back to article Scrapped NHS care.data ballsup cost taxpayer almost £8m

NHS England spent nearly £8m on its controversial care.data programme before scrapping it earlier this year, El Reg can reveal. The publicly hated programme was beset by delays and was criticised by both doctors and privacy campaigners about the haphazard way it would share sensitive medical data of citizens with commercial …

  1. Pascal Monett Silver badge

    “The money invested in the care.data programme ha[s] not been wasted"

    Of course not. Your pork-barrel buddies have immensely enjoyed and profited from it.

    1. Anonymous Coward
      Anonymous Coward

      Re: “The money invested in the care.data programme ha[s] not been wasted"

      Fair point but in the end this was a stupid idea pushed by the government and they should not be let off the hook.

      It would almost be funny if real people weren't worse off from the missed opportunity of spending the money on doctors and nurses.

  2. Doctor Syntax Silver badge

    Translation: We spent £8.1m finding out what we can and can't get away with and how not to do it.

  3. Anonymous Coward
    Anonymous Coward

    Just how many of the consultants in this fiasco have been fired? Then add to that the number of staff involved and fire them without a golden handshake or gold plated pension and we might be able to recoup a lot of the loss.

    1. Anonymous Coward
      Anonymous Coward

      While I'm sure a lot of incompetent project managers were involved the main problem with the program was down to the lack of respect for privacy and that lies at the door of our overlords. This project has been on the "at risk" list almost since day one, again failure to deal with that is down to our beloved leaders.

  4. Anonymous Coward
    Anonymous Coward

    what's amazing

    is the weasel words of the weasels who've wasted the money. I mean, it's positively been a success! Raising awareness and learning lessons. Total cost: 8 milion.

    Do they at least know WHAT f... lessons they learnt? I bet it's: until the next project then!

  5. Lobrau

    Lessons learnt:

    1)We must be much more surreptitious about sharing patient data. Best scenario would be not telling them at all

    2)Companies will part with lots of filthy, filthy lucre in order to access this information. Suggest employing more managers/lining directors' pockets with the proceeds

  6. Tony S

    In terms of the overall NHS budget, £8 million is probably not a lot, but there are a lot of things that could have been done with that money at any one of a number of places that are really struggling to make ends meet.

    The real issue is that the project may have been shelved; but it's clear that they still want to press ahead with the concept under a different name. So that £8 mil, may in fact become £18 mil, or £28 mil or £50 mil in just a few years time, and still never actually deliver anything of any value to the NHS, the care providers or the patients.

    Until those making the decisions are help personally accountable for these cockups, nothing will change.

    1. Flocke Kroes Silver badge

      NHS Budget

      The National Audit Office publishes the NHS budget along with a bunch of other handy pages for debunking politicians. £8.1M is about 36 minutes of the annual budget, or nearly 4 hours of the weekly £350M that the Brexits haven't diverted to the NHS.

      I must admit that I am shocked. I expect government IT projects to reach over £100M before being scrapped. Some one has clearly made the others look bad, and will shortly be moved to the office with the funny smell.

      1. Anonymous Coward
        Anonymous Coward

        Re: NHS Budget

        What relevance is the NHS budget to the size of this waste of money?

        Is someone advocating that a small percentage of a public utilty's budget can be wasted without any accountability?!?

        £8M is £8M. It's not like it's peanuts.

        Even though the State organisations haven't yet twigged the 101 of business the pennies make the pounds.

        Grrrrrrrr..... :(

  7. Whitter
    Boffin

    Always biting off too much to chew

    Requirements:

    Patient opt-in system

    Patient must be able to opt-out after opt-in

    Identify patient

    Get Patient's GP's phone number

    Encryption, access control and access/change logging etc. implemented from day 1

    Extendable system but no *requirement* for any other data <otherwise every health professional wants all their data file formats to be "standards" in the UK-wide database - never going to happen; queue massive bun-fight and resistance and another £8m down the drain>

    Set up a charity to hold and manage the data, who's charter is inviolate and does not permit sharing data outwith the NHS *ever* (ever isn't possible really, but using a charitable "buffer" makes it harder for some future douchebag parliament to play fast-and-loose with the data)

    Get that system working reliably and then come back for more if you make it...

    1. phuzz Silver badge

      Re: Always biting off too much to chew

      "does not permit sharing data outwith the NHS"

      Part of the point of sharing patient data in the first place, is so that medical researchers have access to millions of records, rather than having to base their results on a handful of people in a formal study. So ideally there should be a mechanism for the data to be used for research purposes, with a whole bunch of safe-guards of course.

      1. Whitter
        Happy

        Re: Always biting off too much to chew

        Researchers could do so in collaboration with the NHS if additional medical data was eventually added - I suspect phase I as it stands would take them a good decade!

        But never allow access to the raw data: only on-NHS-site controlled access to the limited fields required and no copying/caching thereof, after an open consultation on the public benefit to the research being carried out at all. Making tax money is not enough: its either target positive health outcomes that are reasonably accessible by the public or no access.

        Or not. I've only spent a minute thinking it up!

        For example: Opt-in might need to be more refined than an all-or-nothing setting, allowing opt-in for specific records (x-rays of fractures for example) and assuming opt-out of any other record. This all gets very complex very quickly, so build something very simple first!

      2. Anonymous Coward
        Anonymous Coward

        Re: Always biting off too much to chew

        Those safeguards already exist. Don't believe me? Try asking NHS Digital for a dataset and see how rigorous the vetting process actually is. I work for the aforementioned organisation and we're already giving patient data to researchers (which incidentally, you can opt out of).

