UK: NHS data sharing – deadline imminent

Kitty

Kitty

Senior Member (Voting Rights)
I'm not sure how widely known this initiative is, but NHS Digital is planning to scrape enormous quantities of data from UK patient records to share with third parties (it's not clear who these are, but they could well be insurance providers and other commercial interests). The data will be anonymised, but apparently codes will be used that can link it with individual records if there is a valid legal reason.

Here is the FT's story about it:

https://www.ft.com/content/9fee812f-6975-49ce-915c-aeb25d3dd748

And The Guardian's:

https://www.theguardian.com/society...lans-share-patient-data-third-parties-england

It is possible to opt out by sending a Type 1 opt-out form to your GP, but it has to be done by June 23. I think I've uploaded the form correctly, but if it doesn't work, there is a link in the FT article.
 

Attachments

Although in principle I support the use of pooled data nationally to improve services, it is also a matter of trust.

I do not trust the current UK government to not make use of this data against my interests or not to sell it to private companies that will.
 
I have not been informed of this by my GP surgery, who you'd think would ask, given I have said no to every previous one of this type of thing.

Therefore it is 'difficult' to trust them.

I would have thought, given all the fuss they make about the confidentiality of patient records, that they would be less inclined to give anyone who thinks they can make, or save, money from having such access access.

But no - it seems my records while being completely confidential should be given to anyone who wants them unless I say no, even when they don't bother mentioning they intend to give them away.

and if I do say no then after a while they will start the whole thing again, just taking extra measures to make sure this pesky patient doesn't find out so can't object.

Coz the thing is, they only need to 'win' once, and then my data is out there, but I have to stop them every time, until the next time, and the next, and the next........
 
Wonko said:
I have not been informed of this by my GP surgery, who you'd think would ask, given I have said no to every previous one of this type of thing.
Click to expand...

Our surgery campaigned quite hard against the last initiative a few years ago, and encouraged patients to opt out because the doctors felt the information would not be used in our interests. They even provided forms.

I think they're too overwhelmed this time, though. And it appears that as long as they mention it on a website (one that most people will never have heard of, let alone visit on the off-chance that it might be interesting), that's the government's obligations met in terms of public consultation!
 
Peter Trewhitt said:
Although in principle I support the use of pooled data nationally to improve services, it is also a matter of trust.

I do not trust the current UK government to not make use of this data against my interests or not to sell it to private companies that will.
Click to expand...

Absolutely 100% agree. I wouldn't trust the government (no matter who was in power, now or in the future) with my medical records. I think they'd sell it the instant they got their hands on it. Even if the data was anonymised I still wouldn't trust them. I remember the joke method of anonymising data they planned to use for care.data and they kept on saying how the data would be anonymised, but it was nonsense. I think the only thing they were going to remove was name.

For info on data breaches see this link :

https://medconfidential.org/for-patients/major-health-data-breaches-and-scandals/

Oh, I forgot to include this link - the one about the current data sharing plans with all you need to know about how to keep your data private :

https://medconfidential.org/2021/let-us-tell-you-about/
 
Moved post

Webdog said:
England’s NHS plans to share patient records with third parties
55m patients have until June 23 to opt out of having their health data scraped into a new database
Click to expand...

General Practice Data for Planning and Research (GPDPR)
https://digital.nhs.uk/data-and-inf...neral-practice-data-for-planning-and-research

General Practice Data for Planning and Research: NHS Digital Transparency Notice
https://digital.nhs.uk/data-and-inf...-digital-collecting-your-data-type-1-opt-out-

Does anyone have any thoughts on the wording of the Type 1 Opt-out and information about it in relation to this GPDPR data collection on the NHS Digital Transparency Notice?

The Opt-out relates to sharing of 'identifiable patient data' by the GP practice. However, the NHS Digital Transparency Notice says any data that could directly identify is pseudonymised before sharing with NHS Digital. According to NHS Digital:

Transparency Notice said:
We will not collect your name or where you live. Any other data that could directly identify you, for example NHS number, General Practice Local Patient Number, full postcode and date of birth, is replaced with unique codes which are produced by de-identification software before the data is shared with NHS Digital.

