Category Archives: News

Refuting NHS England’s response to Guardian story “NHS patient data to be made available for sale”

When medConfidential refutes something, we provide proof or evidence. We don’t use weasel words or mere assertion, we provide you the links to check out for yourself that what we say is correct.

Following the front page story in the Guardian today, NHS patient data to be made available for sale to drug and insurance firms, NHS England have posted a terse but incredibly carefully-worded response on their website.

In it, NHS England’s Chief Data Officer, Dr Geraint Lewis says:

“It is vital, however, that this debate is based on facts, and that the complexities of how we handle different types of data are properly understood. Patients and their carers should know that no data will be made available for the purposes of selling or administering any kind of insurance and that the NHS and the HSCIC never profit from providing data to outside organisations.”

You will note that Dr Lewis has not – because he cannot – refute the fact that insurers will be able to get hold of patient information extracted by the care.data scheme. And there are plenty of ways an insurer could profit from care.data without “selling or administering” insurance – tuning its premiums, for instance.

NHS England’s own ongoing application to the Health and Social Care Information Centre (HSCIC) to massively expand the uses and users of care.data makes it quite clear that “Examples of additional customer organisations may include:

  • Universities and other academic research organisations
  • Commercial companies
  • Think-tanks
  • Medical charities
  • Medical Royal Colleges
  • Information intermediaries

And the Information Governance assessment of this ‘care.data addendum’ quite clearly states, at the bottom of page 5:

“Access to such data can stimulate ground-breaking research, generate employment in the nation’s biotechnology industry, and enable insurance companies to accurately calculate actuarial risk so as to offer fair premiums to its customers.”

(We’ll leave it up to you to decide how “fair” the insurance companies are likely to be.)

And to Dr Lewis’ point about the NHS and HSCIC ‘not profiting’ from providing our data to companies outside the NHS, we can only say… why then do you publish a price list for accessing our medical information?

NHS England and HSCIC can call it ‘cost recovery’ or whatever they like; sophistry seems to be their standard approach. But most normal people’s understanding of the word ‘sell’ involves money changing hands in a transaction, which is clearly what’s happening here.

Whatever the value these extremely powerful bodies are putting on our medical information – and in this case it’s clearly not much – this is not the sort of behaviour that patients expect of the people and institutions that should be guardians of our data. Not by a long way.

PRESS RELEASE: Research organisations promote medical record data grab

Patient privacy campaign medConfidential [1] today strongly criticised the launch of a media campaign by 42 research organisations and medical charities [2] promoting NHS England’s new care.data scheme [3].

The advertising campaign, funded by organisations some of which have lobbied to access information held in patients’ medical records [4], uses blatant appeal to emotion to encourage people not to opt out of having confidential medical details from their GP record uploaded to central servers in identifiable form.

Information provided on the campaign website [5] focuses on research uses but makes only passing mention of other ‘secondary uses’ to which people’s medical information may be put and the non-medical, non-research organisations outside the NHS which will also be given access [6].

Evidence consistently shows that while many may be quite happy for their personal health information to be used for medical research with their permission, around a quarter of people are not [7] – with concerns ranging from disclosure and misuse to fraud, discrimination, breaching rights, commercial use, inaccuracy and private information becoming known to friends, family or acquaintances.

Phil Booth, coordinator of medConfidential, said:

“Promoting a scheme that is based on dodgy ‘presumed’ consent is bad enough, but trying to convince people not to protect their family’s medical confidentiality using such overtly manipulative imagery borders on unethical. The money would have been better spent building ways for people to express a positive choice to participate in research.

“The Wellcome Trust’s and MRC’s own studies show that around a quarter of the population don’t want their sensitive health details being shared, even for medical research. And this is their absolute right. So if opt out rates turn out significantly lower than 25% this Spring, it won’t be an indication of success. It’ll point more to a massive whitewash.”

Notes for editors

1) medConfidential campaigns for patient privacy, confidentiality and consent in health and social care. It was founded in January 2013 in response to the imminent and serious threat posed by radical changes in the way patient health information is to be collected and passed on. medConfidential is an independent, non-partisan organisation working with patients and medics, service users and care professionals to defend and enhance confidentiality across health and social care: www.medconfidential.org

2) The campaign website is at www.patientrecords.org.uk

3) The care.data scheme will begin uploading confidential medical information in identifiable form from the GP record of every man, woman and child in England from Spring 2014. For more information on the scheme, see http://care-data.info – written by Hampshire GP, Dr Neil Bhatia, this site provides a more comprehensive description than is provided by NHS England at www.nhs.uk/caredata

4) From ‘care.data Addendum papers’, September 2013:

“Although the care.data Customer Requirement Summary [March 2013] makes reference to data for research purposes, it was subsequently clarified by NHS England, and confirmed to the GPES Independent Advisory Group, that the research community was not included at that time.

