NHS Data Grab Will Put GP Records In Central Store For ‘Research’
Thu 10:03 am +01:00, 20 May 2021 8
ER Editor: Readers may want to use this NHS page (https://www.nhs.uk/your-nhs-data-matters/) to find out more about how their health data will be used (it is linked to below). According to this page, there is no deadline for opting out of sharing/storing personal medical data. Interestingly, they mention a deadline of September 30, 2021 while the article below quotes a deadline of June 23, 2021. Physician Dr. Neil Bhatia, quoted below, is far more sceptical about all this – his opinion is worth perusing. Given the extent of government overreach throughout the last 14 months over a mild virus, we’d recommend following his advice and observe the June 23 deadline.
Here is the OPT-OUT FORM — here [.docx]
Readers may also be interested in this form from medConfidential (linked to below):
https://medconfidential.org/wp-content/uploads/2021/05/Type_1_opt-out_letter.pdf
********
NHS Data Grab Will Put GP Records In Central Store For ‘Research’
THEREGISTER.COM
The NHS is preparing for the “biggest data grab” in the history of the service, giving patients little information or warning about the planned transfer of medical records from GP surgeries in England to a central store for research purposes – and with no prospect of the data being deleted.
Campaigners and doctors have expressed alarm that such a wide-ranging data haul is in the offing when health services and patients are still swamped by the effects of the COVID-19 pandemic, with little time to focus on the details of data privacy. (ER: Isn’t this the entire point?)
The 55 million citizens of England will need to opt out of the involuntary scheme before it is introduced to prevent the entire history of their GP visits being slurped, campaigners told us. Opt-out forms are here [.docx]. We understand you will need to give this form to your GP practice before 23 June or your data held by your GP joins the central repository.
According to an official announcement on the NHS Digital website, data held in GP medical records will be collected via a new service called the General Practice Data for Planning and Research data collection. It will replace the General Practice Extraction Service (GPES), which has operated for over 10 years.
The new service comes with a broadened remit: the data will be used to “support the planning and commissioning of health and care services, the development of health and care policy, public health monitoring and interventions (including COVID-19) and enable many different areas of research.”
The service will collect data about diagnoses, symptoms, observations, test results, medications, allergies, immunisations, referrals, recalls and appointments, including information about physical, and mental and sexual health. It will also collect information about data on sex, ethnicity and sexual orientation, and data about staff who have treated patients.
NHS Digital said names and addresses, written notes, images, letters, and documents would not be collected. Nor would coded data that is not needed due to its age and coded data that GPs are not permitted to share by law.
Patient data from doctors’ surgeries in England will be shared from 1 July 2021 unless patients opt out by 23 June 2021. Patients can also decide on a National Data Opt-out, which prevents NHS Digital sharing your collected data with third parties.
To be clear, our understanding is that the earlier GP form means it is not sent from the practice to the central data repository.
But concerned patients will not know about the data grab and some doctors may not have had time to explain given the overwhelming focus on the pandemic.
Dr Neil Bhatia, a Hampshire GP and information governance lead, told The Register it was the “biggest data grab” in the history of the NHS. “It is going to be a scramble. If you want to opt out, you need to do it now. [You] cannot change that [in] six weeks’ time; you can only prevent new data going on the system. The health service is distracted with COVID. GPs are drowning. We would like to do something about it, but the government slips this out, and there is no going back.”
NHS Digital said it had engaged with the British Medical Association, Royal College of GPs, and the National Data Guardian over the records collection. Campaigners noted that the press release carried no quotes from those organisations. NHS Digital said the data would “support a wide variety of research and analysis to help run and improve health and care services.”
However, Dr Bhatia said patients may not know their information could be used by US companies planning to bid for work for the NHS.
“I do not have any confidence the data will not be [given] to the private sector in the US. Nobody ever checks; once it is anonymised and outside GDPR, they can give it to who you like. The information may not identify you but it can be used in ways you are not happy about. It could be used by a company looking to buy up GP surgeries, for example. There is no granularity for how the data could be used.
