UK public voice fear over security in NHS data systems

NHS England's own survey also reveals suspicions that it would sell data to third parties

Four out of five patients worry NHS IT systems may be vulnerable to cyber attacks while around half are concerned that the world's largest single health system will sell their data, according to a recent survey.

The research comes from NHS England, the government body running state health systems in the UK's largest nation.

Based on a survey with more than 2,200 people as well as interviews and group discussions, the health quango found 83 percent of people trust the NHS to keep their patient data secure and that the NHS is among the most trusted institutions in the UK, compared to universities, pharma companies, government departments and others.

However, as NHS England embarks on a controversial program to store patient health data in a single Federated Data Platform (FDP), hosted in the cloud and managed using software from US spy-tech firm Palantir, other results may raise concern.

The study showed that when asked whether they were worried that NHS IT systems may be vulnerable to cyber attacks, 47 percent of respondents slightly agreed while 35 percent strongly agreed.

Nearly half (49 percent) strongly agreed when asked if they were worried the NHS might make mistakes with their patient data, and 16 percent slightly agreed.

Asked whether they were concerned that the NHS might sell patient data to companies without their permission, 18 percent said they strongly agreed while 32 percent slightly agreed.

Meanwhile, only 43 percent of respondents said they would trust companies providing the NHS with software to securely store and use their data.

The results follow the launch of the NHS Data Saves Lives strategy in 2022, which came out of the use of data during the Covid pandemic.

It includes engagement with the public and stakeholders on data programmes and projects, such as research and development, General Practice Data for Planning and Research, and the Federated Data Platform.

"To continue to build this public confidence, we need to ensure that our policies and programmes reflect how people think and feel about data. By identifying six attitudinal segments within the population, this research helps us better understand public attitudes to data in health and social care, and allows us to ensure our policies and programmes respond to these different groups. NHS England are already using the results from this research to make sure we hear from different perspectives during our large-scale national engagement on data," NHS England said of the survey.

It said the engagement program would continue this year and next, and the public will be asked to help shape data policy for health and care.

Critics might argue that much of that direction has already been set, and concerns about data security and trust in third-party providers ring alarm bells for projects already in progress.

For example, the £330 million ($412 million) FDP contract was awarded to Palantir last year, while Accenture, PwC, NECS (an NHS-owned service provider), and Carnall Farrar – a healthcare consulting and data firm – also support the project. NHS England also awarded a separate three-year contract for NHS Privacy Enhancing Technology (NHS-PET) to IQVIA, a healthcare technology and consulting firm.

NHS England argues the FDP will make it easier for staff at NHS trusts and regional organizational boards to access the information they need, "freeing up valuable time to reinvest in delivering the best care possible for patients." The system is part of the health services plan to recover the backlog in care created by Covid without spending vast amounts of taxpayers' money.

However, campaigners are preparing a legal challenge to the way FDP shares data across the health system, while others have questioned the openness in publishing heavily redacted contracts.

The procurement of the FDP has attracted criticism too. In the early stages of the pandemic, Palantir began providing software to NHS England in a £1 contract, arranged without a competitive process. It went on to win business worth £1 million ($1.25 million), then a £23 million ($28.7 million) contract was signed in December 2020, again without competition. More recent extension deals mean the analytics software company has won a total of £60 million ($75 million) from the NHS without competing against other companies that provide similar software.

Some of the use cases already supported by Palantir are set to transfer to the FDP, which was awarded after a competitive process. NHS England has maintained it was a fair and open competition. ®

More about


Send us news

Other stories you might like