back to article Ill communication delays NHS England's GP data grab for six months

Despite little political appetite to attack the government's plans to share GP medical records - and with data already held by NHS England - the scheme has been delayed, after doctors expressed concerns about a lack of public awareness. Tim Kelsey, NHS England's national director for patients and information, insisted this …


This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    Usual government arrogance

    We know best, it's just that you little people don't understand, so we'll spend 6 months doing some more finger-puppets for you and then carry on regardless. We still won't let you control your information when we've got it, and you'll just have to trust us about who we'll decide to give it to in the future. And we can't tell you how we'll protect your data, but it'll be very naughty and against the law for anyone we give it to to misuse it, so that's all right then.

    1. Grahame 2

      Re: Usual government arrogance

      "but it'll be very naughty and against the law for anyone we give it to to misuse it"

      But not so naughty that anyone will ever go to jail for misusing it :(

  2. Rob

    Too little too late

    Due to the way this has been handled the only message that seems to be prominent now is 'opt-out' if that stays true and the majority opt out then Shirley this project is relatively pointless?

    As usual central government campaign and comms have gone the same way as their IT projects.

    1. dogged

      Re: Too little too late

      > [if] the majority opt out then Shirley this project is relatively pointless?

      How is that different from any other Government activity?

  3. 2460 Something
    Black Helicopters

    The default should never be opt-out

    Surely for all highly sensitive data like this it should be opt-in only, in which case they would put a lot more effort into actually trying to contact the individuals whose data they wished to sell to the many marketing companies they will have lined up!

    1. PJ H

      Re: The default should never be opt-out

      But if it was opt-in, then they'd collect so little (saleable) data that it would render the whole project useless and worthless.

      Which tells you all you need to know about this project.

    2. Anonymous Coward
      Anonymous Coward

      Re: The default should never be opt-out

      It should *NEVER* be released on an individual basis. *EVER*.

      The data should be aggregated into various age-ranges (poss other groupings) to make it impossible for an individual to ever be identified.

      Epidemiologists don't need to know that Barry Miggins, d.o.b 01/02/1934, AB12 34DE has lung cancer. But they probably would like to know that 12 males in AB12 aged 70-80 do have lung cancer.

      The data aggregation protects Barry from losing his privacy whilst still yielding valuable data. It can still be sold, money can be made, everyone happy.

      For the likes of Experian, that just need you d.o.b. and postcode to know who you are. So much for anonymity. Other jigsaw attacks are easy for an organisation with so my data on you - data on you that you have little-to-no control over.

      1. Anonymous Coward
        Anonymous Coward

        Re: The default should never be opt-out

        The problem with that approach is that it makes the data massively less useful for legitimate means as well as illegitimate ones.

  4. HkraM

    Implied consent

    It's somewhat hypocritical of the government to use implied consent when it suits them (care data, summary care records, ISP adult filters, etc.), but they expect everyone else to use explicit consent.

    1. dogged

      Re: Implied consent

      Government hypocrisy?



  5. Anonymous Coward
    Anonymous Coward


    Now let's see some people brought to heel (if not fired) for this gross mismanagement and negligence.

    1. Graham Marsden

      Re: Good

      Lol! That's a good one, tell us another...!

  6. Flywheel Silver badge

    " lack of public awareness"

    Yes, of course that's part of the issue, especially when the leaflet comes through the letterbox with a dozen other menus offering chicken wings, mega-pizzas and BOGOF liposuction offers.

    *But*, the problem is actually that a lot of people have read what they and these "carefully-selected 3rd parties - whoever they are) can do with your personal data and don't want to play ball. So, "they" are retreating for 6 months, during which time they'll undoubtedly try to make it a legal requirement to supply the data and couch it in such basic terms that even chavs would understand it.

    1. The BigYin

      I think the problem for them was a lack of public awareness, but the fact the public became aware of the intended data rape. The fudged lack-of-info campaign was clearly deliberate.