In the meantime, NHS England and the HSCIC have been approached by a number of organisations that use the HSCIC’s Hospital Episode Statistics (HES) managed extract service to express their disappointment that the original submission only requested access to the data for commissioners. These organisations include Diabetes UK, the Nuffield Trust, Cancer Research UK, University Hospitals Birmingham NHS Foundation Trust, Caspe Healthcare Knowledge Systems (CHKS), the National Cancer Registration Service, and Arthritis Research UK.

Therefore, this addendum requests that access now be granted by the HSCIC to a wider audience, including researchers, on a case by case basis.”

5) The campaign website unfortunately repeats the assertion, also made in the junk mail leaflet currently being sent out by NHS England that “you will need to speak to your GP” to opt out. This is potentially misleading. Patients do not have to speak with their GP and they most certainly do not need to book an appointment. If they are concerned in any way for the confidentiality of their and their family’s medical records, people can simply write to their doctor or drop a form such as the one provided here: www.medconfidential.org/how-to-opt-out/ into their GP practice, instructing their doctor to opt them out.

4) From ‘care.data Addendum papers’, September 2013:

“Examples of additional customer organisations may include:
• Universities and other academic research organisations
• Commercial companies
• Think-tanks
• Medical charities
• Medical Royal Colleges
• Information intermediaries”

And NHS England has already, e.g. received Section 251 exemption to pass identifiable patient data around a range of bodies at national and local level, for commissioning and other purposes not to do with patients’ medical care.

5) Studies such as the Wellcome Trust Monitor, 2009 & 2012 – see table on p119 of Wave 1 study: http://www.wellcome.ac.uk/stellent/groups/corporatesite/@msh_grants/documents/web_document/wtp040713.pdf which shows that 28% of people are concerned (and a further 10% may be concerned) about allowing access to their medical records for medical research.

This figure is reflected in MRC’s ‘The Use of Personal Health Information in Medical Research’ report, 2007:

“The most common reason for being unlikely or certain not to allow personal health information to be used for medical research purposes is concern over privacy (28%). Other common concerns focus on potential abuse and loss of control. Around one in ten are anxious about such information ‘falling into the wrong hands’ (13%), and similarly over the perception that individuals can not control who uses their information (13%), or for what purpose (12%).”

– page 8, http://www.mrc.ac.uk/Utilities/Documentrecord/index.htm?d=MRC003810, see also pie chart on page 40 which indicates that 25% are unlikely to allow their personal health information to be used for the purposes of medical research. Table on page 38 lists perceived ‘Disadvantages of Collecting Personal Health Information’.

For further information or for immediate or future interview, please contact Phil Booth, coordinator of medConfidential, on 07974 230 839 or phil@medconfidential.org

– ends –

Better information means better care leaflet

Goodness only knows how NHS England’s new junk mail leaflet, Better information means better care (2MB PDF) got its plain English Crystal Mark. It is one of the most disingenuous pieces of literature in the history of the NHS, full of ambiguity and misdirection – surpassed only perhaps its predecessor leaflet, How information about you helps us to provide better care (343KB PDF).

What these leaflets are talking about is care.data, a new scheme that will extract confidential medical information from the GP-held records of every man woman and child in England.

If you want to know more about care.data right now, you can read Hampshire GP, Dr Neil Bhatia’s comprehensive explanation at www.care-data.info or check out how care.data came about in our section called ‘What’s the story?’

The newer junk mail leaflet, which is being pushed through letterboxes across England throughout January 2014, is designed to make you think nothing extraordinary is going on. It is. The leaflet, which many patients may never actually see, is a study in evasion and omission, failing to mention rather significant pieces of information like the name of the scheme itself – ‘caredata’ appears just once in the leaflet as part of a URL at the bottom of the last page; it doesn’t appear at all in the first leaflet – and, more crucially, the new leaflet doesn’t contain an opt out form.

That’s because this is about consent. Or rather it’s about manufacturing consent.

