What’s the story?

medConfidential was founded in early 2013, in response to changes introduced in the Health and Social Care Act 2012 that appeared to set up a massive GP data grab.

care.data, 2013-2016: In early 2014, NHS England sent a junk mail leaflet to not-quite-every household, saying their GP records would be taken for a bunch of purposes that were unclear, and that they could opt out. The leaflet didn’t tell them how they could opt out, which was via a single-page form to their GP. The admission that data would be taken even if people had opted out, and the sale of data to insurers meant the programme was first paused, then stopped, then scrapped, after massive public outcry.  (read more)

Health data, AI, and Google DeepMind, 2016 – 2023: We provide a chronology of what happened when Google DeepMind and the Royal Free Hospital in London signed a deal to secretly copy 1.6 million NHS patients’ medical records, and allow them to be fed to a DeepMind AI.  (read more)

GP Data (for Planning and Research), 2021 – present: In May 2021, NHS England told NHS Digital and GPs to put a notice on their website saying that every patient’s GP record would be taken for purposes unclear, and that people could opt out. Amongst other unforced errors, it provided incomplete instructions for the three different steps families with children were forced to take, and a ‘fact check’ for the programme was withdrawn after being found to be misleading.  (read more)

As you will see from our Proposals, and from our archived Media Coverage, medConfidential does a lot more than just combat data grabs; our goal is to ensure every use of patients’ and service users’ data is consensual, safe and transparent.

Where we are in 2024

Two massive GP data programmes have failedGP data (‘GPDPR’) in 2021, following care.data in 2014.

They will try again… not least because too many institutions think the rules should only apply to others.

While the National Data Opt-out covers both Research and Planning – indeed, it covers every use that is not for a person’s direct care – having boiled the public promise down to these two words, even those who do research or who do planning think the rules shouldn’t apply to them.

The public does not care about the reasons why a programme is terrible; people look at the end result. And thankfully, because it was fought for and won, they still have the choice to say no to data projects that they do not wish to be involved in.

The way forward is quite simple: tell people the truth, do what you say you will do, and show that you’ve done it.

Because if you lie or hide things, it will fall apart.

The main hope of the generalist civil servants involved is that things will only go wrong once they’ve moved on to a new job. Some residual integrity and honesty does sometimes require them to tell some Departments no – and even to mean it, and to stick to it as well. But it is precisely through this culture around failure that many more civil service-led data projects will fail, because the HIPPOs pay no regard to what others think, beyond support for their own narrow goals.

Across Government – and across all too many big tech / consulting firms – the idea of delegation to trusted, competent specialists is beyond the sphere of comprehension of time-served generalists who cannot conceive of any other way to support a service beyond dashboards, AIs, and eternal demands for yet more data – while they test 41 different shades of blue…

In 2024, a new Government and NHS England continues to exclude the views of those who might point out problems, having promoted the chap who wrote the catastrophic briefing for Ministers that dug them in deeper. Thus far, since the pause, we’ve seen no reason to expect ‘care.data version 3’ will be consensual, safe and transparent – and so we have little reason to expect it will go better than version 1 or version 2.

Work continues…