Category Archives: News

MedConfidential Update – Opt outs being honoured

If you have opted out, recently or before, your choices are now being honoured.

Thanks to all those who helped make this happen – especially you, our supporters, donors and friends.

The institutions involved did the right thing in the end, even if they tried all the other things first.

 

What just happened? Your opt out honoured

On Wednesday, the HSCIC announced that they had received permission from the Secretary of State to finally honour his promise to you. You can opt out of data leaving the HSCIC for purposes beyond your direct care, and that is what happens. When he created the opt out that you took up, NHS England, who was then responsible for it, didn’t think it would matter.

The tickbox that you and 1.2 million other people filled in is now being honoured. The announcement says it must be done by this time next week; in practice, we are happy that this is effective with immediate effect.

Until the public consultation on the Caldicott Review, there are a small number of narrow temporary exceptions (3), and some temporary gray areas (5). But in the main, it is now done. If any of those concerns are particularly concerning to you, please let us know. We’ll be writing to HSCIC with some clarification questions next week.

The next hospital dataset to be released will be the cleaned up “full year” data, which replaces past each month parts for April 2015 to March 2016. This is the critical release which really matters. Consent will be respected for this release, and data about those who have opted out will not be included.

The HSCIC has also undertaken with the Information Commissioner to reissue the 2014 – 2015 data to those who already received it. By contract, they are required to replace old data with new.  That undertaking is the direct result of a medConfidential complaint to the ICO.

GPs have been able to honour their part since you gave them the form.

In effect, for current and future projects, as much as it could have been, it is as if your opt out, for data leaving HSCIC for purposes beyond your direct care, was honoured in April 2014.

What’s next?

The announcements this week are not the end of this process – there is a great deal left to do.

The Caldicott Review of Consent is going to propose a comprehensive and permanent solution. That solution should satisfy concerned patients into the long term, resolve the grey areas and simplifies the whole thing. It will be the subject of a public consultation, and then legislation.

But as of Wednesday, the current state is now consensual, increasingly safe, and somewhat transparent. Reducing the number of copies of data that are made will reduce the number that can be lost or stolen. More transparency will mean that you will know that your wishes have been honoured – you wont have to trust they have.

What else?

If you’ve previously had a discussion with your MP on this topic, you may wish to get back in touch with them and thank them for their help, now that the Department of Health has done the right thing, and your wishes are being respected.

MPs often hear about problems, and less often hear about what happened as a result of their help, especially in a long term project like this has been. (You should probably make clear that this is a thank you note – it might confuse their busy offices if it’s unclear…) Also, there was an election in the interim, and some MPs will have changed.

For us, it’s not getting any quieter. There are other organisations that don’t wish to act as if their world has changed. Most seriously, there are a few other projects that see the style-first approach of care.data as a handbook, not a cautionary tale…

It never ends. But this week, a lot got better as a result of our work and your help. Thank you for your support until now, and hopefully into the future.

 

 

PS – our especially deep gratitude to all those who donations also helped. We couldn’t have done this without you.

Data Usage Reports: Data derivation receipts from data processors

[this post will be amended slightly following the release of the Caldicott Review]

Some data processors wish to start getting ready for the introduction of Data Usage Reports. Data controllers will be the subject of a future post. For reporting of new knowledge created, existing reporting processes should be used.

For data processors that make data copying decisions based on instructions, the relevant component is simply the creation of an electronic receipt confirming the instructions, and the individuals whose data was copied.

It should be entirely derivable from audit materials, and require no ongoing extra work where there are audit systems. Below, we show the output manually, via a spreadsheet (excel) and, for the technical implementators, structured form.