    2. Evan Essence


  7. Anonymous Coward
    Anonymous Coward

    Another Waste

    So that’s £1m spent on leaflets and delivery that in all likelihood went direct to the recycling bin for most people. Posters in Doctors are no good if you’re not ill and don't frequent surgeries.

    Great use of my taxes. Still on top of the £10Bn wasted on Lorenzo it’s not too bad...

    /Sarcasm mode off

  8. Pat 11

    Why does anything identifiable need to leave the GP?

    Has anyone explained why they need to put anything more detailed than age, gender and first part of postcode into the centralized database? With a unique key generated and held by the GP systems.

    1. James Turner

      Re: Why does anything identifiable need to leave the GP?

      Because they're matching it against the hospital records they already have. So you can do things like spot everyone prescribed a certain treatment later turned up in hospital suffering a particular illness.

      The identifiers are then kept separately and the data released only has the things you mention.

      1. Evan Essence

        Re: Why does anything identifiable need to leave the GP?

        @James Turner - I don't doubt what you say is true, but I haven't seen this explanation before, least of all on any NHS/HSCIC Web page, and I've been reading quite a few recently.

        They'll have to get a lot more open and honest before they're getting my data.

        1. JohnMurray

          Re: Why does anything identifiable need to leave the GP?

          They are going to get your data anyway, no matter what codes you ask to be attached to your file/s.

          The data is going to be extracted anyway, it is just that your attached codes forbid forwarding to others. Theoretically. Your data IS going to HSCIC irrespective.

          Note also that doctors have no read access to the data held by HSCIC.

      2. Anonymous Coward
        Anonymous Coward

        Re: Why does anything identifiable need to leave the GP?

        "So you can do things like spot everyone prescribed a certain treatment later turned up in hospital suffering a particular illness."

        This already happens without invading privacy. We are not talking about sharing data medical professional to medical professional; we talking about selling deeply personal medical data to private companies for a quick buck.

    2. Dr Dan Holdsworth

      Re: Why does anything identifiable need to leave the GP?

      Nothing identifiable needs to leave the GP, but this assumes that whoever is processing the data has basic competence and at least marginal clue. Past experience with the civil service disproves this assumption. Examples here include:

      Encrypting data, putting it on CDs and writing the decryption password on the CDs

      Dumping out entire databases including sensitive identifying data onto USB sticks, and losing them.

      Losing sensitive data about criminal informants where this may be found by those they are informing on.

      Put simply, the government and civil service are too incompetent even to run a bath best out of three. They suffer from the inverse Midas effect. A recent example is kowtowing to the EU so much that dredging of flood-prone rivers was ceased, making it a matter of time before catastrophic flooding occurred and this stupidity was discovered and the mistake traced back to the miscreants. These people are too stupid even to guard their own backs.

      Don't trust idiots with sensitive data!

    3. Anonymous Coward
      Anonymous Coward

      Re: Why does anything identifiable need to leave the GP?

      quite. what happens at the gp stays at the gp.

      want to do research? get informed consent. I would need to know the results were going to be freely published along with the raw data. oh and no disclosure of DOB, post code, NHS number.

      1. Anonymous Coward
        Anonymous Coward

        Re: Why does anything identifiable need to leave the GP?

        Oh, come on! No post code? How are Sainsbury's supposed to know what to stock in the medicines aisle!

  9. ADJB

    Before this latest burst of interest from the popular press I had already done a "I do not consent, sod off" letter for my GP. When I took it down to the surgery I expected blank looks from the desk staff along the lines of what are you talking about?

    To my very pleasant surprise about half way through my first sentence the lady handed me an opt out form pre-printed by the surgery just requiring my name, address and signature. My trust in the practice went up no end especially when a few weeks later my other half was there and her doctor actually raised the issue and offered her an opt out form.

    With that level of open defiance from the shop floor it makes you wonder who actually wants the data and what its really for? (rhetorical)

    1. Anonymous Coward
      Anonymous Coward

      "With that level of open defiance from the shop floor it makes you wonder who actually wants the data and what its really for?"