This process is called pseudonymisation and means that no one will be able to directly identify you in the data. The diagram below helps to explain what this means. Using the terms in the diagram, the data we collect would be described as de-personalised.

NHS Digital will be able to use the same software to convert the unique codes back to data that could directly identify you in certain circumstances, and where there is a valid legal reason. Only NHS Digital has the ability to do this.

This would mean that the data became personally identifiable data in the diagram above. An example would be where you consent to your identifiable data being shared with a research project or clinical trial in which you are participating, as they need to know the data is about you.
Click to expand...

So it seems unclear whether the Type 1 Opt-out covers sharing of pseudonymised data.

Informaton that could be used to identify (e.g., postcode, date of birth, NHS no.) is replaced with 'unique codes' before sharing with NHS Digital. So I would have thought this could validly be described as sharing of depersonalised data rather than of personally identifiable data / identifiable patient data, depending on the specific circumstances of the sharing.

The Type 1 Opt-out says:
Type 1 Opt-out form said:
Your decision
Opt-out
I do not allow my identifiable patient data to be shared outside the GP practice for purposes except my own care.
Click to expand...

The Type 1 Opt-out makes no reference to pseudonymised (or anonymised) data sharing.

By my reading The FT article appears to be saying if you register a Type 1 Opt-out before 23 June (first data will be collected on 1 July), your records will not be scraped. However, I think these NHS Digital webpages and the Type 1 Opt-out are more ambiguous than this suggests. Does anyone have a perspective on whether registration of the Type 1 Opt-out is adequate to prevent the proposed data collection by NHS Digital?

Not to suggest that registering a Type 1 Opt-out is not a sensible idea.
 
Last edited by a moderator:
How hard they fought to prevent the release of fully anonymised scores on various PACE questionnaires, making outlandish claims about the potential for being identified from your SF-36 score (lol) but this massive invasion of privacy and privatisation of healthcare data? No problemo.
 
Sid said:
How hard they fought to prevent the release of fully anonymised scores on various PACE questionnaires, making outlandish claims about the potential for being identified from your SF-36 score (lol) but this massive invasion of privacy and privatisation of healthcare data? No problemo.
Click to expand...

Good point! Once the shoe is on the other foot, as you say, "No problemo."
 
Since so few people are aware of this, those who do opt out are going to be noticeable. I intend to opt out but am concerned that my GP will think that it means that I am anti-science, in line with the way PwME have been portrayed. I barely know him but his attitude is difficult enough to take as it is and at any future appointment time would be too short for explanation. By the time I get in to see him, my brain wouldn’t function well anyway. Feels like I can’t win.
 
Thanks for mentioning this @Kitty :thumbup:

I had heard anything about it. I opted out previously and my health authority also have a data sharing scheme within the region and I opted out of that as well previously.

The link for opting out online (it's in the 2nd article linked in the first post in thread) is

https://www.nhs.uk/your-nhs-data-matters/manage-your-choice/

Note it asks for your 10 digit NHS number.

I've just gone through the form and my previous choice of not permitting my data to be shared was acknowledged.

I think I'll also print out the form and send it to my GP practice. Just in case.
 
Invisible Woman said:
I've just gone through the form and my previous choice of not permitting my data to be shared was acknowledged.

I think I'll also print out the form and send it to my GP practice. Just in case.
Click to expand...

I did the same. And Type 1 opt-outs, which is the only one to use for this, are due to be phased out before too long – so there may be another hoop to jump through. :rolleyes:
 
Kitty said:
I'm not sure how widely known this initiative is, but NHS Digital is planning to scrape enormous quantities of data from UK patient records to share with third parties (it's not clear who these are, but they could well be insurance providers and other commercial interests). The data will be anonymised, but apparently codes will be used that can link it with individual records if there is a valid legal reason.

