The NHS holds over 67 million files across GP surgeries that contain patient medical records, detailing all appointments, diagnoses and treatments. This private, personal information is what’s at the heart of the latest change within the UK’s healthcare system.
The New NHS Digital Data Grab
NHS Digital, the body overseeing data use within the NHS, has developed a new scheme: General Practice Data for Planning and Research. This essentially involves all GP practice records for every individual in England to be uploaded to the NHS Digital’s own central database.
This was originally set so that from July 1st 2021, the records from GP practices for all NHS patients across England will be uploaded to the NHS Digital-owned central database. This meant that patients had until the 23rd June 2021 to opt out this new data sharing scheme. The short deadline and lack of publicity was received with much criticism and has now been pushed back to 1st September 2021.
“To provide more time to speak with patients, doctors, health charities and others, the collection of GP data for Planning and Research in England has been deferred from 1 July to 1 September 2021”.
It’s unlikely that all that many people have heard of this latest initiative, much less understand what’s involved. All patients in England will have their medical records uploaded to the central database unless they opt out.
If you’re happy to proceed – or simply fail to opt out – some or all of your confidential information can be shared with organisations that request it, for instance in an attempt to plan improvements for the NHS or in the name of medical research.
This scheme has been given a thumbs up by Professor Chris Whitty, the Government’s chief medical officer. However, some doctors have voiced concerns over the rate at which this initiative has been rushed out and how it could affect patient trust in their GPs, who will be legally required to upload patient information to NHS Digital.
The time extension to 1st September should allow for greater publicity to educate the public, though whether this happens remains to be seen.
It’s Nothing New
Of course, data sharing is nothing new. Within the NHS, confidential patient information has been shared for over 30 years. All data, such as from routine testing or planned surgery, is collected by NHS Digital. It’s believed that each year NHS Digital collates approximately 16 million ‘episodes of care’, which can include the likes of the patient’s name, sex, medical issues and home address.
This data is then available for ‘interested parties’, like other NHS bodies, data analysis, universities and even commercial companies. However, safeguards are stipulated to ensure patients are unable to be personally identified. Data requests from these interested parties are subject to a fee for processing the information.
The General Practice Research Database is another that holds records, with around 5 million anonymised files being held for people across the UK since its inception in 1987. This is run by the MHRA to gather data from around 480 GP practices before passing data onto the likes of governmental departments, charities, universities and drug companies in the name of research. The MHRA claims to make no money from this initiative, though GPs get a one-off 10p fee per patient whose records are shared.
In comparison, the new initiative starting now starting on 1st September 2021 takes things up a notch by including every individual in England, both adults and children. This is a much grander scale of data harvesting.
The Benefits of Sharing Data
Apparently, the health records in Britain are so thorough that they’re considered to be among the best records worldwide. NHS Digital’s records indicate that 4,660 ‘batches of patient data’ were released in April 2021. The data harvested is thought to be imperative for improving NHS services and making them more efficient.
- The General Practice Research Database has proven vital for various breakthroughs. For instance, data used in 2004 led to a study to prove the MMR vaccine didn’t cause autism.
- In 2008 the database was pivotal in confirming Cox-2 inhibitor painkillers used for arthritis increase the risk of strokes and heart attacks, enabling new use guidance to be developed.
- Covid-related data was also stored and used at the start of the pandemic to ascertain which individuals should shield.
- AstraZeneca was previously provided with patient data concerning heart disease rates. In this sort of example, a ‘research purpose’ belies the request, though commercial interest could be the driver and the pharmaceutical industry is then getting the data incredibly cheaply.
NHS Digital make assurances that data and its release is ‘very secure’. Those requesting data must jump through hoops to ensure there’s a ‘legitimate’ need.
Outrage & Criticism Of A Huge Data Grab
Critics are suggesting the roll-out of this scheme is being rushed through while the focus is on the pandemic, meaning it’ll fly under the radar without patients being aware of what it’s all about or the need to opt out should they not wish for their private information to be shared.
There’s also growing concern about the unprecedented scale of the scheme, which involves all records for all patients in England, where there’ll be details of all medical interactions you have potentially since you were born. Some are outraged at this “unwarranted” data grab, where patient data won’t be fully anonymous and where there’s risk of indirect selling of personal information to companies for profit.
There’s been little in the way of publicity of this new scheme of mass data harvesting. Even if you agree with data being used in such a way, many doctors and campaign groups are voicing concerns at the opportunism NHS Digital are taking rather than having patients adequately informed.
Trust in data security and sharing has already taken numerous hits over the years, from data breaches to the intended sharing of confidential information without patient consent.
For instance, the Public Health England came under scrutiny in 2018 when around 180,000 lung cancer patients had their data shared with a consulting firm in the US that was affiliated with the tobacco industry. In another example, it was ruled in 2017 that research between the Royal Free NHS Foundation Trust in London and tech giant Google breached data protection legalities after 1.6 million patient files were shared.
Then there’s also the issue of data sharing in general and the feeling that some people have of being watched, tracked and scrutinised in this increasingly online, connected world. Even if the data is secure and shared only in the circumstances of utmost importance, some individuals may simply dislike the idea and feel things are getting too invasive and reminiscent of ‘Big Brother’. Keeping things personal and private seem to be less possible as the years go by.
NHS Digital have said, with regard to this latest venture, that “we do not sell health and care data” and that they don’t share it with “marketing and insurance companies”. That’s great. But they don’t actually tell us who the information IS shared with.
Campaigners are pushing for more information and greater transparency over the new NHS Digital scheme so that patients are aware of what’s going on, why, who sees their data and how to opt out.
Want To Opt Out?
If you don’t wish for your GP to upload your medical records to the new NHS Digital database, you’ll need to complete a type 1 opt-out form, which you should be able to get from your GP practice. Alternatively, call NHS Digital directly on 0300 303 5678 (open 9am-5pm Monday-Friday) and ask for one to be sent to you. Unfortunately this is not a free number to call.
You’ll need to return the form in advance of the transfer start date (September 1st 2021) to allow for the processing of your form. You can opt out after the deadline but this will only prevent new data from being uploaded; data already on the database won’t be erased.
You can find more information on this new General Practice Data for Planning and Research on the NHS Digital website.
I personally think it’s a double-edged sword because I can see each side of the argument. Technology is incredible in enabling the collation, sharing & analysis of data on an immense scale, which could be priceless for medical advances and improvements to healthcare.
But every individual needs to know of this initiative, and the public need to be given adequate, transparent information on what’s involved and who can gain access to the information. It would also be helpful to be assured of data safety given the potential for data breaches and how the data will be used, not just in theory but in reality.
Given as how most technical endeavours in the UK have bellied up at soon as they’ve started, I just hope NHS Digital’s central database is robust enough to deal with the traffic & hardcore nature of so many files being uploaded!
Do you think data sharing on this monumental a scale is helpful or a worrisome data-grab?