NICOLE KOBIE
The government has once again put its NHS data plans onto life support by ignoring the most obvious warning signs
The government has once again put its NHS data plans onto life support by ignoring the most obvious warning signs.
Health data, properly collected and gathered in a central database, could be used to better manage treatment, uncover key findings about what works and what doesn’t, and improve the NHS. But every time the government attempts to pull off this feat, it fails.
This time around, it’s come up with a project called General Practice Data for Planning and Research, giving us the horribly confusing abbreviation GPDPR. But no one is calling it that anyway: the headlines have instead declared it the “GP data grab”, which is much catchier but rather less useful for marketing the project.
If GPDPR had gone ahead, and it still may, it would have seen your medical records from your GP hoovered up into a central repository to be used for research. That includes your medical history – medications, symptoms, GP observations – as well as key demographic data, such as gender, sexual orientation and ethnicity. Your name, address and other identifying details would be wiped, but it’s long been established that anonymised information can be de-anonymised pretty easily.
That collection of data would then be used by the NHS to plan services, by the Department of Health to create policy and by Public Health England to monitor and intervene. NHS Digital has said it could also be used by third parties for research, pointing to the use of patient data for the development of Covid-19 treatments by the University of Oxford.
That all sounds above board, you may think. But there are fears that the data could be made available to companies working in the sector, stoked by the government’s weirdly secretive and rushed rollout of these plans. Indeed, it was possible to opt out, but you had to do it by 23 June – if this is the first you’re hearing about the plans, that may be rather alarming, but don’t panic because pressure from activists has pushed things back to September.
None of this is new. In 2013, the government introduced the “care. data” scheme. The aim was… to pull together anonymised data from GPs into a central database, to be accessed by researchers, NHS managers and government policy planners, and also third-party organisations that could include private companies.
As with GPDPR, the plans were criticised on privacy grounds, as there’s really no such thing as truly anonymous health data, as well as the potential for profitseeking companies to access the information. Additionally, just like this time around, the rollout of care. data was slammed for the difficulty in opting out and the failure to fully inform patients, as well as concerns about data breaches. The project was halted in 2014 and ditched in 2016.
It’s almost as though the government doesn’t learn. Any collection and mass storing of health care data must be trustworthy. That means any such programme needs to be clearly explained to patients, with access to the data carefully controlled and limited. Rather than rushing a rollout through in the hope that few people notice, it should be slowly introduced with an easy opt-out system. In short, the government needs to learn the value of honesty, transparency and trust. You will excuse me if I don’t hold my breath on that one.
There is hope, though. In February, the government commissioned a review into health data for research, led by Ben Goldacre, a physician and health informatics researcher who you may know from his popular and prescient books, notably Bad Science.
If the government decides to start listening to data-savvy health researchers such as him, perhaps they will be more likely to get it right in the future. Again, I won’t hold my breath: it went forward with GPDPR before waiting for the results of his research.
This is all a dire shame, as it’s unquestionable that giving NHS management access to such data to improve services would be a boon for patients and budgets, and that letting researchers look at the data could save lives. And Brits are generally fine with both use cases – 96% are keen on sharing for patient care, and three quarters for medical research – but a survey by Imperial College from 2018 showed that 95% of people don’t want to share their medical data with companies, which is a problem because plenty of good, useful medical research comes out of industry.
We let social media have our data in exchange for bland amusement. We let Google gather up all it can in the name of convenience and free online services. We should let the NHS use our data to save lives and improve health services – but as long as the government behaves like Silicon Valley by making opting out difficult and refusing transparency in data use, it shouldn’t be surprised we don’t want to play along. Until trust is put at the centre of healthcare data systems, such data grabs will continue to fail – and medical research will continue to suffer for it.
The government needs to learn the value of honesty, transparency and trust. You will excuse me if I don’t hold my breath on that one