At a conference a few weeks ago, NHS England admitted it still had to “make the case to a large enough number of people that sharing data is fundamental”, as it insists this will (amongst other things, eventually) help the health service identify areas of good practice and reduce variation in quality of care. “If we can’t make the case for that then we will be in a very difficult situation,” said Tim Kelsey.

The crude assertion is this: if we don’t “share” your individual data, diseases won’t get cured, they can’t run the NHS, terrorists will win, and you may suffer directly. The rhetoric is largely the same, the projects vary only a little. But maybe there’s an alternative, which is to give people a choice and actually ask them about what you’re planning to do? (A decade or more of evidence shows this works, e.g. for ethically-approved research using medical records.)

So what’s the justification?

DH’s long-awaited response to its “Accredited Safe Havens” consultation on where “shared” data can go, will likely have to address comments from local authorities, some of whom feel morally obliged to take detailed individual-level data from the medical records of people in their area, to “share” with the social landlords, ‘just in case’ someone isn’t claiming a benefit they could.

That ‘initiatives’ like this may make some people’s (most likely bureaucrats’) lives easier is probably true – it’s easier to run a system if you never actually have to talk to the people using it. But the distress and harm that will come to someone who’d made an active choice not to reveal information which could have negative side effects, or when the wrong information gets used (and experience tells us no system is perfect) will most certainly not occur to those receiving the data; the impact will be on those to whose lives the information relates.

The same false comparison keeps being drawn by proponents of the institutional need for data sharing – transparent in their envy of what the commercial sector ‘gets away with’. People seem happy to “give” their data to Sainsbury’s or Facebook, they say – so why not some public authority?

Of course, no state actor would ever act against an individual’s wishes or best interests…

Being a public servant means serving all of the public, including those you casually write off as “teenagers” – not just those that happen to agree with you. Sainsbury’s understands this, and its equivalence in a commercial context. Stores could refuse to serve individuals who don’t use their ‘loyalty’ cards, but they don’t. They recognise and (by and large) claim to respect individuals’ choices about which transactions they make using the loyalty card, and which ones they don’t.

The fact that this comparison is drawn time and again – most often out of naive misconception rather than any deliberate intent to mislead – shows a worryingly blinkered lack of appreciation for the fact that a supermarket can’t evict you from your home. It can’t can’t cut off your social security financial lifeline, attach your earnings, deny you medical treatment, restrict your movements, exercise powers of entry, or detain you at Her Majesty’s pleasure.

And were Tesco, for example, to do something to annoy you, there are a whole range of other supermarkets (ditto social networks, etc.) available – a choice that simply doesn’t apply in the public sector.

Misplaced priorities

For NHS England to claim that without the “sharing” of bulk personal datasets, it won’t know which hospitals to close, may prove to be an exceptionally risky strategy. But, as we have seen, NHS England’s priorities can be utterly unconnected to the wishes of local communities. The credulous assumption that “NHS England knows best” didn’t work out too well for care.data; it is unlikely to work much better on any other issue. Especially those that are already publicly contentious.

Mass “sharing” – though a better word might be transfer, or traffic, or trade – of bulk personal datasets between bodies and organisations includes very little scope for individual choice. (At least not yet). And it’s often the case that entrenched departmental and institutional egos are unlikely to respect – or trust – each other anyway.

So when patients are handed from Hospital into Social Care, they may be assessed for which services they will need and when by the NHS. But when they are ‘received’ by the Social Care system, the first thing that happens is a re-evaluation – and often a large downgrade in support – because the Social Care process (which cares about £££) doesn’t trust the NHS process (which cares about care).

If egotistical fiefdoms already don’t trust each other’s judgement and already won’t talk to each other, what makes you think more data will help? It’ll just be more stuff that gets ignored whenever it’s not in the direct interests of whoever looks at it, and abused whenever that serves a(nother) purpose.