      Did you stop to consider that your GP might already be selling the information and that being forced to share it with NHS England could deprive them of that extra income?

      Or do you think my mother was invited to a drug trial for something she was being treated for by her GP purely by chance? Oh, her GP contacted her first: She knew that she would get the invitation, but it was the GP who was approached, along with a 'sweetener' for their help. And she didn't agree to the following invitations for other things she might have been suffering from that followed, but that's another story.

  10. Evan Essence

    III Communication ??

    I had to copy the headline into a terminal window (one with a serif font) to work it out.

    "Ill communication". Capital I, double lower-case L.

    Oh, I see, it's a pun.

    1. dogged

      Re: III Communication ??

      Aw mom, you're just jealous, it's the Beastie Boys.

  11. A Non e-mouse Silver badge

    If this system was just to allow hospitals & GPs within the NHS to share data about a patient for the purpose of patient care, then I think opt-out is fine.

    But giving access to any of this data to third parties should definitely be opt-in. What I don't understand is how can the government can avoid any Data Protection issues here? This secondary use of the data is not consistent with any (implied) consent a patient may have given a doctor.

    1. Andy Gates

      "What I don't understand is how can the government can avoid any Data Protection issues here? This secondary use of the data is not consistent with any (implied) consent a patient may have given a doctor."

      I'm equally baffled. Here I am slaving in a hospital IT department surrounded by IT governance reminders, and the National bunch are hawking off weakly-anonymised data well in excess of its remit. How on *earth* is that legal?

      The Helpline unhelpfully says "It's within the law, don't worry your pretty head". Eesh.

      1. Anonymous Coward
        Anonymous Coward

        re what I don't understand

        istr the ICO saying he didn't have any standing because govt passed a law saying the upload was legal. he's just joined in the general chorus. the reason for all this: seats on the board.

  12. BarkingHatstand

    Media bias

    I notice on Radio 4, it was repeatedly stated that all you were opting out of was sharing your information across NHS departments, which I imagine most people would be reasonably happy about, but there was absolutely no mention of data being used by third parties even if slightly anonymised. I can see that coming up to the new autumn deadline it will just get spun so that people are quite happy to automatically opt in without a second thought.

  13. David Roberts

    Which third parties?

    It would help a lot if the government gave some clearer indication of which 3rd parties would be allowed to see the data.

    I volunteer to work with a UK charity and we do get to see some data from GP surgeries - collected with full agreement not stealth slurped - and the data controller is HSCIC.

    In my experience HSCIC has been a tough data controller very aware that data has to be anonymised before passing out of its direct control.

    So if, for instance, the aim was to provide a cancer research charity with data on how effectively recommendations were being followed at the GP level for the treatment, support and referral of newly diagnosed and long term cancer patients then there would probably be general support for a data extraction exercise.

    This could be used, for example, to identify 'postcode lotteries' and build a coherent campaign.

    Pick your own chronic disease and charity - you can usually see major benefits for patients in the medium to long term when interested campaigning bodies get carefully anonymised data from GPs, A&E, specialist clinics etc.

    Pick your own bad example - much quoted is the Insurance Company which wants data which can be reverse engineered to identify individuals and then asses them for long term risk - and you can easily see that there is no way that this data should ever be released.

    So an open and honest government would publish a list of all recipients of the data alongside a charter to HSCIC which ensures that the data is always anonymised before being released to outside parties.

    The list would be rigorously maintained and audited.

    This would go at least some way towards building confidence in the safety of releasing your personal data.

    Of course, you would also have to trust current and future governments not to change the rules.

    Best to have the data held by a trusted third party not directly under government control, but not under commercial control either - possibly a charity.

    However, once the data is out there and aggregated it cannot be recalled which does require an enormous amount of trust from the UK population.

    1. Andy Gates

      Re: Which third parties?

