6 February 2014 — OurNHS

Official attempts to inform patients about what will happen to their data when the new care.data database is implemented are inadequate and, on the latest evidence, seriously misleading.

In August of last year, the Information Commissioner warned GPs they’d likely breach Data Protection Act if they allowed their patient data to be uploaded to care.data on the basis of the limited awareness plans then proposed by NHS England.

The NHS’s Health and Social Care Information Centre (HSCIC) responded with a doordrop campaign, consisting of a single leaflet delivered to every household in the UK during January 2014.

Concerns that this leaflet was designed to mislead were raised by scheme critic Dr Neil Bhatia. As he explained on his website: “care.data” is never mentioned in the leaflet”.

NHS England reject this. According to a spokesperson: “What is important is that patients understand the ways information is used for purposes beyond direct care and the choices patients have”.

Does the leaflet explain the ‘choices patients have’? Arguably not. It states “If you do not want information that identifies you to be shared outside your GP practice, please ask the practice to make a note of this in your medical record”. But there is no general opt-out from information-sharing by your GP. As Dr Bhatia makes clear, if you wish to opt out of care.data, as opposed to any other data-sharing, you need to be very specific as to which opt-out to ask for. A leaflet that talks about the general principles of data-sharing, arguably, does not explain that.

More fundamentally, does it explain the ways the information is – and could – be used?

New evidence unearthed by campaigners suggests that on this basic point, it misinforms patients.

According to the care.data leaflet:

“Information such as your postcode and NHS number, but not your name, will be used to link your records in a secure system, so your identity is protected. Information which does not reveal your identity can then be used by others, such as researchers and those planning health services, to make sure we provide the best care possible for ever”. (our italics)

However, a number of documents discovered online appear to clear the way for data to be used outside the scope set down in the information leaflet, and have set alarm bells ringing.

The first is a schedule of “Data Linkage and Extract Service Charges for 2013/14”, published in September 2013. This describes the “products” that HSCIC provide to their clients, including a “one-off extract tailored to the customer’s requirements of specified data fields containing patient identifiable data, sensitive data items or both”.

So HSCIC are planning to make identifiable data available to clients?

No. At least not yet. This schedule, an update of a document in circulation since March 2013, is a schedule of charges for all the data services provided by HSCIC. It sets out the costs for making identifiable data available to accredited clients of HSCIC. However, according to a spokesperson for HSCIC it does not apply to care.data “at this moment”, since no agreement has been finalised on the list of organisations to which they will appropriately release data – or indeed whether identifiable data will be released at all.

That decision is likely to be made at a meeting in March 2014.

In August 2013, an information governance assessment of the issues involved in widening the list of recipients of care.data beyond NHS commissioners asserted: “In the eyes of the law, a government department, a university researcher, a pharmaceutical company, or an insurance company is as entitled to request and receive de-identified data for limited access as a clinical commissioning group, as long as the risk that a person will be re-identified from the data is very low or negligible”.

It goes on: “Access to such data can stimulate ground-breaking research, […] and enable insurance companies to accurately calculate actuarial risk so as to offer fair premiums to its customers”.

This was followed by an addendum to the care.data information requirement, published by NHS England in September 2013, that suggested just such a widening of the audience.

According to this document, “examples of additional customer organisations may include Universities and other academic research organisations, Commercial companies, Think-tanks, Medical charities, Medical Royal Colleges, and Information intermediaries”.

Here, too, it appears, a final decision must await the March meeting.

The bottom line is that if NHS England requests are accepted in March, the list of organisations who may now obtain patient data will extend well beyond the “researchers and those planning health services” set out in the leaflet. It could potentially include commercial companies and information intermediaries, such as insurance companies.

After the Guardian wrote critically of this development,earlier this month, NHS England’s Chief Data Officer Dr Geraint Lewis responded : “Patients and their carers should know that no data will be made available for the purposes of selling or administering any kind of insurance”. 

It is unclear why he intervened in this way, as neither the Guardian nor leading critics had suggested that data might be used for selling insurance. It is possible that he was unaware that his own department had already made clear that insurance companies using it for actuarial purposes is justified.

He also stated: “It is vital that this debate is based on facts, and that the complexities of how we handle different types of data are properly understood”.

We asked NHS England whether a leaflet that focuses on how the data shared with others will not be identifiable, when such a possibility is clearly contained in their original plans. They explained how the leaflet “incorporates feedback …from a range of stakeholders including GPs”.

They added that it “was co-designed with patient groups and clinicians and adapted for Plain English”.

Furthermore: “All materials developed nationally as part of awareness-raising work have been developed in partnership with clinical professional bodies and patient groups”.

But on the question of whether the leaflet is “adequate to provide a full understanding of how data is to be used”, a straightforward yes or no was not forthcoming.

Back in September 2013, their own Independent Advisory Group expressed concerns that patient information leaflets produced by NHS England “did not mention the broad range of potential purposes and potential data recipients proposed”.

In contrast to re-assurances about customer data not being identifiable, they felt that the risk of re-identification of patient data was sufficient to require customers “to sign a data sharing contract that would include a statement that they would not attempt to reidentify individuals”.

Patient watchdog, Healthwatch England, has this week called for the roll-out of care.data to be delayed as patients have been left “in the dark”. Speaking to the BBC, yesterday, Healthwatch England chair Anna Bradley revealed that almost a quarter of the 148 local Healthwatch groups had raised concerns in recent days.

She added: “To make matters worse, the communications around this have been so poor that we are now in the situation where all of us are about to be automatically opted in to a scheme we know little or nothing about.

“While we recognise that sharing the data could be of significant benefit to researchers, the NHS has a moral duty to consult with all of us and trust us to make our own decisions.”

About the author

Jane Fae is journalist and campaigner on IT, the law and sexuality. She writes extensively on  individual privacy in the face of creeping state intrusion, for Register (the leading IT industry website), the Guardian and the Independent.