In the House of Lords last week, it was confirmed that Blackburn with Darwen will be the first care.data pathfinder area. Questions asked in the Commons about exactly when this would be remain unanswered.

From launching in six CCGs, as announced last October, care.data is now down to limping out in just one – and with the summer holidays rapidly approaching, sending out letters that may get mixed up with the pizza leaflets while people are away doesn’t seem all that sensible…

In the same Lords Debate last Monday, the Government confirmed that at least 700,000 patient opt outs have yet to be actioned – which prompted some media attention.

medConfidential will be writing to the Information Commissioner with a substantive complaint covering all of the relevant details and providing documentary evidence which won’t allow NHS England to blame HSCIC (or the ICO itself) for delaying everything for another six months.

The solution was outlined in our last newsletter. This is a solution which the Department of Health could authorise and begin this week if it wished, and which HSCIC could make retroactive from last April (i.e. ensuring that those who have opted out by the time the problem is fixed will no longer have their hospital data from last year sold on to third parties) via the “full-year HES” datasets which replace the ‘interim’ HES releases.

Bottom line: if you have concerns, and you haven’t done so already, our advice on opting out remains unchanged until the Department of Health or Secretary of State announces details.

We have not yet seen the Secretary of State’s ‘Directions on Patient Objections’, which could repeat NHS England’s flawed decisions about care.data, or choose another path – as we discussed in our last newsletter – and which would also satisfy Jeremy Hunt’s promises from 2013 (timecode: 14:20).

HSCIC may only do as it is Directed by NHS England and the Secretary of State / Department of Health, which is one reason why the ICO complaint requires exactly the right footnotes; to highlight the specific decisions and (lack of) responsibilities that have led to this mess.

Be assured, medConfidential is on the case and on top of the detail. Possibly more so than NHS England, it could be said.

To stay informed of progress, please join our mailing list. And don’t forget to spread the word – this affects your friends and family too.

medConfidential is a tiny campaign, fighting a huge fight on behalf of every NHS patient. If you can help us, please do.

Every penny received will be spent on averting the most appalling breach of confidence in NHS history and ensuring that in future every flow of patient data into, across and – most importantly – out of the NHS is consensual, safe and transparent.