The details

There are two parts of the receipt:

  1. The details of the data flow: the what, where, when, why. (these probably don’t change often, so regular updates may omit them)
    Organisation: “recipient organisation”
    Date: 2016-04-01
    Project title: “one line name” optional
    Description: “3 sentences about what/why” optional
    URL: a web link for more information optional
    legal basis for flow: optional
    postcode: (if relevant, for consented direct care access) optional
  2. The individual level identifiers for those individuals (the who). These being the identifiers that the processor was provided with (which in all likelihood should have been changed before the data was passed on)

    Identifiers as received by this processor
    785481E8-0BC1-4641-8ED7-D4D8D22C8AF2
    9B4E89F4-46E1-4D2B-8390-BBC728ABDA8D
    096E8894-1F69-45C3-AAF1-FBF4CF0E8313
    DFCF3B06-901C-407D-AB69-63E6D706C14A
    C39B1756-26A7-4200-96F4-284924AFE6E3
    B0F0A37A-CABD-404E-9256-796A69CD179D
    CE83E652-C44E-4D4F-86E0-2C9CBC49EB4D
    DBFB867B-08F9-4AD0-B05E-B947E39E31FF
    A947B578-A51F-464A-BD49-41C7956F2F8C
    08A015FA-D9A5-4FE8-BAAF-879FA84F50D8
    653ba56b1f21ad8bf7d4e30cc2fa4b1a10e4603c
    25fd81548b61dc0e0abf19c1809c7941a8ac15fc
    81811f9e9c698d5320f9069c35550e783c28806d
    726fe5e2f816c879169b38fe9cef944bcf898d10
    63c18e85a12dccc5304c88c847e3b85a33cd44ff
    39b17ecdab874579538afa2ebb3b333e63b08846
    2fc47b8ca79e381e598adfc5ef956b3596ff5853
    a85c70ebf68bda26df3088eee4fb890a7b2443e2
    b8feb487d136d1bce44e263f970a182b07061fc8
    d8045b84bc64d6f8a93b6820bfdecce9e1c980c7


Phrased like that, you can see it’s not particularly complicated.


Production of a data usage report is simply the information from receipts, with the existing information on release decisions and publications, transformed for the citizen.

If you’re interested, we’re happy to also talk to you about how to use data usage reporting.

Data use in the rest of Government: Where is the consultation on any ethics?

Where is the consultation on any ethics?

As care.data was in the NHS bureaucracy, this consultation is about doing more of what Government been doing already: Not better sharing, just more copying.

If this wasn’t about databases, the same consultation could be had about buying more filing cabinets, ink, and scribes. Continue reading

Data in the rest of Government: Put data to good use?

{this is a background reference blog post, ahead of more on the Cabinet Office’s data copying consultation. The call to action will be in the next newsletter.}

Let’s make data easy to put to good use” says the Cabinet Office. But good for whom? Good for the civil service? Good for each citizen? Who makes sure the balance is right?

Care.data was claimed as a “good use” of data. The details showed it to be something radically different. The Cabinet Office consultation launched last week is about bureaucracy as usual. The mantra is reform, but the reform is to bring all the benefits to Government, and the downsides for citizens.

Digital transformation, this is not.

Continue reading

MedConfidential comment welcoming the Wellcome Trust’s “One Way Mirror” Report

Today, the Wellcome Trust publish a new report on data sharing.

The name says everything data sharing shouldn’t be – and the report shows why.

We welcome another confirmation that organisations can maintain trust via transparency and shared knowledge.Data projects, including commercial data projects, can be handled safely, if the people in charge choose to do so. When they don’t patients and citizens get nervous and trust collapses.

Care.data and others tried the “One Way Mirror” approach, and this report names “context collapse” as the point of public concern. Patients care what happens to their data and are wary about how it could be used beyond the context of their own healthcare, and so simple, complete, accessible and truthful explanations to patients are necessary. Otherwise, context collapse is certain, and like care.data, confidence collapse is sure to follow.

 

(MedConfidential Coordinator Sam Smith sat on the advisory group for this study)

First Thoughts: Government data: Copies of more than medical records?

The consultation is supposed to be about using data to help citizens; but the proposals and principles are about how Government thinks it can do one thing to help all citizens – that seems unlikely.

Yesterday, the Cabinet Office opened their consultation on copying everything but medical records. It is a consultation, not about data, not about citizens, but about Government. It’s officially about “better” use of data, but “better” in this term seems to mean “more”, not “improved”.

