UK.gov slammed for NHS data-sharing deal with Home Office

The UK health service's NHS Digital has been accused of operating to a "lower standard of confidentiality" than rest of NHS, in a heated hearing about a deal that requires patient info to be handed over for immigration enforcement.

The agreement means that patient record-keeper NHS Digital can be required to hand over non-clinical information, such as data of birth or last known address, to the Home Office for suspected immigration offences.

It came into force on January 1, 2017, and was quickly condemned by activists and politicians who warned it might deter people from seeking treatment and breaching confidentiality rules.

After the memorandum of understanding (MoU) hit the headlines, the government asked PHE to collect statistical evidence on whether the MoU has an impact on public health – but interim results are not due until at least November 2018.

In the meantime, the House of Commons Health Committee has launched its own inquiry into the deal, with the first evidence session held yesterday.

Criticism focused on the risk the MoU would dissuade people from accessing healthcare, the knock-on effect on public trust in NHS confidentiality, and whether the government had properly balanced the public interest in that confidentiality with the interest in effective immigration control.

“Confidentiality is the cornerstone of doctor-patient relationship,” said Lucinda Hiam, a GP in the Doctors of the World group that aims to help migrants (who are entitled primary and emergency care for free in the UK) access healthcare.

“With that broken, I don’t think you can carry on to have such a good relationship… I don’t think [the government] has considered enough the damage to public trust that has been done.”

Hiam cited heavily pregnant women who did not see a GP for months, and people choosing to wait until it was an emergency before attending A&E, as this doesn’t require one to give personal details. This behaviour puts added strain and cost on the health service overall, she noted.

Marissa Begonia, coordinator of Voices of Domestic Workers, said it was already tough to get migrant workers - some of whom may be victims of exploitation - to seek healthcare. The MoU will make it even harder, she said. “To tell them that Home Office would access this information would drive them more underground.”

John Newton, director of health improvement at Public Health England, also pointed out that there is a greater expectation on doctors to inform patients on how and where their data will be shared.

“So increasingly patients are being told, so therefore there’s more potential for it to have an effect for care-seeking behaviour," he said.

'Not compatible with other guidance'

Of course, confidentiality in the NHS is not absolute. The GMC’s guidelines for doctors says it can be broken where there is a risk of serious harm to an individual or a “serious” crime - defined as rape, manslaughter or murder.

In written evidence to the committee, the GMC said it was “not persuaded that the fact that patient is either a suspected or actual illegal immigrant, and that person is not in touch with the Home Office, is sufficient to override the public interest in having a confidential service”.

Yusef Azad, director of strategy at the National AIDS Trust, said that immigration offences did not meet the 'serious crime' criteria - as such, the MoU “is not compatible” with other NHS guidance on confidentiality.

“The bottom line is, NHS Digital is operating to a different and lower standard of confidentiality than rest of NHS.”

Joanne Bailey, a member of the National Data Guardian’s advisory panel, also echoed this view.

“[The data guardian, Fiona Caldicott] has concerns that the public interest criteria which are applied by doctors with GMC code or NHS staff using the Department of Health code, are not reflected in the MoU,” she said.

Bailey added that if this approach was extended to other crimes of a comparable gravity, the NHS risked disclosing data “on too low a threshold”, and that Caldicott was concerned about broader issues of public trust.

One justification used by the government is that the information released isn’t clinical and is therefore at the lower end of the spectrum of confidentiality - but Hiam said the distinction is “irrelevant” to a lot of her service users.

In a separate session with government and NHS representatives, committee chair Sarah Wollaston suggested that the government had “run roughshod” over the idea that the data being released was important.

Lord James O’Shaughnessy, parliamentary under secretary of state for health, denied this, and stressed that this data “has been shared for decades”, with the MoU formalising the process.

Wollaston also pressed government witnesses on how the balance of public interests had been established, asking why there were five paragraphs in the MoU on the benefits of disclosure for immigration enforcement, but “nothing” in the interest in a confidential service.

Responses to such questions included a very long pause, murmurs about the fact the officials now in place weren’t in post when the MoU was written, and repeated assertions that data transfers had already been taking place.

And, in answer to whether ministers felt it was important that the MoU risks putting an already marginalised group of people at greater risk, immigration minister Caroline Noakes said:

“I think it is important that we know who people are and where they [immigration offenders] are.

“It [the MoU] is part of a suite of products that we have. We do not wish to deter people from seeking treatment where it is necessary, but equally we have a public interest that we make sure we know where as many people are as possible.”

The committee also seemed unimpressed with evidence showing that in just 195 cases - 3 per cent of the requests made by the Home Office - the department received new information from NHS Digital.

However, ministers said that even information that corroborates data it currently holds is valuable, but could not directly point to evidence that NHS Digital data was directly responsible for any case resolutions.

In addition to the scrutiny from the committee, the government is also facing a legal challenge from the Migrants Rights Network, which says the deal "violates patient confidentiality and puts all migrants at risk". ®