A problem of trust

One of the features of Gov.UK Verify – the Government’s approved ‘identity assurance’ scheme – is the concept of “attribute exchange”. If there was genuine trust in the system, when a registered medical provider had given an individual an attribute – in essence a digital token, or certificate – that relates to disability, the DWP would simply honour it.

Will it? Or will DWP insist that it must “revalidate” the person, at great time and expense (for the person, for DWP and ultimately for the taxpayer) but under their control? What about the local council trusting the NHS? Or even NHS bodies creating a basis to trust other NHS bodies?

Until trust within and between the silos is discussed and resolved, departments and bodies will continue to hoard bulk personal datasets in their own narrow bureaucratic interests, rather than in the interest of the individual.

Culture-change doesn’t happen overnight. And it certainly doesn’t happen if what’s imposed from the top, and modelled by so-called leaders, is some of the worst possible behaviour. So, unfortunately, it would seem that the point at which all of the various bureaucracies are themselves respecting (and being trusted to respect) individuals and their data is probably quite a way off.

But bodies that want to establish their trustworthiness, and to help individuals, can do something very simple: don’t start with a data grab.

Less about data, more about quality

The quality of a hospital does not necessarily relate to the individual, detailed medical records of each patient. That may be how Dr Foster designed its business, but it certainly doesn’t have to be the case.

In a system that has integrity, the data that should be openly published is aggregated counts of volumes and outcomes at relevant point along a pathway or across an institution – measuring that which is important. There are many metrics that should be used to determine the quality of a hospital; the obsessive prioritisation of a single metric (as with political target-setting) leads inevitably to ‘gaming’ of the statistics or, even worse, bending the service out of shape.

If what must be published are multiple, diverse (data-driven, but aggregate) standards, then the easiest way to improve your standing – to change your metrics – is not to hire consultants to help you massage your statistics, but to actually provide better care.

Scaremongering and coercion

Telling people that if they opt out of your open-ended ‘secondary uses’ database, their direct care may be affected and they may not be called for vital screening is both dishonest and malicious; quite possibly, abuse of public office. It’s certainly scaremongering worthy of the worst kind of institutional bureaucracy.

That the million or more patients who opted out at the beginning of 2014 are being told mid-way through 2015 that their opt-outs can’t be honoured because – applying the strictest possible interpretation of some technical wording few patients ever saw – this would break the promise that their care wouldn’t be affected was all entirely avoidable.

NHE England made and then failed to correct its own error (probably due to a failure to fully appreciate what role the Information Centre plays) then, even when that error was pointed out in late 2013, relaunched care.data anyway and kept the problem hidden for the rest of the year. When eventually it needed a further excuse for having done nothing but keep the (hospital) data flowing, NHS England unceremoniously dumped the problem onto HSCIC November 2014, and continues to refuse to authorise or resource the practical solution which HSCIC proposed pretty much straight away.

This is not the way to ‘build trust’.

For that you first need to show you are trustworthy which, as Baroness Onora O’Neill has said, means demonstrating competence, honesty and reliability in all that you do.

A way forward?

If data can be shared, the criteria for services can also be clearly written down. Just because a citizen does not wish you to do everything with their data, that does not mean you should refuse to do anything.

There is no reason that services as a whole should be impacted by some people choosing to exercise their right to restrict the use of their sensitive data. This may mean some services have to evolve and not take the easy approach of “collect it all” for every bulk personal dataset they can imagine. But to minimise risk and take only what is absolutely needed is not only common sense: it’s the law. And it’s (your) right.

In a health context, any one individual refusing consent for their data to be “shared” will have an infinitesimal impact on whether new future treatments are developed as quickly, and it should most certainly never affect the choices or available treatments for your care. Bullying patients into surrendering their data with implied threats is no way to build trust.

medConfidential agrees with Tim Berners-Lee that you should know everywhere your data has gone, and why. The research world recognises that the data they need has some risks, and that these risks that cannot be mitigated completely, so other steps must be taken – such as keeping all individual-level data in a safe setting, and reporting back to patients. Do public bodies like NHS England think the problems of data handling that others have to deal with aren’t equally present for them?