        1. Anonymous Coward
          Anonymous Coward

          Re: Always biting off too much to chew

          "(which incidentally, you can opt out of)." .... but there is no system currently, fully, in place to actual act upon those opt outs now is there.

  8. MrTuK
    WTF?

    Just make it an Opt-in rather than Opt-out !!!!

    It is so f**king simple, if its made Opt-in then only the people with any interest in letting their private medical information be open for every man and dog to peruse at their leisure would join said stupid scheme !

    Just like at the bottom of some forms they have a tick box for you to be opted-in to advertising BS, obviously most people don't tick the box, because most people are not that stupid or are they ?

  9. Tom Paine

    £8m? 0.001% of total public sector expenditure*, then? Not that big of a deal -- and a miinscule expenditure compared to boondoggles like UC or those wretched aircraft carriers.

    * £770 Bn in 2016-17. Source: https://www.gov.uk/government/publications/budget-2016-documents/budget-2016

  10. Anonymous Coward
    Anonymous Coward

    The fact it has been scrapped to me means it was a success albeit an expensive one.

    How far did they actually get with the transfer of data? I'm guessing the external (G.P.) records may not have been extracted but possibly the internal (Hospitals) has.

    1. Anonymous Coward
      Anonymous Coward

      Hospital records have been collected for well over a decade,

  11. Anonymous Coward
    Anonymous Coward

    Lessons have been/will be?

    Hang on, I hear the excuses already in the media...

    * Lessons have been learned (option 1)

    * Will be learned (option 2)

    or disregarded completely (highly likely)

    same old tosh for the next fuck-up

  12. PNGuinn
    Flame

    OK, Let's look at this logically ...

    Sooo - some £8m (+ what they're not telling) pissed up the wall / dropped in the usual troughs to find some obvious answers to a few wtf obvious questions ...

    Now, as I understand it its MY data, so at least I own the performing rights.

    So - can I make 'em an offer?

    On the basis of the value you've got for your £8m - how about £10k per byte of MY data, supplied individually and randomly, with my choice of font(s), as 1 byte per sheet of A4 paper, BY ME AFTER MY VETTING (vetting. randomising, printing and delivery charges extra - will apply per byte. Undefined number of random extra bytes may be supplied to improve data security - these are also chargeable.) Usable for ONE defined purpose only as agreed by ME, data NOT to be copied or transferred to ANY OTHER MEDIUM. payment in advance.

    Oh, in the interests of DATA SECURITY, when said data is no longer required it is to be securely destroyed by coating it in a strong oxidising agent, rolling it up, data inwards for security, and inserting it, sheet at a time, into appropriate sunless orifice(s) of MY choosing (which I couldn't possibly define on a family organ such as el Reg).

    Before incineration with a large blowlamp.

    Process to be filmed and appropriately disseminated on the interwebs, (NB is MY data being securely destroyed - I claim FULL copyright of the process as a condition etc etc ...)

    I'm sure the legal eagles / vultures here can improve upon the details ...

    Seems a perfectly reasonable offer to me ....

    We need a large blowlamp icon ....

  13. Mk4

    opt-in, opt-out is missing the point

    PNGuinn is being facetious but there is one point made that really important - it's personal data (my data and your data). It should be the property of the people it comes from, then many problems with questions about data access in the NHS and many other places become vastly simplified. Imagine the personal data is the property (in law) of the people it relates to. If someone wants a copy then it's equivalent to asking to borrow someone's property - if someone doesn't provide that permission then it's a criminal offence (like TWOCing) if they take it anyway.

    Sure, this leads to a great deal of work to manage permission, but that's the same in many other spheres of human activity. Having a simple and clear principle to work from, that everyone can easily understand (not like DPA or GDPR) prevents a huge amount of discussion and interpretation (leading to massive variation across systems and industries). Not to mention pissing 8 million quid up the wall.

  14. x 7

    As I've said before, the really crazy thing is that there was no need for care.data.

    Between the three big suppliers of GP clinical systems: Emis Web, INPS Vision, SystmOne, something like 95% of surgery records are already held in remote data centres and can be centrally accessed (assuming permissions are given)

    Regional CCGs already extract care.data style information for surgeries within their geographical area. Expanding it to a global scale is trivial. Care.data was never required as there is already an existing commercially funded alternative in place

    1. Anonymous Coward
      Anonymous Coward

      As you say CCGs do already do this. The question is, with what legal basis? Each practice can have a data sharing agreement with them, but under what legal basis is the practice allowing the patient data to be shared?

  15. Lusty

    Facebook approach

    Opt-out is a terrible way to do this. Use the Facebook model instead. Put the public in charge of their data through a portal - we could even use OAuth to log in with some suitable mechanism to confirm identity. Once in the portal, a nice explanation of how my data will help research could be presented, with a list of interested parties below. I could read through them, and select to opt in. This would obviously need to integrate with social media to raise awareness of campaigns but that's no different to current charity mechanisms. If I'm interested in furthering reasearch into heart disease, I just tick the box and they get temporary access to my data (in situ, preferably, so they don't later "forget" to delete it again).

    The reason this won't happen is that NHS would very much like to monetise our data. I'd prefer they didn't.

  16. rcx141

    Eight Million?

    That barely pays for a handful of powerpoint decks!!

  17. JohnMurray

    But...But:

    "NHS handed over GP data to 150 groups against patients' wishes"

    http://www.pulsetoday.co.uk/your-practice/practice-topics/it/nhs-handed-over-gp-data-to-150-groups-against-patients-wishes/20032882.article

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021