As care.data was about NHS England not patients, the same #datacopying mistake has been made.

In short, this consultation is the latest step in the ongoing data debacle of Government. Rather than suggest learning the lessons of care.data, most of it doubles down on repeating the failures by institutions and their shared worldview of an office near the Thames.

We find out within days what the Caldicott Review will recommend, and see where the NHS thinks this should go. If the Cabinet Office were accurate about having worked closely with DH, then this consultation does not look positive. 

A blog post by the Data Sharing network will appear shortly (we’ll update this post) on how the process reached this point.

The relationship to medical records

At the launch meeting for the consultation, the Cabinet Office said that the lessons of the Caldicott Review of consent had been considered, and this consultation was working with the Department of Health team. I can only hope that Cabinet Office paid as little attention to what DH were saying as they have paid to others.

The NHS number makes an oblique appearance, in part 3 below; although it’s only in the original consultation document if you know that it’s there.

Continue reading

Newsletter: Care.Data’s suspension enters the terrible twos

It’s 2 years to the day since Care.Data was suspended amongst public outrage. The failed programme is showing no signs of restarting, as NHS England and the Department of Health continue to sift through old pampers, and keep finding yet more problems.

The Caldicott Review of Consent, which began after NHS England lied to the Care.Data Advisory Group, should report soon, if those who want to water it down to avoid having to make uncomfortable decisions. Why might they do that? Well…

 

Another Jeremy Hunt promise is broken – Your Hospital Data is still being sold

Before their January deadline, HSCIC finished the testing needed to implement the hospital data consent promise that Jeremy Hunt made to every patient – which 1 million patients who opted out took him up on. The final step was for Jeremy Hunt to give the go ahead to keep his promise. He didn’t.

Let us be clear: Jeremy Hunt made the patient promise 2 years ago, and it appears in the 2015 conservative manifesto (pg 38) “We will give you full access to your own electronic health records, while retaining your right to opt-out of your records being shared electronically.” Only he can break his promise, and he has chosen to do so.

So when will the opt outs be implemented? We look forward to hearing any answer the ICO receive shortly on exactly that question, as they respond to our complaint. The Department of Health are refusing to answer questions – which is understandable as they don’t have any answers.

Your GP will honour your request for data not to leave your GP practice, both because of medical ethics and because of their direct connection to you. Who is Jeremy Hunt connected to?

The interim-type-2 opt out can be implemented tomorrow if Jeremy Hunt tells HSCIC to do it. Why hasn’t he?

You may wish to write to your MP, and ask the question, “when will the Secretary of State for Health implement patients’ choices to prevent data about them leaving the HSCIC for purposes beyond direct care?” – please also say why this matters to you. (and sorry the question is a bit of a mouthful)

This can be fixed. The Health Secretary just has to take the single action necessary to fix it, permanently.

A perfect overarching consent flag is something we support; but at best, it is a year away from being something a patient can ask their GP to do. No scenario, other than immediate implementation of the interim-type-2s, addresses the gap between now and then. A long-term maybe-mythical “perfect” solution is currently the weapon of choice of those who want to prevent any patient choice over data usage at all: that change being the consent choice (aka “interim-type-2”) which 1 million patients have requested be actioned, and that they are all waiting patiently for. When the first step down the path to consent has been taken for national datasets, there can be confidence that subsequent steps will be taken. If not, and the Department of Health breaks Jeremy Hunt’s promise this time, why should anyone believe them next time?

What’s next: Care.Data Everywhere?

On Friday, we’re expecting that Cabinet Office to launch their data copying consultation, which probably won’t have the subheading “care.data everywhere”, but unless they’ve fixed their compulsion to copy, it probably should have. It’s not all terrible news; the worst projects (probably) didn’t get this far – what the consultation will show is the stuff that they don’t think is terrible (that’s probably not reassuring).

Every project involved has had to explain how “it’s not like care.data because…”, but the Cabinet Office has seemingly learnt only the lessons convenient for them to learn. It’s hard to all learn the right lesson when institutional incentives encourage people to learn easier ones.

