A legal challenge from the Doctors' Association UK has extended the deadline to opt out

A legal challenge from the Doctors’ Association UK has extended the deadline to opt out   (Click to enlarge: opens in new window)

Joe Fathallah, Cardiff East Socialist Party

On 12 May, NHS England released its plans for a new system called “General Practice Data for Planning and Research”. This system would scrape pseudo-anonymised patient data from GP practice records, and add them to the NHS Digital central database.

This plan has been in the pipeline for three years, but initially patients were only given a month to opt out of their data being included. A legal challenge by a coalition of groups including the Doctors’ Association UK, has succeeded in delaying this deadline until September.

Of course, there are huge benefits in the sharing of healthcare data to aid research and planning, and the data would not include patients’ names, dates of birth, addresses and so on. But it would include data such as sex, ethnicity, sexuality, symptoms and diagnoses, test results, medications, allergies, vaccinations, and appointment dates, as well as which clinicians carried out treatments. Professor of Medical Informatics at the University of Manchester, Alan Rector, pointed out in an article in the Guardian newspaper “how easy it is to identify individuals from medical records, even if obvious personal details are removed.”

The government claims that patients can opt out at any stage. However, that would only stop new data being scraped, their existing data would remain in place. Patients under the age of 13 would be unable to opt out, as presumably would those lacking the mental capacities to make an informed decision in this ‘assumed consent’ scenario.

According to NHS Digital, some organisations could “need access” to the data. “These include but may not be limited to… research organisations, including universities, charities, clinical research organisations that run clinical trials and pharmaceutical companies”. Big pharma could access the database legitimately!

The top-level management of NHS England has form on this matter. For example, in 2015 Google DeepMind was able to access data from NHS records at the Royal Free London Trust, without patients’ consent and in breach of the Data Protection Act 1998. What is more, there is no fool-proof way to protect a huge central database of this kind against cyber-attacks or accidental data leaks.

To secure the future of the NHS and prevent the farming out of medical data and services to the private sector, we need to fight for a democratically controlled socialist health service, fully funded and under the control of medical professionals, patients, and the wider community.