      If it were properly anonymised (with a route back in case of clinical need) and if it were restricted to real research organisations, I'd be gung-ho for it as a great case of Big Data doing useful things.

      If it's sold to Experian or that bloody Meerkat, who jigsaw it back together to deny me a good credit rating or insurance premium because of my last peak flow or my old genetics tests -- that's incredibly sucky. That's a *gross* violation of patient-doctor confidentiality.

      We expect the latter. If the intent was the former (Hanlon suggests it was), there's more than communication problems.

      1. Anonymous Coward
        Anonymous Coward

        Re: Which third parties?

        once this gets out it's going to be re identified. no ifs, no buts.

        they can pass as many laws as they like, the creepy data people at the likes of experian and detica will do the job without fear of prosecution. in fact the govts next move will be to make re identification legal, because terrorism/Chinese hackers/ whatever.

        the police are already going to be given access, so expect to see your results from the clap clinic in a Murdoch rag if you ever get mixed up in a high profile case.

      2. A Non e-mouse Silver badge

        Re: Which third parties?

        If it were properly anonymised

        Proper anonymisation is hard. Just ask Governor William Weld.

        See Ars Technica for more details.

    2. Anonymous Coward
      Anonymous Coward

      Re: Which third parties?

      What makes you think charities can be trusted? Being a charity doesn't mean it's not for profit, Eton is a charity, I'm sure they are not in if for their health (apologies for the pun).

      "It would help a lot if the government gave some clearer indication" ... why would they, it's in their interests to keep the masses uniformed in order to minimise the number of opt-outs and maximise the value of the data.

      Call me cynical but it seems to me that the reason this data is not being truly pseudonymised or anonymised is so that is can be jigsawed by third parties, hence has a value, hence UK Gov can make money out of it.

    3. Breezy

      Re: Which third parties?

      @David Roberts

      "Of course, you would also have to trust current and future governments not to change the rules."

      Lost me right there.

  14. Anonymous Coward
    Anonymous Coward

    They live

    We sleep.

  15. arrbee
    Black Helicopters

    Any bets that current opt-out declarations will be (quietly) declared invalidated by this delay ?

  16. Anonymous Coward
    Anonymous Coward


    It looks very much like they tried to keep it as low key as possible as they knew quite well how iffy some of the proposals were. Had they trumpeted it from the rooftops, the take up for opt outs would have headed quickly north - as it almost certainly will now the press is belatedly doing a proper job. The leaflet was very conveniently selective in its pros/cons arguments, with little but positive points aired and no mention I recall of pimping sensitive data out to all comers from the private sector. It was extremely vague on opting out - presumably to discourage it - and offloaded the effort onto already busy local surgeries.

    It's this private sector deal that made me opt out a couple of months ago. The vagueness surrounding the plans made it quite clear to me that whatever agreement was announced for 'sharing' with profit making businesses would be the thin end of a rapidly widening wedge, the extent of which would only emerge when it was too late for anyone to change their minds. Combined with the amateur hour anonymisation plans, it would/will have been a gold mine we will be able to regret at our leisure for decades.

    The real shame is, it's easy to see the huge value to the health service and medical research had it been properly thought out and handled. But predictably, that plump layer of managerial fat couldn't help seeing the potential for an easy-win money making scheme with (for them) no downside. And equally predictably, the resulting fuckup will cost the NHS and the nation dearly, with the guilty left unscathed to plan their next pointless assault on public finances.

  17. Anonymous Coward
    Anonymous Coward

    donning my PPE...

    1. When I end up in A&E I want the doctors there to know that my GP has identified that I am allergic to, lets say, penicillin.

    2. When I get a rare complaint I want the choice of treatment to be based on the widest possible research base - i.e. what have been the outcomes and side effects for previous patients.

    3. Analysis of community - wide data could turn up early warning signs of conditions otherwise easily missed. Like there may be a correlation between use of a specific medication in people who fit a particular lifestyle profile and the emergence 10 years later of another condition. Or the tracking of the spread of an infectious disease perhaps identifying how it may be most effectively contained.