Or will the various silos continue to act like Gollum, hoarding and hissing “my preciousssss” over bulk personal datasets that don’t actually even belong to them? As this version of the story plays out, it is obsessing over the ring of data that drives Gollum insane…

The lists of care.data ‘pathfinder’ GP practices have now been published. (medConfidential has been asking for these to be made public since October of last year.)

At least now patients in these practices can know that their GPs have volunteered them and their families to be guinea-pigs for care.data ‘Round 3’…

1) Blackburn with Darwen CCG – said they were “ready to start” at the end of June, now delayed until September 2015:

1. Cornerstone Practice, Shadsworth Surgery
2. St George’s Surgery
3. Pringle Street Surgery
4. Brookhouse Medical Centre
5. Darwen Health Link, Darwen Health Centre
6. Montague Practice, Barbara Castle Way Health Centre
7. Spring-Fenisco Healthlink
8. Audley Health Centre
9. Limefield Surgery
10. Hollins Grove Surgery
11. Ewood Medical Centre
12. Brownhill Surgery
13. Dr Hirst Practice, Darwen Health Centre
14. Darwen Healthcare, Darwen Health Centre
15. Primrose Bank Medical Centre
16. Roe Lee Surgery
17. Oakenhurst Surgery, Barbara Castle Way Health Centre
18. Redlam Surgery
19. Little Harwood Health Centre
20. The Waterside Practice
21. The Family Practice, Barbara Castle Way Health Centre
22. Bentham Road Health Centre
23. Shifa Surgery, Bangor Street

2) Somerset CCG – due to start in September 2015:

1. Abbey Manor Medical Practice, Yeovil
2. Beckington Family Practice, Beckington, Frome
3. Blackbrook Surgery, Taunton
4. Brendon Hills Surgery, Washford
5. Bruton Surgery, Bruton
6. Burnham Medical Centre, Burnham-on-Sea
7. Buttercross Health Centre, Somerton
8. Cannington Health Centre, Cannington
9. Cranleigh Gardens Medical Centre, Bridgwater
10. Crewkerne Health Centre, Crewkerne
11. Crown Medical Centre, Taunton
12. Dunster Surgery, Dunster
13. East Quay Medical Centre, Bridgwater
14. Exmoor Medical Centre, Dulverton
15. French Weir Health Centre, Taunton
16. Frome Medical Centre, Frome
17. Glastonbury Health Centre, Glastonbury
18. Glastonbury Surgery, Glastonbury
19. Grove House Surgery, Shepton Mallet
20. Hendford Lodge Medical Centre, Yeovil
21. Highbridge Medical Centre, Highbridge
22. Ilchester Surgery, Ilchester
23. Irnham Lodge Surgery, Minehead
24. Luson Surgery, Wellington
25. Meadows Surgery, Ilminster
26. Mendip Country Practice, Coleford
27. Millbrook Surgery, Castle Cary
28. North Petherton Surgery, North Petherton
29. Park Medical Practice, Shepton Mallet
30. Polden Medical Practice, Edington and Woolavington
31. Porlock Medical Centre, Porlock
32. Preston Grove Medical Centre, Yeovil
33. Quantock Medical Centre, Nether Stowey
34. Quantock Vale Surgery, Bishop’s Lydeard
35. Redgate Medical Centre, Bridgwater
36. Somerset Bridge Medical Centre, Bridgwater
37. Springmead Surgery, Chard
38. St James Medical Centre, Taunton
39. Summervale Surgery, Ilminster
40. Taunton Road Medical Centre, Bridgwater
41. Tawstock Medical Centre, Chard
42. Victoria Park Medical Centre, Taunton
43. Vine Surgery (L85029), Street
44. Vine Surgery (L85060), Street
45. Warwick House Medical Centre, Taunton
46. Wellington Medical Centre, Wellington
47. Wells City Practice, Wells
48. Wells Health Centre, Wells
49. West One Surgery, Crewkerne
50. Westlake Surgery, West Coker
51. Williton Surgery, Williton
52. Wincanton Health Centre, Wincanton

