Watchdog warns UK health data platform could damage patients' trust
'This store of confidential data is a national treasure that must never be compromised or treated carelessly'
As the UK government plans to launch the procurement for a national patient data store, the legal guardian of NHS data has issued a coded warning concerning trust and transparency in health data usage.
Late last week, Dr Nicola Byrne, the National Data Guardian (NDG), said that the forthcoming competition for the Federated Data Platform – considered a "must win" for US spy-tech firm Palantir – put the problem of patients' trust in the NHS's handling of their data into "sharper focus."
She blogged that the NHS had "amassed comprehensive cradle-to-grave information about tens of millions of [UK citizens], whatever our social and economic circumstances or ethnic origin."
"This store of confidential data is a national treasure – our shared national treasure – that must never be compromised or treated carelessly, as its collection is founded on our trust," she said.
Estimates suggest that, because of the unique position of the NHS, UK patient health data records could be worth £9.6 billion ($11.4 billion) a year to pharmaceutical and health tech companies.
The cache is also said to be valuable to the NHS itself as it strives to improve efficiency and recover from the strain of the COVID-19 pandemic.
"The value of our data will only be realised if it can be organized in such a way that the NHS is able to use it well to improve treatments, services and ultimately our health and care," Dr Byrne said.
"Sealing this precious asset in a vault where it cannot be used would render it worthless. However, making the data available in ways that damage patients' trust would be counterproductive. If people lose their trust in how the health and care system handles their confidential data things will fall apart, and plans for data use will not hold."
NHS England, a non-departmental body in the UK government, is set to launch the delayed £360 million ($427 million) procurement for the Federated Data Platform (FDP) in the coming weeks, according to documents shared with potential bidders.
"The importance of achieving the right balance is coming into sharper focus now, as NHS England begins asking companies to tender to provide a federated data platform. This 'ecosystem of technologies and services' will provide real-time, reliable insights to those making decisions about how care is planned and delivered," Dr Byrne said.
Although she said she strongly agreed with the aims and ambitions of NHS England's FDP, "this data programme must avoid common pitfalls around trust and transparency that have frustrated previous initiatives in this area."
Recent NHS history has been struck with difficulties in gaining public confidence to share patient data between doctors in general practice – the majority of whom are independent contractors – and the rest of the NHS.
A project to extract data from GP records and transfer it into a central store for research stalled last year as health leaders failed to gain the confidence of patients and the medical profession. Attempts to restart the General Practice Data for Research and Planning (GPDPR) project, run by soon-to-be defunct NHS Digital, have so far failed.
- Decisions on health data sharing should not be taken by politicians, citizen juries find
- UK health privacy watchdog still in talks over who is accessing country's COVID data store
- Fresh concerns about 'indefinite' UK government access to doctors' patient data
- NHS Digital's demise bad for 55 million patients' privacy – ex-chairman
"Public trust can only be earned through a commitment to honesty and transparency. There must be no surprises for people about how their private information is being used," Dr Byrne said.
The NDG team has gathered a panel of advisors to help the FDP program get it right, she said.
"I have made clear that NHS England needs to allow sufficient time to listen to patients and professionals and then adapt plans according to what it hears.
"I have advised that the programme must be transparent and always strive to provide clear, easy-to-understand explanations of the platform, what data it will use, how it will use it, the benefits of the programme, and, just as importantly, the risks."
One of the main criticisms of GPDPR was that it failed to inform and consult patients, offering only website information and social media posts.
"Being open about risks and their mitigations provides an opportunity to meaningfully engage the public and build confidence in the system," Dr Byrne said. "This information should be publicly available, easy to find, and accessible. The [FDP] programme has subsequently assured me that it will be carrying out research with the public to determine what information people want and need about the programme. This will inform its communications and engagement plans, which it has committed to share with me for review."
The NDG has recommended clear governance frameworks and security measures for the platform. "I expect that it will continue to engage with me on these matters," she said.
Earlier this month, NHS Digital board papers revealed the UK government is set to expand its use of the Palantir platform it established in response to the pandemic. The documents confirmed that patient-identifiable data from NHS hospital systems will be shared with the existing data platform in a move designed to help cut hospital waiting times. This has prompted warnings of further legal action by privacy campaigners.
According to documents seen by The Register, NHS England has now confirmed that this data extraction will need to be rolled into functionality for the new FDP. NHS England said it expects to award the contract in 2023. ®