    4. In an ideal world an algorithm could be applied as each symptom for a patient is uploaded to relate that to their medical history and compare with previous patients showing a similar profile. That could supplement the individual doctor's diagnosis with a wider range of possibilities and treatments (see the example of a patient diagnosed with cobalt intoxication where the doctors only recognised that very rare condition because they's seen it on an episode of TV program "House"). A simpler example from my own family experience. Persistent back ache in a very fit person and associated "indigestion" both of which are very common conditions but neither of which responded to any treatment. With the benefit of hindsight one specialist said yes, a strong correlation with pancreatic cancer (aggressive treatment in the early stages can have a modicum of success, the normal late diagnosis gives you 6 months max and the only medication you'll need is morphine).

    If I deny the ability to share my medical data I'm putting myself at risk. If you don't share your data then your selfishness exposes me and many others to sub-optimal treatment because the system doesn't know what treatment worked, or failed to work, for you.

    Let me remind you that NHS care is free - so you're happy to take that but not to make a small contribution (of medical data) to improve future outcomes for yourself and for the wider community. In that case I suggest you opt out of NHS care, what business has the government to choose to opt us all in to free NHS care without prior consultation and our explicit agreement? If you are so concerned then why not take up the option of private medical care.

    Now let's come on to the collective paranoia about confidentiality. Where the legislators are letting us down is that sanctions against revelation of personal information gained by analysis of anonymised data are absent, weak or available but not implemented. If I reverse engineer copy protection on a dvd I'll be in big trouble with the commercial interests of MPAA or similar but if I break into anonymised personal data that seems to be OK and I can publish the results with no penalty, instead the blame falls on whoever anonymised the data.

    At the same time all these paranoid persons are feeding a continual stream of their own personal data through twitter, facebook etc. to the extent that analysis of twitter feeds has been used to monitor the spread of flu outbreaks.

    And I may think of my status of this posting as " Anonymous Coward" but I'm reasonably confident that if anyone with the right skills was sufficiently anxious to identify me they could.

    1. BarkingHatstand

      Re: donning my PPE...

      >> Let me remind you that NHS care is free

      But its not free, free at the point of use, but all uk tax payers pay for it.

      I think most people would be happy for big data to be used for good, but soon as its sold for profit then other factors come in to play, and it can then be used against the common good.

      I'm starting to see the British gov as another business analysing any opportunity to relieve me of more of my already taxed earnings or controlling what I care to do.

  18. hoola Silver badge


    The complete scheme is a shambles and is making all medical records available to the highest bidder. There appears to be nothing to stop this being sold on again and again and as with any digital information, once it is out, you can never get it back.

    You may as well just publish all personal and confidential infromation on a publically accessible website.

  19. Starkadder

    No. Thanks.

    DoB plus postcode are all that is needed to identify any individual in the country. 40% of GPs have already opted out, and when the rest of them are told that will, in effect, publish their medical records for everyone to see many more will opt out. If my GP writes to me and tells me he will opt in then I'll think about it, but for now I have taken the only safe course and opted out.

  20. Ewan Robson

    I'm In

    I welcome any comments on the rights of patients to ensure they feel that their information is secure and confidential. I will be opting in as I believe in the security of the information and how it will be used will in the best interests of my care and others. It will not be sold to private companies, it will not be just given to the police and it certainly will not be identifiable to the point people are saying.

    The HSCIC will receive the data, anonymise it, and share with NHS England who will be able to plan our health care. who would you not want that. It may be in rare occasions that your data could be identifiable and that will be because of a health condition that is publicly known via the media but will still only be used for your health care.

    On the opt out it is not illegal to ask for an opt out but good practice to as of an opt in. In the case of 30 million or so patients this would be impossible and therefore would make the project unworkable.

    I believe my health comes before any very small chance of breach of confidentiality and if it found that staff handling the data misuse it then they will be dealt with appropriately.

    Finally i love the NHS and what it stands for.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021