3) West Hampshire CCG – due to start in September 2015:

1. Alma Road Surgery, Romsey
2. Alresford Surgery
3. Andover Health Centre
4. Barton Webb Peploe Partnership, Barton-on-Sea, New Milton
5. Blackthorn Medical Centre, Totton
6. Bursledon Surgery
7. Charlton Hill Practice, Andover
8. Cornerways Medical Centre, Ringwood
9. Fordingbridge Surgery
10. Forest Gate Surgery, Totton
11. Friarsgate Practice, Winchester
12. Fryern Surgery, Chandlers Ford
13. Dr. S J Godfrey & Partners, Totton Health Centre
14. Gratton Surgery, Stockbridge
15. Hedge End Medical Centre
16. Lyndhurst Surgery
17. Park and St Francis Surgery, Chandlers Ford
18. Red and Green Practice, Hythe, Southampton
19. Ringwood Medical Centre
20. Shepherds Spring Medical Centre, Andover
21. St Andrews Surgery, Eastleigh
22. St Mary’s Surgery, Andover
23. St Paul’s Surgery, Winchester
24. Stockbridge Practice
25. Stokewood Surgery, Bishopstoke, Eastleigh
26. Testvale Surgery, Totton
27. Twin Oaks Medical Centre, Bransgore, Christchurch
28. Watercress Medical, Mansfield Park Surgery, Medstead, Alresford
29. Waterfront and Solent Surgery, Totton
30. West End Surgery, West End
31. Whitchurch Surgery

UPDATE 8/7/15: Freedom of Information requests by Dr Neil Bhatia reveal that just 12 GP practices across the three Leeds CCGs have signed up to be ‘pathfinders’:

4) Leeds North CCG – start date unknown:

1. Foundry Lane Surgery
2. North Leeds Medical Practice
3. Oakwood Surgery
4. Oakwood Lane Medical Practice
5. The Avenue Surgery

5) Leeds South and East CCG – start date unknown:

1. Kippax Hall Surgery
2. Windmill Health Centre

6) Leeds West CCG – start date unknown:

1. Burton Croft Surgery
2. Thornton Medical Centre
3. Craven Road Medical Practice
4. Fieldhead Surgery
5. Burley Park Medical Centre

In our last newsletter we said there’d be more news soon. While this isn’t quite what we meant, it is very important indeed.

In the House of Lords last week, it was confirmed that Blackburn with Darwen will be the first care.data pathfinder area. Questions asked in the Commons about exactly when this would be remain unanswered.

From launching in six CCGs, as announced last October, care.data is now down to limping out in just one – and with the summer holidays rapidly approaching, sending out letters that may get mixed up with the pizza leaflets while people are away doesn’t seem all that sensible…

In the same Lords Debate last Monday, the Government confirmed that at least 700,000 patient opt outs have yet to be actioned – which prompted some media attention.

medConfidential will be writing to the Information Commissioner with a substantive complaint covering all of the relevant details and providing documentary evidence which won’t allow NHS England to blame HSCIC (or the ICO itself) for delaying everything for another six months.

The solution was outlined in our last newsletter. This is a solution which the Department of Health could authorise and begin this week if it wished, and which HSCIC could make retroactive from last April (i.e. ensuring that those who have opted out by the time the problem is fixed will no longer have their hospital data from last year sold on to third parties) via the “full-year HES” datasets which replace the ‘interim’ HES releases.

Bottom line: if you have concerns, and you haven’t done so already, our advice on opting out remains unchanged until the Department of Health or Secretary of State announces details.