For if you don’t act and opt out of care.data in the next 8 weeks, confidential information from your and your family’s medical records will be uploaded, and once it leaves their systems your GP will have no say in what is done with it. It will be presumed that you have consented for this to happen, and for your medical records to be passed on to companies and organisations outside the NHS – all on the basis of a leaflet which you may not even have received, noticed, read or understood.

After all, it’s being sent as junk mail, not to you directly as a patient.

But if you did get a leaflet, got the sense you’re not comfortable with the rather vague information you are being given and decide it would probably be safer to opt out – it is – you are instructed to… “speak to your GP practice”. Wrong! You don’t have to speak to your GP, and you certainly don’t have to book an appointment – you can opt out of care.data via letter or send in a form, copies of which we provide.

NHS England’s leaflet campaign is a deliberate and shameful attempt to make it as awkward for you to opt out as it can. And if this is how they are (begrudgingly) going about ‘informing’ the public about care.data, can the scheme really be trusted? If it can, then what have they got to hide?

care.data: the creep begins

If there were ever any doubts that NHS England’s first care.data upload, planned for next March, is anything more than a toe in the door, recent developments should quash them. Speaking at the BCS Primary Health Care Specialist Group’s annual conference a couple of weeks ago, Geraint Lewis (Chief Data Officer at NHS England) said that the current data spec would not yield enough information to be of use to researchers. In other words, it’s going to need some significant expansion.

And now, recently-published minutes of the Information Advisory Group (IAG) show that before the programme has even started, the Health and Social Care Information Centre has already been back for more. In an addendum to the first care.data request, they have sought to expand the range of agencies with access to ‘potentially identifiable’ patient data. Currently this data is available to commissioning bodies. HSCIC now wants to include ‘research bodies, information intermediaries, companies, charities’… oh, and ‘others.

The IGA that accompanies the application provides the following caveat:

This information governance assessment of the addendum is not classified in the summary sheet as either identifying or non-identifying because no assessment is made, or can reliably be made, of all of the possible additional disclosures of data to the wide variety of recipients that could result from this proposal

Ah, so this is all a bit of a shot in the dark then.

The HSCIC’s application, which can be seen here, further suggests that they could avoid troubling the IAG further by in future deciding for themselves on a case-by-case basis who can have access.

The IAG has firmly knocked back the application and sent the HSCIC away to think about it. It’s worth reading the IAG minutes in full because underneath the specific issue of the care.data addendum, the small nuances in the wording reveal a welter of problems and irritations.

Don’t take our word for it!

On the pages of this site you’ll find information about the planned extraction of medical records from GP surgeries. In particular we recommend that you read the whole of ‘What’s the Story?’ and follow up the links that we provide. All of these are to reputable sources, and mainly to NHS England’s own documents or those of their new Health and Social Care Information Centre.

Our aim has been to bring together the facts so that the public can understand what’s going on, and journalists can ensure that everything they write is based on the available evidence. We hope to save everyone the research leg-work that would otherwise be necessary in order to understand a dauntingly complex story.

Politicians and NHS England have repeatedly stressed that all patient information will be anonymised. Recently one or two journalists have been quick to pick up on this mantra. But if you read ‘What’s the Story?’ you will see that this is not true. What they really mean is that patient data will be anonymised unless there is a legal exemption that allows the use of identifiable information. NHS England has obtained just such an exemption.

But don’t simply take our word for it. Please take a bit of time to read the detailed information and if you think it isn’t accurate, let us know and send us all relevant links so that we can correct it where necessary.

If you’re new to this whole issue, there is a simplified FAQ sheet here but note that this doesn’t contain any links.

Open letter to HSCIC: do you charge to release identifiable data or not?

What exactly is going on at the NHS Health and Social Care Information Centre (HSCIC)? A story in the Guardian last Saturday, ‘£140 could buy private firms data on NHS patients’, seems to have prompted some edits to the HSCIC website. The page for the HSCIC’s Data Access Advisory Group (DAAG) used to say, for example:

The Data Access Advisory Group (DAAG) is an independent group hosted by the Health and Social Care Information Centre which considers applications for sensitive or identifiable data. – our emphasis, source: Google web cache from 11 May 2013

But the current DAAG page on the HSCIC website – which, according to the page metadata meta name=”DC.date.modified” content=”2013-05-21T16:59:14+01:00″ scheme=”W3CDTF”, was modified at 4:59pm on Tuesday 21 May – four days after the publication of the Guardian article – to read simply:

The Data Access Advisory Group (DAAG) is an independent group hosted by the Health and Social Care Information Centre that considers applications for sensitive data.