I like to think that the money [NHS Digital] gets will always be for the benefit of the NHS, but cynically, I think it will benefit the companies and be worth every penny to get a foothold in the market. Whether you think that is right or wrong, patients do have not control of data [going to that purpose].“
The NHS has been here before. In 2016, The Register revealed NHS England spent nearly £8m on its controversial care.data programme before scrapping it. The publicly hated programme was beset by delays and criticised by doctors and privacy campaigners over the haphazard way it would share sensitive medical data of citizens with commercial companies without explicit consent.
Phil Booth, coordinator for campaign group medConfidential, told us the latest scheme from NHS Digital was “even bigger than care.data.”
“It’s more data, more breadth, more depth, it’s the whole record, not just prospectively. It’s not excluding all of the really sensitive codes, the stuff which care.data wouldn’t touch, it’s the whole f&*king deal.“
The combination of hospital data, GP data, and the capacity to link them together could create “the single most valuable data asset on the planet,” Booth said.
He said the NHS had delayed the launch of the programme until the day after the Queen’s Speech, a magnet for political news, “because they learned last time that it’s the publicity that kills them.”
medConfidential has produced a guide to opting out of the new data grab. It has also published a list of the types of data that will be extracted from GP records by the programme. These data points include sensitive details relating to divorce, criminal records, prison and probation, complaints about care, relationship abuse, and child abuse, and info on sensitive diseases, such as AIDS. The campaign group’s full guide for patients is available here.
A BMA spokesman told The Register it had been engaged in the planning for this new collection over the past three years, and made representations on behalf of GP practices to ensure stronger arrangements were put in place over the security and intended uses of the data collected.
“GP data has a crucial role to play in research and planning which can improve public health, but it is important for patients and the public that this data is made available for appropriate purposes in a secure and trusted manner,” the spokesman said. “We are broadly supportive of the principles of the new collection in seeing fewer extracts of data and a reduced administrative burden for general practice.”
The GP data grab comes 18 months after The Reg revealed details of a meeting between senior figures at numerous public-sector NHS bodies and UK heads of businesses at the likes of Amazon, Microsoft and AstraZeneca. They discussed ways to package the medical records of millions of British citizens.
The Health and Care Data Day hosted by NHS England in October 2019 involved the discussion of nine commercial models for a proposed medical record repository, which was estimated to be worth up to £10bn annually. The repo would include data from GPs and hospitals, mental health professionals, death and demographics registers, the private healthcare sector, prescription records, environmental and social statistics, and more.
This was described by NHS Digital in material handed out at the event, seen by us, as a “single, national, standardised, event-based longitudinal record for 65 million citizens within two years.” It was intended to capture the “full journey of care from cradle to grave.”
As was pointed out in late 2019, healthcare tech professionals are all for using data for research purposes though transparency and trust are key issues for the general public when sensitive medical data is being shared.
Joe McDonald, then Chief Clinical Informatics Officer for Great North Care Record, told us: “We have to be guided by citizens, not by government agencies and industry big players who see to profit from NHS data.”
“We hope the lessons of Care.Data have been learned. I’m not sure what patient representation goes into current policy thinking. I suspect not enough,” he added.
NHS Digital has argued that, once collected, the data could be available to “parties involved in the planning of the health and care system, and parties undertaking clinical research”. However, it has so far declined to comment on specific questions over whether these parties could include private sector companies scoping the NHS for commercial opportunities.
Update:
An NHS Digital spokesperson has told us:
“Data is only shared with organisations who have a legal basis and meet strict criteria to use it for local, regional and national planning, policy development, commissioning, public health and research purposes.“
They added: “All applications for access to this data must have a health or care benefit and cannot be for solely commercial purposes. NHS Digital will not approve requests for data where the purpose is for marketing purposes, including promoting or selling products or services, market research or advertising. Applications from commercial organisations are very carefully scrutinised to ensure the purposes of any access are appropriate and benefit health and care. Requestors will only be able to access the minimum data required to meet their specific approved health and care purposes and are subject to contractual data sharing agreements.”
See more here: theregister.com
************
Years ago, the government sneaked a data grab on the NHS records. I’d have to look that up but it was about 8(?) years ago or so. There was no publicity at all on this and people had only a couple of weeks weeks to write to their GP to opt out of their records being sold.
It was back in early 2014.