We have not yet seen the Secretary of State’s ‘Directions on Patient Objections’, which could repeat NHS England’s flawed decisions about care.data, or choose another path – as we discussed in our last newsletter – and which would also satisfy Jeremy Hunt’s promises from 2013 (timecode: 14:20).

HSCIC may only do as it is Directed by NHS England and the Secretary of State / Department of Health, which is one reason why the ICO complaint requires exactly the right footnotes; to highlight the specific decisions and (lack of) responsibilities that have led to this mess.

Be assured, medConfidential is on the case and on top of the detail. Possibly more so than NHS England, it could be said.

To stay informed of progress, please join our mailing list. And don’t forget to spread the word – this affects your friends and family too.

—

medConfidential is a tiny campaign, fighting a huge fight on behalf of every NHS patient. If you can help us, please do.

Every penny received will be spent on averting the most appalling breach of confidence in NHS history and ensuring that in future every flow of patient data into, across and – most importantly – out of the NHS is consensual, safe and transparent.

Today, on International Clinical Trials Day 2015, medConfidential welcomes the National Institute for Health Research’s ‘OK to Ask‘ about research campaign.

As an advocate of research patients, NIHR is enabling its primary mission in a safe way. ‘OK to ask’ is entirely compatible with consent – indeed, that’s what the entire campaign is about: asking.

There need be no conflict between patients being interested and wanting to participate in research, but not wishing their sensitive medical records to be sold. That NHS England is choosing to make this more difficult / conflating secondary uses is a barrier to research, not an enabler.

We can’t let the day pass without also mentioning our friends at AllTrials – campaigning for all past and present clinical trials to be registered and for their full methods and summary results to be reported. Clinical trial transparency is vitally important, and it doesn’t mean publishing individual patient data.

Consensual, safe and transparent. Anything less just doesn’t make sense.

For years, we’ve had credible reports of highly accurate marketing that could only be based on health records. Now reports in the media have revealed “a nice little trade” in your health records – and that’s the Information Commissioner’s description, not ours.

These latest reports reveal two ways in which information about your health may be collected and sold on: from insurance forms you fill in and, in particular instances, from information provided to “the UK’s largest online pharmacy”, Pharmacy2U.

Given the number of people who have contacted us over the past two years about this, it is clear that these are not isolated occurrences. Pharmacy2U may have admitted to selling details to a direct marketing agency on a number of occasions, but it is not the only one.

This trade in people’s personal health information is insidious, and makes it all the more essential that the Government legislates clearly and consistently on the ongoing “commercial re-use” of our medical records.

Senior politicians may say something must be done about these latest incidents, but promises to crack down on dodgy data brokers and those who supply them with data ring hollow while the official trade in NHS patients’ information persists. (We note the promised Regulations under the Care Act 2014 – which should clarify the overly-broad definition,“the promotion of health”, that continues to legitimise commercial re-use of your medical information – were not laid before Parliament was Dissolved for the election.)

medConfidential has submitted a formal complaint to the Information Commissioner on behalf of patients who have contacted us after having been sent direct marketing materials in relation to their specific medical condition, treatment or diagnosis. The Information Commissioner’s Office has already begun an investigation, as has the General Pharmaceutical Council. And, given what the chair of the Health Select Committee has said, we hope Parliament will look into this promptly when it returns.

Your rights; take action

Section 11 of the Data Protection Act provides you with the “right to prevent processing for purposes of direct marketing”. You can issue a notice in writing to a data controller at any time, requiring them to cease – or not begin – using your personal information for marketing.

UPDATE 27/4/15: Given their objection to the way we previously expressed things, we asked Pharmacy2U shareholder EMIS – which has been offering a joint service with Pharmacy2U since trials in 2001 – how a patient might determine, without wasting GP time, if their practice is amongst one of the hundreds that have been using Pharmacy2U to provide postal prescriptions for years. EMIS has replied saying that Pharmacy2U is now an option in all practices that use Electronic Prescription Service Release 2 (EPSR2), and that patients with concerns “should contact Pharmacy2U directly”.