Other pages have also been changed in recent weeks, such as the one about the HSCIC’s Bespoke data extract services. The top section of this page currently reads:

What is the data extract service?

Customers can order bespoke patient-level extracts or tabulations of health and social care data.

The data we supply is normally anonymised or de-identified. We only provide identifiable data when there is a lawful basis to do so e.g. with patient consent, a statutory gateway or with s251 support.

This data can only be made available to those who meet HSCIC’s robust Information Governance standards to protect and control how data is managed.

We oblige anyone who is eligible and whom we agree to supply with data to enter into a Data Sharing Agreement. These Agreements regulate how the data is shared and used and also detail storage security requirements and restrictions on onward sharing or publication of this data. We also reserve the right to audit adherence to the Agreement. The Data Sharing Agreement specifically prevents customers from attempting to link data and re-identify individuals.

You can find out more about our services for researchers, including how we are working with the Clinical Practice Research Datalink (CPRD), in the Data Linkage Research section of this website.

As compared to what it said on 7 April 2013 [web.archive.org snapshot]:

What is the data extract service?

Organisations can order bespoke patient-level extracts or tabulations of health and social care data.

Data will be provided in a de-identified form and we will only provide identifiable data where there is a legal basis on which to do so e.g. the patient has consented. Researchers can access this service via the Clinical Practice Research Datalink (CPRD)

or on 20 March [web.archive.org snapshot]:

What is the data extract service?

Researchers and organisations can order bespoke patient-level extracts or tabulations of health and social care data.

And on all of these pages, if you scroll down a bit further, you come to a link that says: “How do I apply for access to sensitive or identifiable data?” The clear implication being that one can apply for access to identifiable data.

As far as medConfidential understands, HSCIC does provide identifiable patient data to third parties and that – on top of any other fees it may levy – it charges (or has charged) an additional £140 processing fee for doing so. This seems like peanuts for access to identifiable data on individual patients, whatever procedures someone has to jump through to get it. And with the Commissioning Board (‘NHS England’) applying for blanket Section 251 exemption to pass around identifiable data amongst a whole range of commissioning bodies medConfidential believes patients have every right to be concerned that what may up until now have been relatively constained amounts of identifiable data leaving HSCIC may be about to become a flood.

In the interests of fairness and transparency, we decided to write to the folks at HSCIC so they can explain what’s going on. Here’s the text of our letter:

To: Dr Mark Davies, Director of Clinical and Public Assurance & Chair of Data Access Advisory Group, NHS Health & Social Care Information Centre

24 May 2013

Release of identifiable patient data from HSCIC

Dear Dr Davies,

We are writing to you regarding the circumstances in which HSCIC provides patient data in identifiable form to third parties. It appears that the HSCIC website may have contained some errors and, while we are aware that things are still adapting post-April 1st, we would like to clarify some details of the procedures around the release of patient identifiable data.

We have, of course, read the DAAG Terms of Reference and other information published on the website. We understand that HSCIC does receive patient data in identifiable form from a variety of sources and that HSCIC does provide patient data in identifiable form to third parties – not least because the HSCIC website lists three instances in which it provides patient data in identifiable form: where there is “patient consent, a statutory gateway or with s251 support.”

We therefore ask:

1) Other than by patient consent, a statutory gateway, or Section 251, what are the lawful bases on which HSCIC will provide patient data to any third party in identifiable form? “Where there is a lawful basis to do so” is broad and non-specific; what we would like is a specific and comprehensive list, something that a member of the general public could understand.

2) If a person or organisation has a lawful basis for requesting identifiable data and they satisfy the DAAG’s requirements as regards information governance and the particular request for data, is it the case that the DAAG will approve the provision of identifiable data from HSCIC? If this is not the case, who is the Senior Responsible Officer for such a release and what is the process by which they make that decision?

3) Can you confirm that HSCIC charges all third parties a fee for the provision of data in identifiable form? If there are circumstances in which this fee would be waived, please would you list them.

If any of these questions are not clear, please contact us on coordinator@medconfidential.org

Thank you for your attention. We look forward to hearing from you in due course.

Your sincerely,

Phil Booth and Terri Dowty, medConfidential

medConfidential launch and the Secretary of State

medConfidential launched on Wednesday with a highly successful conference event, after working for nearly two months behind the scenes. We’ve now published audio and video.

