- NHS accused of wrongly sharing hospital data of 1.2m patients
- Privacy group says NHS’s hospital data does not comply with anonymisation standards
- NHS Digital says it does comply with standards
- Researchers raise “serious concerns” about impact on life saving studies
The UK’s data watchdog is set to make a crucial ruling on whether the NHS has been wrongly sharing the hospital data of 1.2 million patients who opted out of their records being shared.
The Information Commissioner’s Office’s investigation has caused “serious concerns” among researchers, who have warned crucial research could be put at risk by increased data restrictions.
The argument – revealed just weeks before the government’s response to Dame Fiona Caldicott’s report on patient data sharing is due – hinges on whether NHS Digital is complying with the ICO code of practice on anonymisation when distributing hospital episodes statistics data.
NHS Digital says it is in compliance, but a complaint from MedConfidential has prompted the ICO to investigate. Its ruling could have a profound impact on data sharing.
A paper from NHS Digital’s September board meeting said: “MedConfidential have made a complaint to the ICO around ongoing disseminations of HES data which are released without opt-outs being upheld when we have assessed them as in compliance with the ICO [code practice] on anonymisation.”
MedConfidential argues patients who have made a “type 2” objection, which requests no identifiable information held by NHS Digital is passed to a third party, should apply to HES data because NHS Digital is not meeting the anonymisation standards.
NHS Digital figures published earlier this year showed up to 1.2 million patients have lodged a type 2 objection.
The development follows the closure of the much criticised Care.data programme in July, a data sharing project that badly damaged public trust in the NHS’s ability to handle confidential records.
It is not clear which way the ICO ruling will go, but a well informed, senior source, whose interests rely on access to HES data, said the watchdog may rule in favour of MedConfidential’s position.
“How much impact [the decision would have] depends on how many people opt out, and the way the NHS is currently behaving risks that being higher than we expect,” the source said.
Heavyweight research figures including the founder and former head of the NHS’s National Cancer Intelligence Network Chris Carrigan, and the Wellcome Trust, have set out their concerns (see box below).
Wellcome Trust head of policy Nicola Perrin said the debate was “about what counts as anonymised”. She said: “Anonymised data from HES has been vital in a huge number of studies which have resulted in life saving interventions. It would be a serious concern if this research was put at risk.”
Ms Perrin said “robust processes” and sanctions to protect patients’ confidential information were critical but “proportionality” was needed.
“We cannot just put a brake on all the good work that is being done because there is a very small chance of re-identification by someone with significant motivation, resource and technical skill, who is willing to breach data protection laws,” she said.
Concerns have also been raised about the impact on commissioning and invoicing for services. Mark Davies, former NHS Digital medical director and now member of industry body Tech UK’s health and social care group, said a full HES dataset was “critical for [helping] sustainability and transformation plans to have a complete picture of clinical activity in their areas to accurately plan and manage services”.
MedConfidential coordinator Phil Booth said a ruling in the group’s favour would not impact payment by results. “If the ICO ruled that type 2 [opt-outs] should apply to HES, the payments by results system should not be disrupted due to the other data available for that purpose,” he said.
The HES dataset contains information from acute, primary care and mental health trusts in England. It is stored as a large collection of separate records, one for each “period of care”, by NHS Digital.
It includes identifiers such as a person’s NHS number, but NHS Digital can strip out identifiers in a way it says creates “anonymised” data, before it is supplied to third parties. If third parties want access to identifiable data – which they need to go through a further clearance process for – the type 2 opt-out should still apply.
HSJ understands MedConfidential is arguing that the replacement of some direct identifiers and the protection by contract is not enough – mainly because HES includes dates, such as the day of diagnosis, which could make “jigsaw re-identification” easier. NHS Digital rejects this argument.
An ICO spokeswoman confirmed an investigation was ongoing. NHS Digital said it had “offered its full support to the ICO in support of their investigation”.
New groups look to champion data sharing
Two new groups have been established to champion the benefits of data sharing to patients as the research community seeks to repair the damage done to public trust by the Care.data debacle.
The Wellcome Trust is leading work with the support of the Medical Research Council to establish a new taskforce. Wellcome Trust head of policy Nicola Perrin said it wanted to “improve conversations” with patients about how data is used, the benefits of sharing data and the safeguards that are in place.
“The new taskforce will look at issues such as the language which is used in the debate, which can often be misleading and increase confusion. We want to provide the tools and resources to encourage open and honest discussions that help people understand why better use of data is critical to improve health,” she said.
Meanwhile, Chris Carrigan, who founded and led the NHS’s National Cancer Intelligence Network, has established useMYdata, which has recently partnered with Empower: Data4Health “to champion the effective use of health data”.
He said: “The benefit to health and healthcare of the use of HES data over the years has been significant.
“It is important that the NHS does not find itself hamstrung by the inability to monitor care and outcomes across the country. I don’t think that’s what patients or their families would want. The use of anonymised data is a crucial way that the NHS can continue to use data effectively, whilst protecting the identity of patients.”
The formation of the groups follows the closure of the much criticised Care.data programme earlier this year.