Our advice remains as we state below. If you are unsure whether you’re affected, we hope to have more information in our newsletter due out this Friday.

You may not recall nominating Pharmacy2U at your GP at any point over the last 14 years, but if you do not receive a paper prescription and you have ever received your medicines from a warehouse in Leeds rather than your local pharmacy, then it is likely that you did – and you may wish to take action.

If you are a customer of Pharmacy2U, or if you are concerned that your details may have been sold or passed to third parties by them or any other online pharmacy – or by any company to which you have provided information relating your health – we have created a template Section 11 Notice for you to download, fill in, print and post to the relevant organisation.

For Pharmacy2U only, please add your details where indicated:

• Pharmacy2U Section 11 Notice – MS Word (.doc) version / Rich Text (.rtf) alternate

For other companies, including insurance companies, please fill in the relevant details where indicated:

• Generic Section 11 Notice – MS Word (.doc) version / Rich Text (.rtf) alternate

You will note that our Section 11 Notice letter ends with a request for information about disclosures of your information for purposes other than marketing. This is because you have a further right, under Section 10 of the Data Protection Act – the “right to prevent processing”, if such processing would cause you “unwarranted and substantial damage or distress”.

At this point it is not absolutely clear whether Pharmacy2U or other companies have disclosed your information for purposes other than marketing; the wording of various Terms and Conditions suggests that they might. Our template letter therefore requests that the company tells you with whom it has already shared your information, and for what reason.

By sending our Section 11 Notice letter first, you should be told exactly what the company has done with your information. You can then follow up with a Section 10 Notice [1] on the basis of what you find out. Were you to send a Section 10 Notice straight away, the company should comply with your wishes – but you might not find out what has already been done with your information.

We would hope that companies will come clean, and take the opportunity to reassure those whose details they haven’t sold that their information has been kept confidential. If for any reason a company refuses to provide this information, please let us know.

medConfidential believes people should always know who has had access to their health-related information, and what it has been used for. As we have said to the Information Commissioner, you simply cannot trust an organisation that buries your consent options and which isn’t completely up front about what it has done or will do with your most sensitive personal information.

—

1) For your convenience, here is a template Section 10 Notice for you to download, fill in, print and post to the relevant organisation. If you are concerned to know what has been done with your information, we recommend you send this only after receiving a response to your Section 11 Notice.

For Pharmacy2U, please add your details where indicated:

• Pharmacy2U Section 10 Notice – MS Word (.doc) version / Rich Text (.rtf) alternate

For other companies, including insurance companies, please fill in the relevant details where indicated:

• Generic Section 10 Notice – MS Word (.doc) version / Rich Text (.rtf) alternate

—

UPDATE 20/4/15: We were contacted late on Friday by Pharmacy2U’s PR representative, who stated Pharmacy2U “has not sold information relating to patients’ medical conditions. Names and postal addresses only were provided.”

The PR firm provided the following statement, which we publish in full:

“We want to reassure our customers that Pharmacy2U does not and has never sold information relating to patients’ medical conditions to anyone.

Between November 2014 and December 2014, we trialled a small-scale project with Alchemy Direct Media (UK) Ltd, a data handling company registered with the Information Commissioner’s Office (ICO). 

This project involved us selling limited information – some customers’ names and postal addresses only – for use in selected marketing activity. No medical information, emails or telephone numbers were sold. In conducting this trial project, we acted in line with current data protection and ICO guidelines.

The sale of customer data for marketing purposes is a widespread practice within business and also government. However, in light of public concern about this issue we have decided not to continue with this trial and we can reassure our customers that Pharmacy2U will no longer share customer data for use in third party marketing. All data that was held by Alchemy Direct Media (UK) Ltd has been destroyed by them and is no longer available for use.

We have asked the Information Commissioner’s Office to work with us to review our privacy policy and have also contacted the General Pharmaceutical Council, our industry regulator, and the NHS, to discuss this matter. We await their follow-up report.”