Here is the FT's story about it:

https://www.ft.com/content/9fee812f-6975-49ce-915c-aeb25d3dd748

And The Guardian's:

https://www.theguardian.com/society...lans-share-patient-data-third-parties-england

It is possible to opt out by sending a Type 1 opt-out form to your GP, but it has to be done by June 23. I think I've uploaded the form correctly, but if it doesn't work, there is a link in the FT article.
Click to expand...
Thanks for highlighting this, my wife and I have now sent off our opt-out forms.
 
Sarah said:
The Opt-out relates to sharing of 'identifiable patient data' by the GP practice. However, the NHS Digital Transparency Notice says any data that could directly identify is pseudonymised before sharing with NHS Digital.
Click to expand...

I saw this too, and checked whether signing the Type 2 form (a sort of global opt-out) gave better security. Apparently it doesn't, and Type 1 is the best for this particular exercise.

I crossed out the word 'identifiable' on my form, as well as signing it. My GP is one of those who's campaigned against this type of sharing – or as she puts it, sale to the highest bidder. Since she knows a lot more about it than I do, I put in a note asking her to ask Shami (receptionist) to let me know if she thought editing the form might make it invalid, so I can drop off another one.

I honestly don't think it will make any difference, or that anyone will even notice it. But yes, it did jump out to me as a slippery bit of wording.
 
Kitty said:
I saw this too, and checked whether signing the Type 2 form (a sort of global opt-out) gave better security. Apparently it doesn't, and Type 1 is the best for this particular exercise.
Click to expand...

The Type 2 Opt-out was superceded by the National Data Opt-out in May 2018. I believe the National Data Opt-out refers to sharing of confidential patient information by NHS Digital for research and planning. The Type 1 Opt-out refers to sharing of 'identifiable patient data' by GP surgeries for purposes other than own care.

For the impending GPDPR data collection, the Type 1 Opt-out is the Opt-out that it is proposed be submitted before 23 June to GP surgery - that is assuming it does have effect. Though doing both may not be a bad idea for those who wish to minimise the degree to which their data is shared.

The General Practice Data for Planning and Research Directions 2021 states (my bolding):
3.2. NHS Digital is directed to collect pseudonymised data, in accordance with the General Practice Data for Planning and Research Dataset Specification attached at Annex B of these Directions (as the same may be updated from time to time in accordance with these Directions) (the Dataset Specification).
Click to expand...
https://digital.nhs.uk/about-nhs-di...ata-for-planning-and-research-directions-2021

I suspect irrespective of alterations or addenda to Type 1 Forms, surgeries will only have the option of registering the Type 1 dissent as is, or not registering it. A signed and dated addendum and cover letter explaining reasoning may still be a way to go if only to flag the ambiguity.

There has been a bit more coverage in the Guardian:

https://www.theguardian.com/society...e-to-hand-over-patient-details-to-nhs-digital

https://www.theguardian.com/commentisfree/2021/jun/03/gp-nhs-digital-data-patients-records-england
 
@Arnie Pye Thank you for posting the other links. I don't hit a paywall for some reason.

Some excerpts from the FT article
https://www.ft.com/content/a13225c8-b618-4ee4-ae16-a0e26829bc7b
NHS hit by legal threat over GP data ‘grab’

The UK government is being threatened with legal action if it does not pause plans to collate the full medical histories of 55m patients in England into a single database from July 1.

In a pre-action letter sent on Friday on behalf of five organisations and Conservative MP David Davis, the campaigners warned that “rushing this major change through with no transparency or debate violates patient trust, and that doing so without patient consent is unlawful”.
Click to expand...

If NHS Digital does not extend the opt-out deadline of June 23, the coalition, which includes the National Pensioners Convention and the Doctors’ Association UK, plans to sue the Department of Health and Social Care as soon as next week, to freeze the data-sharing scheme immediately.

The group, which is supported by tech justice non-profit organisation Foxglove, said that the speed of the process “gives patients no meaningful chance to opt out and excludes older people and others who may not be online”.

It also says that any given consent will have meaning only if the government is clear on which third parties will have access to the data, and for what purposes.
Click to expand...
 