This was a petition to stop it
http://web.archive.org/web/20140323165713/http://action.sumofus.org/a/nhs-patient-corporations/2/3/?sub=fb
” Your medical records could be sold to the highest bidder. But not if we can stop it.
Starting this year, private companies will be able to buy information on us from the NHS’s new universal patient database — including everything from mental health conditions, sexually transmitted infections and diseases like cancer — all linked to your postcode, gender and ethnicity.
We’ve all been opted into the scheme by the government without our knowledge. And the clock is ticking — the government has said they will upload our private data in a matter of just a few weeks. If we’re going to stop this, we have to act now.
Tell Jeremy Hunt and the NHS not to sell our private medical data.
It doesn’t really get more private than what you discuss with your doctor. They know the most personal things about us — like whether we’ve ever been depressed, had an embarrassing infection or struggled with drug & alcohol problems. Now imagine, private companies trawling through your records looking for interesting information.
The government claims that individuals won’t be able to be identified. However, many experts have warned that under the current plans, we could easily be singled out through simple cross-referencing of other databases — especially if you have a rare or unusual condition. The consequences for us as individuals could be huge.
We know that when we act together, we can bring about real change. When we fought to get High Street names like River Island and Edinburgh Woollen Mill to sign up to protect Bangladeshi factory workers, we won! Now we need to step up to defend something precious — our right to privacy.
Tell Jeremy Hunt to stop the sale of our personal medical information to big corporations.”
Here’s the fees they charge for the NHS data:
http://web.archive.org/web/20140207170129/http://www.hscic.gov.uk/media/12443/data-linkage-service-charges-2013-2014-updated/pdf/dles_service_charges__2013_14_V10_050913.pdf
Data Linkage and Extract Service
Service Charges 2013/14
http://web.archive.org/web/20140303203423/http://rt.com/news/uk-medical-records-backdoors-020/
UK national health records database to have ‘backdoors’ for police, govt?
Published time: February 07, 2014
There were 2 initiatives at that time (ie 2014).
One was to to harvest health and personal data from your GP.
The other was to sell it to others without the patient’s consent
This was the pro forma letter to send to your GP to opt out.
http://web.archive.org/web/20210411002311/http://medconfidential.org/wp-content/uploads/2014/01/caredata_opt-out_letter.pdf
The person dealing with the opt-out at my surgery told me that the forms were sent out to all the listed patients but we never received them in this household. So out of thousands of patients, only around 2 dozen people sent in these opt-out forms
And here was the bad news back in March 2014:
http://web.archive.org/web/20140307065518/http://www.scriptonitedaily.com/2014/03/04/the-bad-news-cameron-is-hastily-burying-under-the-ukraine-stand-off/
Your NHS Records Just got Uploaded to Google
The Health Select Committee has announced that a private company called PA Consulting have been given the “entire start-to-finish HES (Hospital Episode Statistics) dataset across all three areas of collection – inpatient, outpatient and A&E”. The firm, headed by a disgraced former chairman of Barclays Bank, Marcus Agius, then uploaded that sensitive personal data to google servers based outside of the UK. This allows the NSA and GCHQ ‘backdoor’ access to our medical data, using the Project Tempora/PRISM programmes revealed by Edward Snowden – it also means the data is outside any domestic privacy and data laws, or government firewall.
This news comes just days after it was revealed that all NHS hospital data had been sold to private insurance companies without patient consent or democratic mandate.
So I’d suggest that if you did not opt-out back in 2014, whatever you do now is a waste of time and energy. Google has already sucked all your data up into their super computers
They’ve been selling patients’ data for years so don’t get too het up about it now.
http://web.archive.org/web/20140622221427/http://www.dailymail.co.uk/health/article-2660800/Millions-NHS-records-sold-178-private-firms-And-officials-dont-know-details-1-3m-patients-ended-up.html
Millions of NHS records sold to 178 private firms: And officials don’t even know where details of 1.3m patients ended up
– Dates of birth, postcodes and diagnoses sold to hundreds of private firms
– Details of up to 1.3m patients went missing because no record was kept
– Data is anonymous, but review found it was easy to deduce patient identity
By Sophie Borland
Published: 18:47 EST, 17 June 2014