“The money invested in the care.data programme ha[s] not been wasted"
Of course not. Your pork-barrel buddies have immensely enjoyed and profited from it.
NHS England spent nearly £8m on its controversial care.data programme before scrapping it earlier this year, El Reg can reveal. The publicly hated programme was beset by delays and was criticised by both doctors and privacy campaigners about the haphazard way it would share sensitive medical data of citizens with commercial …
Fair point but in the end this was a stupid idea pushed by the government and they should not be let off the hook.
It would almost be funny if real people weren't worse off from the missed opportunity of spending the money on doctors and nurses.
While I'm sure a lot of incompetent project managers were involved the main problem with the program was down to the lack of respect for privacy and that lies at the door of our overlords. This project has been on the "at risk" list almost since day one, again failure to deal with that is down to our beloved leaders.
1)We must be much more surreptitious about sharing patient data. Best scenario would be not telling them at all
2)Companies will part with lots of filthy, filthy lucre in order to access this information. Suggest employing more managers/lining directors' pockets with the proceeds
In terms of the overall NHS budget, £8 million is probably not a lot, but there are a lot of things that could have been done with that money at any one of a number of places that are really struggling to make ends meet.
The real issue is that the project may have been shelved; but it's clear that they still want to press ahead with the concept under a different name. So that £8 mil, may in fact become £18 mil, or £28 mil or £50 mil in just a few years time, and still never actually deliver anything of any value to the NHS, the care providers or the patients.
Until those making the decisions are help personally accountable for these cockups, nothing will change.
The National Audit Office publishes the NHS budget along with a bunch of other handy pages for debunking politicians. £8.1M is about 36 minutes of the annual budget, or nearly 4 hours of the weekly £350M that the Brexits haven't diverted to the NHS.
I must admit that I am shocked. I expect government IT projects to reach over £100M before being scrapped. Some one has clearly made the others look bad, and will shortly be moved to the office with the funny smell.
What relevance is the NHS budget to the size of this waste of money?
Is someone advocating that a small percentage of a public utilty's budget can be wasted without any accountability?!?
£8M is £8M. It's not like it's peanuts.
Even though the State organisations haven't yet twigged the 101 of business the pennies make the pounds.
Grrrrrrrr..... :(
Requirements:
Patient opt-in system
Patient must be able to opt-out after opt-in
Identify patient
Get Patient's GP's phone number
Encryption, access control and access/change logging etc. implemented from day 1
Extendable system but no *requirement* for any other data <otherwise every health professional wants all their data file formats to be "standards" in the UK-wide database - never going to happen; queue massive bun-fight and resistance and another £8m down the drain>
Set up a charity to hold and manage the data, who's charter is inviolate and does not permit sharing data outwith the NHS *ever* (ever isn't possible really, but using a charitable "buffer" makes it harder for some future douchebag parliament to play fast-and-loose with the data)
Get that system working reliably and then come back for more if you make it...
"does not permit sharing data outwith the NHS"
Part of the point of sharing patient data in the first place, is so that medical researchers have access to millions of records, rather than having to base their results on a handful of people in a formal study. So ideally there should be a mechanism for the data to be used for research purposes, with a whole bunch of safe-guards of course.
Researchers could do so in collaboration with the NHS if additional medical data was eventually added - I suspect phase I as it stands would take them a good decade!
But never allow access to the raw data: only on-NHS-site controlled access to the limited fields required and no copying/caching thereof, after an open consultation on the public benefit to the research being carried out at all. Making tax money is not enough: its either target positive health outcomes that are reasonably accessible by the public or no access.
Or not. I've only spent a minute thinking it up!
For example: Opt-in might need to be more refined than an all-or-nothing setting, allowing opt-in for specific records (x-rays of fractures for example) and assuming opt-out of any other record. This all gets very complex very quickly, so build something very simple first!
Those safeguards already exist. Don't believe me? Try asking NHS Digital for a dataset and see how rigorous the vetting process actually is. I work for the aforementioned organisation and we're already giving patient data to researchers (which incidentally, you can opt out of).
It is so f**king simple, if its made Opt-in then only the people with any interest in letting their private medical information be open for every man and dog to peruse at their leisure would join said stupid scheme !
Just like at the bottom of some forms they have a tick box for you to be opted-in to advertising BS, obviously most people don't tick the box, because most people are not that stupid or are they ?
Sooo - some £8m (+ what they're not telling) pissed up the wall / dropped in the usual troughs to find some obvious answers to a few wtf obvious questions ...
Now, as I understand it its MY data, so at least I own the performing rights.
So - can I make 'em an offer?
On the basis of the value you've got for your £8m - how about £10k per byte of MY data, supplied individually and randomly, with my choice of font(s), as 1 byte per sheet of A4 paper, BY ME AFTER MY VETTING (vetting. randomising, printing and delivery charges extra - will apply per byte. Undefined number of random extra bytes may be supplied to improve data security - these are also chargeable.) Usable for ONE defined purpose only as agreed by ME, data NOT to be copied or transferred to ANY OTHER MEDIUM. payment in advance.
Oh, in the interests of DATA SECURITY, when said data is no longer required it is to be securely destroyed by coating it in a strong oxidising agent, rolling it up, data inwards for security, and inserting it, sheet at a time, into appropriate sunless orifice(s) of MY choosing (which I couldn't possibly define on a family organ such as el Reg).
Before incineration with a large blowlamp.
Process to be filmed and appropriately disseminated on the interwebs, (NB is MY data being securely destroyed - I claim FULL copyright of the process as a condition etc etc ...)
I'm sure the legal eagles / vultures here can improve upon the details ...
Seems a perfectly reasonable offer to me ....
We need a large blowlamp icon ....
PNGuinn is being facetious but there is one point made that really important - it's personal data (my data and your data). It should be the property of the people it comes from, then many problems with questions about data access in the NHS and many other places become vastly simplified. Imagine the personal data is the property (in law) of the people it relates to. If someone wants a copy then it's equivalent to asking to borrow someone's property - if someone doesn't provide that permission then it's a criminal offence (like TWOCing) if they take it anyway.
Sure, this leads to a great deal of work to manage permission, but that's the same in many other spheres of human activity. Having a simple and clear principle to work from, that everyone can easily understand (not like DPA or GDPR) prevents a huge amount of discussion and interpretation (leading to massive variation across systems and industries). Not to mention pissing 8 million quid up the wall.
As I've said before, the really crazy thing is that there was no need for care.data.
Between the three big suppliers of GP clinical systems: Emis Web, INPS Vision, SystmOne, something like 95% of surgery records are already held in remote data centres and can be centrally accessed (assuming permissions are given)
Regional CCGs already extract care.data style information for surgeries within their geographical area. Expanding it to a global scale is trivial. Care.data was never required as there is already an existing commercially funded alternative in place
Opt-out is a terrible way to do this. Use the Facebook model instead. Put the public in charge of their data through a portal - we could even use OAuth to log in with some suitable mechanism to confirm identity. Once in the portal, a nice explanation of how my data will help research could be presented, with a list of interested parties below. I could read through them, and select to opt in. This would obviously need to integrate with social media to raise awareness of campaigns but that's no different to current charity mechanisms. If I'm interested in furthering reasearch into heart disease, I just tick the box and they get temporary access to my data (in situ, preferably, so they don't later "forget" to delete it again).
The reason this won't happen is that NHS would very much like to monetise our data. I'd prefer they didn't.