The lack of critical thought across the programme appears in Parliament’s report on the “Big Data Dilemma”, which says the NHS could save £66bn from more data copying. Saving about two thirds of the NHS budget (equivalent to getting rid of all staff from the NHS) seems… unlikely.

We’ll see what the Cabinet Office consultation says over the weekend, and any health implications will appear in the next newsletter. The Caldicott Review is also due to be consulted on, if it ever gets published.

What’s Next: Saatchi Bill returns to the Lords

With the most problematic bits of the bill removed by MPs, the Saatchi Bill on “medical innovation” is now a mechanism to create new databases, and do so only with the approval of Parliament.  How is this different to care.data, which Tim Kelsey repeatedly said was “the will of Parliament”?

That’s a very good question. The main difference is whether Parliament says yes, or whether it chooses not to say anything. Currently, silence means support, which was the approach that failed catastrophically with care.data.

We’ll be looking to have conversations with their Lordships about an amendment to require Parliament to approve any plans, rather than simply not objecting. Especially as this Government is looking to remove the ability for the Lords to object to anything…

More soon, and we especially thank all those who have made donations.

 

[Press Release] MedConfidential comments on today’s #IPBill Report

EMBARGOED – SAME AS JOINT COMMITTEE REPORT: 09:30 on 11 Feb 2016. Copies will appear at https://medConfidential.org/news after that time

 

MedConfidential Comments on Medical Records and the Report of the Joint Committee on the Draft Investigatory Powers Bill.

The more scrutinisation the Bill receives, the less it stands up.

Individuals and information snared within Bulk Personal Datasets[1] “…may include, but is not limited to, personal information such as an individual’s religion, racial or ethnic origin, political views, medical condition, ***, sexual orientation, or any legally privileged, journalistic or otherwise confidential information [2]

Recommendation YY.e of the 2015 ISC report[2] said the bill should contain “Specific safeguards for certain individuals or categories of information – for example, UK nationals, legally privileged information, medical information etc”

It didn’t.

When asked whether medical records should be disavowed, The Home Office responded[3]

“this may provide those that wish to do us harm greater insight as to the limits of the agencies’ capabilities”.

Without a publicly made case, the Joint Committee report states “the lack of that detail makes it hard for Parliament to give the power sufficient scrutiny.”[4]

In contrast, the Intelligence and Security Committee of Parliament, which may read any classified information they require to provide sufficient scrutiny, recommended:[5]
“B. Where additional protection is provided for sensitive professions, these safeguards must be applied consistently, no matter which investigatory power is used to obtain the information. The new legislation should be amended to rectify this inconsistency.
“F… The Committee considers that the acquisition, retention and examination of any Bulk Personal Dataset is sufficiently intrusive that it should require a specific warrant. We therefore recommend that Class Bulk Personal Dataset warrants are removed from the new legislation.”
To meet their recommendations from 2015, the ISC’s first recommendation from 2016 of a “single additional Part that addresses privacy safeguards and clearly sets out universal privacy protections which apply across the full range of investigatory powers” must also protect medical records. A discussion the Home Office has refused to have, and the Department of Health have so far ignored[6].
 

 

Phil Booth, coordinator of medConfidential said:
 

“The Home Office’s bluff has been called by Parliament. The Intelligence and Security Committee of Parliament said in 2015 that there should be security safeguards for medical records, yet Theresa May just ignored them, and let the agencies make up their own rules.

“The ISC has said that if Theresa May wants to grab the entire nation’s medical history, she has to have specific grounds.

“It’s not enough to simply fear those who may wish harm, it is necessary to defend the values of our country. It seems Parliament has had to explain this to the Agencies and the Home Office yet again.

“Theresa May wants secret copies of everything because she’s afraid; Parliament wants privacy and transparency because we are a democracy. Privacy and security don’t have to be opposites, but we’ll see how David Cameron’s Government responds when it comes to the most private of NHS data.

–notes–

  1. Bulk personal datasets are the Government’s term for large databases of personal information, such as medical records.
  1. Intelligence and Security Committee of Parliament Report ‘Privacy and Security: A modern and transparent legal framework‘. March 2015 http://isc.independent.gov.uk/news-archive/12march2015 para 163(ii), p58.
  1. paragraph 403, Report of the Joint Committee on the Draft Investigatory Powers Bill
  1. Intelligence and Security Committee of Parliament Report on draft Investigatory Powers Bill. http://isc.independent.gov.uk/committee-reports/special-reports
  1. “The Department [of Health] was asked to comment on the Draft Investigatory Powers Bill presented to Parliament in November 2015 and, at that time, did not consider that this would create any new powers that would require or permit the disclosure of confidential personal information by health and care bodies (on the basis that this is consolidating security agencies’ existing powers).” http://www.parliament.uk/business/publications/written-questions-answers-statements/written-question/Lords/2016-01-25/HL5377/

medConfidential campaigns for confidentiality and consent in health and social care, seeking to ensure that every flow of data into, across and out of the NHS and care system is consensual, safe and transparent. Founded in January 2013, medConfidential is an independent, non-partisan organisation working with patients and medics, service users and care professionals.

For further information or for immediate or future interview, please contact Sam Smith or Phil Booth, coordinators of medConfidential – coordinator@medconfidential.org

forthcoming “Digital” Legislation in 2016

Will this week’s flawed data grab by DWP be the portent of things to come? (We’ll post something on this in our next newsletter; but if you’re deeply concerned, your consent choice will be honoured). 

The forthcoming digital economy legislation is intended to define how George Osborne and this Government wish to heed Martha Lane Fox’s call to “make Britain brilliant at the Internet”, for everyone. But, those with a wish to be brilliant at using the Internet against people are also rubbing their hands with glee. How this affects medical records, and more, is currently unknown until the consultation.

The NHS apps store, with its panoply of catastrophes was shut down, but silently in a way that they hoped no one would notice. Including any victims. Children’s school records continue to be linked and sold, including to newspapers. Will the sale of pupil records continue in secret? Our concerns about Public Health England grow every time they open their mouths. I haven’t seen data governance this conceited since Tim Kelsey assured the listeners of Radio 4 that there had been no data breaches, and then care.data collapsed with data breaches up to your ears. HSCIC argues it has reformed; PHE still believes that it didn’t need to.

On a positive note, the legislation will be a convenient way to implement any legislative changes required from Dame Fiona Caldicott’s forthcoming consent review, after they have been consulted on. We hope that the Department of Health and all its constituent bodies will accept the principle that in order for people to trust how their medical records are been used, it is necessary for each patient to know every way that their individual level records have been used. Like a bank statement, it’s there for whenever you wish to look, and if things are unaccounted for, you have the information to ask questions.

But the legislation will be much wider than just medical data governance.

While medical records are my day job’s primary concern, there are many other records held by Government and business that are traded in ways as shady, or more so, than what was shown with care.data 2 years ago. What will the legislation do there?

The failed leadership at the Government’s “digital catapult” wants you to be subject to “the UK’s data sharing movement”; will that be following pharmacy2u’s lead in predating on the public in their dark shadows? Is this really how BIS wishes grantees to spend its budget?

The other approach is transparency to citizens of how individual level data about them is used and stored. When a citizen has the option of knowing how data about them has been used, the temptation for secret dodgy deals is far reduced. Of course, there’s less money in that for people whose usual approach is to scam the elderly out of their life savings.

Concerns are not just health, and it’s not just Government.

Which way the Government intends to go will be defined by the legislation. Does this Government want to be secretive and invasive, or will it commit to requiring transparency and consent? Will it do things to citizens and patients, or will it work for citizens and patients?

Where Health or Government lead, enlightened charities businesses can choose to follow and will gain a competitive advantage from doing so. Organisations that wish to act ethically currently have no business or operational incentive to do so, those who consider their customers as potential victims have no incentive not to. (If you’re interested in our demonstrator of this for your business or organisation, please get in touch).

Trust in data increases when transparency to individuals of their own data includes those dark corners – Data usage reporting is good for everyone.