Annex A Specification Requirements to the GPDPR Direction 2021
https://digital.nhs.uk/about-nhs-di...ata-for-planning-and-research-directions-2021
Annex A has the following:
Annex A said:
Full replacement of GPES capability will require the inclusion of data from GP medical records which have a Type 1 optout recorded on them. Type 1 opt-outs apply to patients who have requested that their identifiable data is not shared outside of GP practices for purposes beyond their individual care and treatment.
Click to expand...

Annex A said:
NHS Digital will not collect patient records which contain Type 1 opt-outs unless and until either:

1. Type 1 opt-outs are retired from use; or
2. NHS Digital agrees with the British Medical Association (BMA) and the Royal College of General Practitioners (RCGP), and the Department of Health and Social Care that it has put in place appropriate organisational and technical measures and controls in place to enable it collect and process pseudonymised Type 1 opt-out records by means which continue to uphold the Type 1 opt-out and do not enable to the patient to be identified

In either case, this Requirements Specification will be updated to reflect these changes and in the case of point 2 above, to reflect the agreed organisational and technical measures and controls.
Click to expand...

So it at least appears DHSC draws a distinction between pseudonymised data and 'identifiable data' as it would otherwise presumably not be possible in their view to 'uphold the Type 1 Opt-out' whilst simultaneously sharing pseudonymised data.

Pseudonymised data constitutes personal data falling within scope of UK data protection legislation. Whether it legally constitutes 'identifiable data' seems to be unclear, as individuals could be identified from pseudonymised data with the additional information an organisation holds to re-identify it, but could not be identified from pseudonymised data in isolation.

As the blog below describes and as I understand it, the basis of the opt-out is ministerial direction rather than objection to processing under Article 21 of the UK GDPR.

Looking at Snomed CT I found no codes for a broader dissent than the one that will be applied for Type 1 Opt-outs, i.e., Dissent from secondary use of general practitioner patient identifiable data.

A reminder that if data is collected by NHS Digital before a Type 1 is registered, as Annex A puts it, 'the data collected before this will continue to be accessed and utilised as before. However, no further data will be collected from this record.' Opt-outs should be submitted to GP practices by 23 June to ensure registering before data collection commences on 1 July.

This blog goes into the apparent legal basis of the collecting and the implications for the opt-out. (Right to erasure is Art 17 not 16.)

Missing data protection safeguards with respect to NHS Digital’s national database of medical records
https://amberhawk.typepad.com/amber...als-national-database-of-medical-records.html

What is the A.6 lawful basis for most processing?
Because Ministerial Directions are used, the lawful basis for the disclosure of pseudonymised medical personal data to NHS Digital will be A.6(1)(c):–“ necessary for a legal obligation”.

This choice of lawful basis thus engages the exemption in Schedule 2, paragraph 5(2) of the DPA2018 with respect to the disclosure from a GP surgery to NHS Digital; it can exempt all rights and the first two Principles in A.5 (e.g. the fairness, lawfulness, transparency and compatibility Principles).

With respect to this disclosure also, the right to object to the processing (A.21) and the right to erasure (A.16) are also automatically disapplied as the processing is necessary for a legal obligation. Any application of the consequential rights of restriction and notification (A.18 and A.19) are also disapplied (e.g. these rights apply if a controller were to be obliged to erase personal data following an objection).

This exemption is also available if NHS Digital were to be required by law to disclose personal data (this category of disclosure is in the list of disclosure purposes above).

Note that because the disclosure of pseudonymised medical personal data is deemed necessary for a legal obligation, any obligation of confidence to the data subject can be set aside; there is no need to consider data subject consent for the processing.
Click to expand...

Note that this “opt-out” does not exist because of any data protection obligation; it exists thanks to Ministerial fiat which could be modified or reversed in future Directions.

Finally, Ministerial Directions, unlike the exercise of power by a Minister via secondary legislation, do not have to be subject to Parliamentary scrutiny nor do they have to made public and Directions can be expressed as a set of general objectives (e.g. for NHS Digital to obey).
Click to expand...


ETA: ICO Draft guidance 'Introduction to Anonymisation' [PDF]
https://ico.org.uk/media/about-the-...862/anonymisation-intro-and-first-chapter.pdf

Edited
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom