back to article UK government bows to pressure, agrees to delay NHS Digital grabbing the data of England's GP patients

The UK government has conducted an embarrassing climbdown by agreeing to delay the implementation of NHS Digital's controversial grab of GP patient data by two months. Jo Churchill, under-secretary for health and social care, told MPs today in Parliament that the date for the extraction of data from GP systems under General …

  1. Yet Another Anonymous coward Silver badge

    Opens excuses manual

    1, Claim anyone opposing plan is confused and misunderstood

    2, Claim to "dialog with stack-holders" with empathy face

    3, Rename operation

    4, Do exactly the same thing it in another way

    1. Headley_Grange Silver badge

      Re: Opens excuses manual

      @YAAC: slight mod.

      4. Do exactly the same thing it in another way and invalidate all current opt-outs because it's a new process.

      5. Make it even harder to opt out of the new process.

    2. Fazal Majid

      Re: Opens excuses manual

      5. Name the program in a way that is confusing similar to the GDPR

    3. Fr. Ted Crilly Silver badge

      Re: Opens excuses manual

      Ah yes, the well worn exercise of consult and ignore, Sir Humphrey is a patient man...

  2. Flywheel

    Matt Hancock to involve patients

    Good grief! That must be the first time a Tory MP has ever considered asking The Product for an opinion. Is the tide finally turning?

    1. Flocke Kroes Silver badge

      Re: Asking the product

      Both parties do this routinely - when they are the opposition party.

    2. Yet Another Anonymous coward Silver badge

      Re: Matt Hancock to involve patients

      >Tory MP has ever considered asking The Product for an opinion

      Didn't work too well last time <cough>brexit<cough>

      1. Anonymous Coward
        Anonymous Coward

        Re: Matt Hancock to involve patients

        Didn't work too well last time <cough>brexit<cough>

        I think they feel Brexit worked wonderfully. They got 31% of the electorate to vote for something and then pretend that the majority of people want it. They now have the opportunity to blame problems upon covid and screw over us even more thoroughly.

        1. PC Paul

          Re: Matt Hancock to involve patients

          to vote for something... poorly defined with lots of room to make it mean whatever they wanted!

    3. Anonymous Coward
      Anonymous Coward

      Re: Matt Hancock to involve patients

      Consultations don’t mean they actually listen to the people who respond - they might be dangerously informed.

    4. Alan Brown Silver badge

      Re: Matt Hancock to involve patients

      As seen with motorway consultations, the results aren't changed. The consultation is done after the decisoins have been made and contracts signed off on

      1. Ed charles

        Re: Matt Hancock to involve patients

        I like the way NHS Digital state the the BMA were consulted. The BMA put out a nicely worded statement that in fact said 'NO we fucking were not'.

        1. Joseba4242

          Re: Matt Hancock to involve patients

          What they actually said is that the literal meaning is correct - they were consulted - but they objected.

  3. Anonymous Coward
    Anonymous Coward

    1st July, 1st September

    not to worry, by 1st September the plebs will have had other matters to worry their little heads about: returning from holiday, returning to schools...

    1. Greybearded old scrote Silver badge
      Joke

      Re: 1st July, 1st September

      Trying to return from holiday.

      1. Anonymous Coward
        Anonymous Coward

        Re: 1st July, 1st September

        my little conspiracy theory is that this game of green/amber covid chairs is to keep the Brits at home this summer. Not directly, because that might cause mass-unrest... but, you know, every little helps, people, scared of losing even more money to airlines and incompetent testing 'partners' will spend this summer time (and money) on the Great British Holidays. Also, they might give a helpful hand to the Great British Farmers, lamenting shortage of cheap European labour...

        1. First Light

          Re: 1st July, 1st September

          A conspiracy theory requires a basic level of competence in government, which it does not appear to possess.

        2. Anonymous Coward
          Anonymous Coward

          Re: 1st July, 1st September

          "{...] and incompetent testing 'partners' [...]"

          Dido Harding is moving on. In the spirit of the magic circle of upper management failures - she is being tipped as No. 10's choice to run NHS England.

          1. a pressbutton

            Re: 1st July, 1st September

            hm.

            Harding taking over ...

            Time to download your records

            a) so they will be accessible to your GP

            b) so you know what some script-kiddie will be sniggering over when there is a leak

          2. Anonymous Coward
            Joke

            Re: 1st July, 1st September

            > Dido Harding is moving on.

            Seems a good idea to me: first TalkTalk, then Test & Trace, so now it should be third time lucky.

          3. Alan Brown Silver badge

            Re: 1st July, 1st September

            at some point the possibility of dosing parliamentary drinking water with sodum fluroacetate starts having a lot of appeal

    2. Joe W Silver badge

      Re: 1st July, 1st September

      ... and by then all of the fuzz has died down. Like with WatsApp and Facebook.

      Honi soit...

    3. Fruit and Nutcase Silver badge

      Re: 1st July, 1st September

      They'll keep it under wraps and slip it out on a good day to hide this sort of news when everyone is looking elsewhere. There's probably a whole team of people employed to be on the lookout for that sort of day

      1. Rich 11 Silver badge

        Re: 1st July, 1st September

        There's probably a whole team of people employed to be on the lookout for that sort of day

        I'll save them a few dozen Serco consultants costing a grand a day -- the day to make the announcement will be 30th August, for the following reasons:

        1) It's a Bank Holiday.

        2) Parliament isn't sitting.

        3) The news will be full of complaints about this year's scheduled exam results fiasco.

        Opt out while your opt-out isn't yet overridden by the next opt-out scheme.

        1. RegGuy1 Silver badge

          Re: 1st July, 1st September

          Yep, opted out. But it was a real pain.

          I had to find the opt-out form.

          Download it.

          Find someone to print it.

          Work out how to complete it -- in the end I put a big tick next to 'opt out'. What a shit form.

          I then had to send it to my GP. So bung it in an envelope, pay for a stamp and go and find a post box.

          The fucking NHS is geared to the old, computer illiterate numpties (who probably voted for brexit). You know the sort. They only use cheques, and think direct debit is a dangerous evil. Or is that just my parents?

          Some of us don't need to use a telephone, and know what a computer is and how email works. It'd be nice if I could use email to talk to my surgery rather than only being able to use it for some shitty admin queries about their website.

          FFS we are in the 21st century. The sooner the old die off the better it will be for us all.

          1. Ed charles

            Re: 1st July, 1st September

            The best bit is yet to come. If you used the form from the NHS Digital website you have only opted out of your identifiable data being used. Your anonymised data can still be used. Which is errr.....everything.

      2. Ed charles

        Re: 1st July, 1st September

        Just checked MSM and the entire story is still on page 94 after an article on dead cats in the fructology section. You might even conclude that they are trying to keep it quiet.

    4. Peter X

      Re: 1st July, 1st September

      and the EU trade war

  4. Bendacious Bronze badge

    Accidental naming coincidence

    Is this deliberately named GPDPR to make people think it protects their privacy like a similarly named law? I'm thinking it probably is. When there was a very successful campaign named "National Living Wage", which pressured the government to bump up the Minimum Wage to something people can live on, the government responded by renaming the minimum wage to the National Living Wage. Which would presumably kill the campaign's Google ranking and sow confusion.

    1. Steve Foster
      Facepalm

      Re: Accidental naming coincidence

      It's almost certainly not accidental. (cynical, moi? whatever gave you that idea?)

    2. teebie

      Re: Accidental naming coincidence

      Like the postcode lottery? Or the health lottery?

    3. Ed charles

      Re: Accidental naming coincidence

      Of course they also caused confusion by the initial headline on the form saying about 'false information'. Most people immediately switch off thinking conspiracy theory.

  5. Loyal Commenter Silver badge

    GPDPR?

    Is it just my suspicious mind, or have they deliberately named it such that the acronym* is very similar to "GDPR", in order to sow confusion, and possibly subconsciously associate any bad smell that arises with the EU's GDPR?

    *Yes I know it's not technically an acronym, sue me.

    edit - OK, so I see I'm the third person to post the same thought. We are a suspicious lot, aren't we?

    1. Steve Foster
      Holmes

      Re: GPDPR?

      "We are a suspicious lot, aren't we?"

      Suspicion born from experience.

      1. Anonymous Coward
        Anonymous Coward

        Re: GPDPR?

        otherwise known as 'a pessimist is a well-informed optimist'. When 'information' = 'experience'.

      2. Loyal Commenter Silver badge
        Pirate

        Re: GPDPR?

        If you're not a cynic, you're not paying attention.

    2. Anonymous Coward
      Anonymous Coward

      Re: GPDPR?

      See also "NHSTest & Trace" (Dido Harding's lot), who use the same logos as the NHS (the ones with the hospitals, who may be about to become Dido Harding's next lot).

      1. N2
        Facepalm

        Re: GPDPR?

        Dido Hardings lot, see icon

  6. batfink

    Who are NHS Digital exactly?

    Hmm. I'm starting to get quite confused here. Aren't NHSX part of this new NHS Transformation Unit? And is that the one that the esteemed Baroness Dido Harding is being lined up to oversee??

    1. Adrian 4

      Re: Who are NHS Digital exactly?

      There lots of bits of the NHS, Public Health England, the Health secretary etc. etc.

      Conveniently, so many that it's difficult to know which, if any, can be trusted.

      1. Ed charles

        Re: Who are NHS Digital exactly?

        In a very brief summary -it's complicated. I spent a lot of time looking at this and was surprised at the extent of the amount of private commercial companies already active in the NHS and their core functions. For instance Capita running Primary Care Support Services for just about everybody. The extensive role that Atos plays within NHS Digital and NHSX. etc etc. It seems it all started with Matt Hancock. I am now waiting for the journalist who can follow the money after Matt received a ticking off for breaching the Ministerial Code( for his family firm getting NHS contracts in which he has an interest). Normally a resignation issue.

        P.S. and do not even mention killing off all the old biddies in care homes with covid

    2. Yet Another Anonymous coward Silver badge

      Re: Who are NHS Digital exactly?

      >Aren't NHSX part of this new NHS Transformation Unit?

      NHSX is where Dr X works

      NHS Digital is the stuff that involves sticking fingers in you

  7. AMBxx Silver badge
    WTF?

    >> build a trusted research environment and ensure that data is accessed securely.

    Shouldn't that have been done in time for July 1st rather than the new date?

    I've now successfully persuaded 6 people to opt out. Now have another 2 months to work on a few more.

    1. yetanotheraoc Silver badge

      Re: >> build a trusted research environment and ensure that data is accessed securely.

      "build a trusted research environment and ensure that data is accessed securely"

      Wrong priorities. How about build a restricted non-commercial research environment and ensure that data is accessed with complete respect for patient privacy?

    2. Anonymous Coward
      FAIL

      Re: >> build a trusted research environment and ensure that data is accessed securely.

      @AMBxx

      Maybe they just said yes to shut you up? Especially as you can't even manage to get the date right. July 1st???

    3. Hugo Rune
      Stop

      Re: >> build a trusted research environment and ensure that data is accessed securely.

      "I've now successfully persuaded 6 people to opt out. Now have another 2 months to work on a few more."

      Data transfer date has been moved but there is no mention of a change to the opt-out deadline

      1. Loyal Commenter Silver badge

        Re: >> build a trusted research environment and ensure that data is accessed securely.

        The gov't web site that you are supposedly able to opt out through (see my post below) states that there is no deadline to opt out. I suspect they are using weasel words here of course. The "deadline" is the date after which, if you have not opted out, that data will be scraped. Opting out after that date would presumably stop further scraping of your data, and may trigger a process where the data that has already been scraped is removed, but my faith is low that, when these requests filter through to the private organisations that are obtaining that data, they won't already have aggregated, copied, illegally de-anonymised and permanently archived that data.

        In line with the works that your user name references, at that point, the only thing to do may be to unleash the Train of Trismegistus to find that data and bring it back (with apologies to Rob).

  8. xyz Silver badge

    Or....

    The specs for what data are to be slurped have changed and they need time rewrite the scripts.

    Just sayin'

    1. Anonymous Coward
      Anonymous Coward

      Re: Or....

      The specs will be defined already as everything held by Emis and SystmOne. The private companies who already hold the majority of GP data.

  9. Falmari Silver badge
    WTF?

    Law enables organisations

    Information Commissioner Elizabeth Denham “Data protection law enables organisations to share data safely”.

    No, it bloody doesn’t, it enables nothing, it is not bleeding tech support sending a couple of tech to switch this on set that protocol. That is like saying the speeding laws enable drivers to drive at a safe speed. It is meant to prevent with the threat of punishment your private data being shared unsafely and punish those that do. But let’s face it everyone ignores the threat only following the law if caught.

    1. David M

      Re: Law enables organisations

      “Data protection law enables organisations to claim that they share data safely”

      FTFY

    2. Anonymous Coward
      Pint

      Re: Law enables organisations

      @Falmari

      Can't upvote you enough.

      Fuck work tomorrow. Have 20 of these tonight.

      Cheers… Ishy

    3. Jonathon Green

      Re: Law enables organisations

      It’s probably perfectly safe for the organisations. You and/or I not so much…

  10. Anonymous Coward
    Anonymous Coward

    Well I never

    At the end of the day it should be opt in not opt out ! Handy how the bias (again) is in their favour. Who in their right mind would trust that creep Hancock anyway, with no medical qualifications,,,

    1. Version 1.0 Silver badge
      Facepalm

      Re: Well I never

      It's just a U-Turn, a standard government procedure ... we'll probably see another one soon or "evidence" that it's an EU problem - of course three years ago they would be running around blaming the EU for the hole data (sic) problem.

  11. Jim Whitaker
    WTF?

    Not again

    This is the second time a whole bunch of highly skilled, well-meaning people have behaved as if they were idiots. The last time it happened I was professionally involved as an IG manager for a large NHS body. The whole process was so half-baked I personally opted out of sharing. In due course the process was "fixed". Now we are in it again.

    To be plain, I'm quite content (even keen) for my data to be shared for the good purposes which can follow for medicine, even the NHS and others involved in the private sector. (I'm a capitalist.)

    What I'm not happy with is the thought that if the Government is so incompetent in announcing/selling this, how incompetent are they going to be in delivering secure data use?

  12. TimMaher Silver badge
    Thumb Up

    Note to editor.

    Thanks for including the links.

    I opted out of the national yesterday and downloaded the form for me and my BH to send to our GP.

  13. Velv
    Facepalm

    "As originally planned, they had to inform their GPs of their wish to do so by 23 June, around six weeks following the programme's announcement."

    Clearly nobody from the department of Health has attempted to contact a GP for the last year, they have been rather busy with other things.

  14. Loyal Commenter Silver badge
    FAIL

    I tried to opt out

    And the shitty government website couldn't find me by my name and NHS number. That's the same NHS number I have printed on my "book your vaccine" letter(s), and also on a recent hospital discharge. Funnily enough, the vaccination centre, the local hospital, and my GP all have no difficulty in finding me.

    Somehow, the inability to find me to allow me to opt out doesn't give me any confidence that they don't actually hold information on me.

    1. Roger Kynaston

      Re: I tried to opt out

      That would be a clear breach of GDPR. Test it by doing a subject access request.

      1. Loyal Commenter Silver badge

        Re: I tried to opt out

        If the system can't find me, I'm pretty sure the result of sending them a SAR would be "you're not in the system". That doesn't mean my data is not in a system, only that I don't know which system it is in, owned by which "NHS" organisation (anything that is not just the NHS, is a private company charading as part of the NHS). Am I to send SARs to everyone in the phone book, just in case?

  15. midgepad

    Waits a while

    Hoping fuss dies down and people get busy and distracted.

    Plans exact same thing for later.

  16. Andy The Hat Silver badge

    Illegal?

    I have asked the question and await the answer - is use of a private individual's data without their consent *in any form* illegal under GDPR? I ask this on behalf of the tens of thousands of people who do not have internet access or read "techie news".

    I suppose the obvious follow up argument is whether the NHS (ie Government) owns the data or the patient?

    1. Anonymous Coward
      Anonymous Coward

      Re: Illegal?

      > "I have asked the question and await the answer - is use of a private individual's data without their consent *in any form* illegal under GDPR?"

      No, consent is only one of the six lawful basis that can be used to process personal data. For example your bank likely uses "performance of a contract" (i.e. for managing your bank account) as the lawful basis to process your personal data.

      In addition for special category personal data (which health data is) a lawful condition is also needed. There are 10 lawful conditions to choose from.

      Check the Privacy Notice of your GP Practice (should be on their website) to see what lawful basis and lawful condition(s) they define for the various handling of your personal data (including sharing) that they do.

      > "I suppose the obvious follow up argument is whether the NHS (ie Government) owns the data or the patient?"

      Its more complicated than that. Your GP Practice is the Data Controller for your patient medical records that they hold. Typically Practices use one of the electronic record providers (EMIS, SystemONE, INPS, etc) to host the IT system for this, the provider acts as a Data Processor for the GP Practice. So this means that your GP Practice "own" (i.e. are responsible for) your personal medical records that they hold.

      GP Practices enter into various data sharing arrangements with other Health bodies (such as NHS Digital) in which case a Data Sharing Agreement (DSA) should be in place that defines, amongst other things, the nature of the relationship between the parties ot the agreement - this typically would be a Joint Data Controller relationship. Such a DSA would therefore potentially enable your GP Practice to share some of your personal data that they hold with other bodies.

      > "the NHS (ie Government)".

      There is not really such an entity as "the NHS", there are various public bodies (Dept of Health, NHS England, NHS Digital, Trusts, etc) and commercial entities (GP Practices, Dentists, etc) that form "the NHS". Your GP Practise is likely to be either a partnership or a limited company!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like