MedConfidential Christmas Bulletin: Freedom, Care.Data and Space

It’s been a busy few weeks, as the Government came back from Conference season, and kicked their various schemes into high gear. In 2016, we’ll see data sharing across the NHS and Government taking up time: care.data may become a ministerial playbook.

Your support is greatly appreciated; and thanks to you and your loved ones at this time of year. But here’s where we are at the moment, if you wish to delay Christmas cheer just a little longer:

Care.Data.

Care.Data’s still suspended while Dame Fiona Caldicott tries to unwrap Tim Kelsey’s leaving present. The programme will enter 2016 as it left 2014: still digging in deeper. A new leadership for care.data was an opportunity to change that approach.

We’ve heard secondhand that the a new Senior Responsible Owner, obliged to hold this poisoned chalice, has been handpicked from the few loyal bag carriers left in the care.data bunker. Which means he’ll have repeatedly made valiant attempts at defending the inept and the ill considered. Indeed, the job description practically required blindly ignoring the fact that the ship was sinking until bailed out by his boss. With the Admiral’s hat his to don, it’s interesting to see if it will be full steam ahead into the iceberg of public rejection, yet again.

Dame Fiona Caldicott’s review of consent reports at the end of January, with Ministerial decisions in the months after that. Past NHS management has been good at persuading ministers to put their reputation behind the publicly indefensible until it becomes evident, even to the Department of Health, that perhaps that was unwise. At the last Care.Data Advisory Committee meeting, it was grudgingly admitted that the September roll out was halted by Jeremy Hunt himself…

Given Cabinet level discussions about data sharing, and the scope of opt-outs and consent, 2016 should be a busy year for data in the NHS and beyond. It seems some see care.data as a model to be copied. As always, the first question is whether the Government or NHS England wishes to constructively engage, or cower in a corner and ignore those who will point out necessary implementation changes. That choice is entirely up to them.

Your Right To Know

The CoverUp Commission has found that the public quite like the ability to request copies of Government documents in acts of citizen driven focussed transparency. Thank you for helping with that…

MedConfidential submitted a brief note of our own experiences of FOI, and also a saveFOI.uk submission of 260 different successful FOI requests (or outcomes from multiple requests), many submitted by you and others. SaveFOI.uk submission asked a simple question: Which of these questions does Lord Burns think shouldn’t have been answered?

Power likes secrecy, and “Burns it” would have been a common refrain in Tim Kelsey’s archipelago of NHS England. Freedom of Information is how the details of care.data were forced to be published. The deep veil of official secrecy continues to hide the bulk of Tim Kelsey’s legacy, which hopefully will start to burn up over time.

Not everyone gets to be an astronaut.

Everyone in the NHS wants to help improve the health of the nation, but that’s not the same thing as giving Direct Care. In the same way, that lots of people helped put a man on the moon, without being an astronaut. Every child eventually learns that not everyone gets to be an astronaut; and sometimes it’s a hard transition.

Tim Kelsey, who wanted all to sell medical records before his term was out, leaves NHS England today to take up a new post in Australia, but assured us he “will be back”.

Transitioning to consensual, safe and transparent data handling practices is as important for a hospital as good cleaning or sterile instruments – and the same thing happens when you disregard it too much. “Sufficient” cleaning is too much of a burden until it’s self-evident that it was too little, and harm occurs. Hopefully, in 2016, NHS England will learn about data hygiene and air quality. The astronaut programme had the literal version of the same problem. Will there be a systematic response to a politically driven digital-MRSA infecting the NHS and beyond? If the problem is left to go away of its own accord, it always comes back.

Consensual, Safe and Transparent Christmas sharing

It’s been a busy few months, but we’re still here, and would like to continue to be. If you wish to support our work, a donation is always greatly appreciated.

With best wishes to and your loved ones for Christmas and for the new year. May 2016 bring consensual, safe and transparent data flows throughout the NHS and beyond.

See you next year – we really couldn’t do this without you. Best wishes to one and all.

Sam and Phil