This morning the Secretary of State for Health responded to the Caldicott report, confirming that there would be a patient opt-out on the sharing of health data, the details of which have yet to be finalised.

Continue reading

YOUR HEALTH: YOUR RECORDS, YOUR CHOICE – medConfidential launch conference

Audio, presentations and coverage of medConfidential’s inaugural conference held on 24th April 2013. Thanks to everyone who came, especially to all our speakers and hard-working volunteers who helped ensure everything ran smoothly.

Sessions and speeches as per the programme:

An overview of current policy including the General Practice Extraction Service (GPES); online access to medical records; the single care plan; the ingredients of valid consent – Phil Booth and Terri Dowty, joint coordinators of medConfidential

Phil Booth – audio (MP3) |presentation (.ppt)
Terri Dowty – audio (MP3) |presentation (.ppt)

Online patient records: safety and privacy – Ross Anderson, Professor of Security Engineering at the University of Cambridge Computer Laboratory

Ross Anderson – audio (MP3) |presentation (.pptx)

The next step: Linking medical records, DNA and genetic information – Dr Helen Wallace, Director of Genewatch UK

Helen Wallace – audio (MP3) |presentation (.pptx)

NHS Confidentially and Patient Advice – Helen Wilkinson, Coordinator of TheBigOptOut Patient Advice Line

Helen Wilkinson – audio (MP3)

Our right to medical privacy – Shami Chakrabarti, Director of Liberty

Shami Chakrabarti – audio (MP3)

Plenary: feedback from workshops

Sue White, Ross Anderson, Ian Brown and Phil Booth – audio (MP3)

The workshops covered:

(1) The single care plan for children and its extension to adults – Sue White, Professor of Social Work (Children and Families) at Birmingham University + Terri Dowty

(2) The GP Extraction System and patient confidentiality – Dr John Cormack, GP and Professor Ross Anderson

(3) Keeping data safe and why ‘anonymisation’ isn’t the answer – Dr Ian Brown, Associate Director (Cyber Security Centre) and Senior Research Fellow of the Oxford Internet Institute + Sam Smith, Privacy International

(4) A brainstorming session to assess the potential risks for each sector and steps forward – Phil Booth

Online coverage of the conference, including some video:

Liveblog of the conference on Light Blue Touchpaper

Report by Shibley Rahman on the Socialist Healthcare Association’s website (3 videos)

A ‘hat-trick’ from TechEye.net:
UK’s ‘anonymous’ health records are wide open
Your genetic make up to be stored, without consent, for profit
Shami Chakrabarti lends support to new health privacy campaign

 

 

PRESS RELEASE: Unprecedented health data grab; kids to be tagged for life by NHS number

In response to the Department of Health’s “pledge to reduce child mortality” [1] Phil Booth, Coordinator of campaign group medConfidential [2] said:

“Our children’s health is of concern to us all, but behind the Department of Health’s latest policy statement lies a far more disturbing bureaucratic programme.

“What its proposal boils down to is the creation of a government-led “intelligence network” on children; a lifelong data trail where children – tagged at birth by their NHS number – are processed by a system designed to make their most sensitive personal health details available to a whole range of people and agencies for multiple, unspecified “secondary uses”.

“Presented as a measure to protect children, in reality this is an extraordinary and unprecedented data-grab. While the NHS Commissioning Board prepares to begin uploading patient records from GP practices, the Department of Health is clearly coming for your kids’. Yet again children are to be used as the trojan horse to introduce an otherwise unpalatable agenda. This is the first step in a planned programme that will see the elimination of medical confidentiality for the entire population.”

– ENDS –

Notes for editors:

1) The ‘pledge’ and full report, ‘Improving Children and Young People’s Health Outcomes: a system wide response’, is published here.

2) medConfidential is a new public campaign fighting for confidentiality and consent in health and social care. It was founded in January 2013 by several existing organisations – Privacy International, Big Brother Watch, NO2ID, FIPR and TheBigOptOut – in direct response to the imminent and serious threat posed by radical changes in the way the Department of Health collects and passes on patient health information from NHS health record systems. MedConfidential is an independent, non-partisan organisation working with patients and medics, service users and care professionals to defend and enhance confidentiality across the health and social care arena.

For further information or for immediate or future interview, please contact Phil Booth, medConfidential Coordinator, on 07974 230 839 or phil@medconfidential.org