NHS data grab betraying confidence?

Review by Steven Fouch CMF Head of Communications

Data is the new gold - the most valuable commodity in the digital world, and the NHS holds a vast amount of this asset. Data about almost every British resident's medical history, demographics, and healthcare interactions. This information is estimated to be worth nearly £10 billion, according to Ernst & Young. [1]

In May, the Health Secretary issued a legal direction to every GP in England to upload their patient records to a central database. [2] The plan was for this data to be made available to private companies and research bodies, albeit 'pseudo-anonymised'. But the campaign group openDemocracy, fearing this would breach GDPR, issued a legal challenge in June. [3]

Only at this point did most of us become aware of what some called the 'NHS patient data grab', [4] or more officially, the General Practice Data for Planning and Research scheme (GPDPR). [5] The subsequent outrage from patient groups, Royal Colleges, and others caused the implementation date to be pushed back from 1 July to 1 September. That date has now been postponed indefinitely, as over a million people living in England have opted out. The government is now about to go into an extended consultation process with all those involved. [6]

Data mining of patient records is nothing new - in fact, it goes on all the time. It is invaluable in medical research and health service planning. [7] Even then, it remains controversial, despite access being restricted and anonymised. [8], [9] GPDPR would have centralised data in a way that is useful but would have arguably weakened the link between patient and GP.

The principle of confidentiality is central to all healthcare. Patients share the most intimate details of their lives with health professionals, especially GPs. And we do so on the understanding that it will only be used for the purposes of our care and treatment. This widely shared value is also profoundly biblical. As the Scriptures remind us, we are not to 'betray another's confidence'. (Proverbs 25:9-10)

The marketability of our personal data drives commerce, social media and most of the Internet. We should be wise in how we approach utilising this data. Trust is essential, and the lack of consultation, transparency, and public awareness of the implementation of GPDPR has dented that trust. This is another area where we will need to maintain vigilance in the coming years.

More from triple helix: Autumn 2021

references (accessed 3/9/2021)
1. Hughes O. NHS data worth £9.6bn per year, says Ernst & Young. Digitahealth. 24 July 2019. bit.ly/3hAcfBQ
2. Vallance C. Patient data transfer still set to start in July. BBC News Online, 4 June 2021, bbc.in/3yFwX9q
3. Molloy C. Legal threat sharpens over UK government plans to harvest patient data from GP. Open Democracy, 4 June 20201. bit.ly/3mZEj5l
4. Jayanetti C. NHS data grab on hold as millions opt out. The Observer. 22 August 2021. bit.ly/3mY9a22
5. General Practice Data for Planning and Research: NHS Digital Transparency Notice. NHS Digital, May 2021. bit.ly/3EW5Jj6
6. Op Cit: Jayanetti 2021
7. Murgia M and Harlow M. NHS shares English hospital data with dozens of companies. Financial Times, 27 July 2021. on.ft.com/2WVmV73
8. Cheung S. Disambiguating the benefits and risks from public health data in the digital economy. Big Data & Society. 18 June 2020. doi.org/10.1177/2053951720933924
9. Goldacre B and MacKenna B. The NHS deserves better use of hospital medicines data. BMJ, 2020; 370, doi.org/10.1136/bmj.m2607