back to article 'Vast majority of people' are onside with a data grab they know next to nothing about, reckons UK health secretary

Against a strong field, UK Health Secretary Matt Hancock has come out as a winner in the prize for stomach-churning political double-speak while addressing NHS Digital's shameless grab for patient data held by GP surgeries in England. As we reported yesterday, that grab has since been delayed by two months, supposedly to 1 …

  1. Anonymous Coward
    Anonymous Coward

    "Think of the Children"

    How many five year olds are writing opt out letters to their GP?

    *

    And how many of today's five year olds are going to find out in, say, ten years time that the "pseudonomised" data slurped in 2021 has actually been assigned to them........and is completely wrong?

    *

    Do the names Palantir or Acxiom ring any bells?

    1. Mike 137 Silver badge

      Re: "Think of the Children"

      "How many five year olds are writing opt out letters to their GP?"

      They don't have to, because [a] under the DPA 2018 and UK GDPR. for minors under the age of 13 consent (and this amounts to a warped kind of consent) is vested in the parent or guardian, and [b] writing a letter may not be deemed sufficient. It would appear that the official form must be used for the opt out (not least because it carries the numeric codes for opt out and opt in).

      BTW, I submitted my Type 1 opt out form to my GP some three weeks ago, but received no acknowledgement. On enquiring today by phone I was told by the receptionist that they had recorded it but could not send me a conformation letter as that would fall under a "request for medical records". I pointed out that in a matter of such moment I was rightly entitled to formal confirmation that my opt out had been actioned and that without such confirmation the buck would stop with the practice if anything went wrong. She got back to me having spoken to someone I was not allowed to speak to, stating that a confirmation letter would be sent to me.

      It appears that data subjects are not the only ones who have not had time to get their heads round the system, so the promised extension of time (supposing it actually materialises) is very welcome.

      1. midgepad

        Re: "Think of the Children"

        The codes are not individual per patient, the Practices know them and the software provides a lookup.

        Now if the form had on it a set of bar or QR code graphics and provision had been made to just scan them jn, that would be a useful form.

      2. adam 40 Silver badge

        And for that reason... I'm Out!

        I did it 2 ways, with the pdf form emailed in to gov.uk, and with the online web page.

        I now have two separate confirmations.

        So - I should be safe.

        1. anothercynic Silver badge

          Re: And for that reason... I'm Out!

          Not unless you have also had the Type 1 opt-out done by your GP practice.

      3. Ken Moorhouse Silver badge

        Re: GP Receptionists...

        Extremely well-qualified to be running the country.

        In a tussle between google and them, they would win hands down. Mike kinda bears this out in his comment.

        I am serious. As custodians of confidential data you couldn't do any better.

  2. Dan 55 Silver badge

    Not sure why the comment section is open to be honest

    Given the British government has taken the US' pioneering "alternative facts" and made it their own while the US has thankfully corrected its mistake, there's no debate to even be had, since everything said by Hancock was the diametric opposite to reality.

    1. beast666

      Re: Not sure why the comment section is open to be honest

      Everything is fake and corrupted. Everything.

      1. batfink Silver badge

        Re: Not sure why the comment section is open to be honest

        Including your post?

    2. Pascal Monett Silver badge

      Re: while the US has thankfully corrected its mistake

      Not entirely.

      Republican states are currently doubling down on the madness and doing their level best to ensure that, come next Election Day, only genuine, white-skinned Republicans will be able to vote.

      Oh, and apperently Trump is announcing that he will be "reinstated" next August.

      The level of delusion of these people is impressive, I must admit. How they remember to breath through the day is a miracle in itself.

      1. TimMaher Silver badge
        Happy

        Breath through the day.

        Actually @pascal, I think that some of them don’t.

        Hence the gammon look.

  3. Anonymous Coward
    Anonymous Coward

    I know this is minor in the grand scheme of things, but was the acronym deliberately picked to look like "GDPR"?

    "GPDPR" seems to have the exact opposite goals to the above acronym.

    1. Yet Another Anonymous coward Silver badge

      Either that or it never occurred to all the brilliant minds and lawyers in govt that there would be any confusion.

      1. Pat 11

        There is nobody in a sign-off position in any UK office that doesn't know about GDPR. That confusing initialism is deliberate as hell.

  4. Headley_Grange Silver badge

    Theoretically...

    It's obvious to me that collating, organizing, analysing, mining, AI-ing all the NHS patient data is a good thing for health research, society an, potentially, me. I'm all for it.

    It's similarly obvious to me that insurance companies, social media sites, news sites and criminals getting access to the same data is a bad thing.

    If someone gave me a rock solid guarantee - air gapped data with crown jewel security and with the regs written in criminal law backed up by jail terms for politicians past and present in the case of breaches and real £££money compensation for citizens then I might, just might, consider giving them access*

    Until then, they can all fuck off.

    *I still probably wouldn't.

    1. Anonymous Coward
      Anonymous Coward

      Re: Theoretically...

      I'm pretty much in the same mind as you on this. However, having worked in NHS IT i'd just like to comment that most people don't understand that their GP is actually a private, for profit business which is not actually part of the NHS other than being a contractor to their local NHS trust.

      If most people were asked "do you support your data being held by an external contractor to the NHS, who only works office hours and therefore prevents the NHS from obtaining your medical data when you are in A&E in the evening or at a weekend" then the number of people in favour of retaining their information on paper with their GP would likely be less than if you listened to the concerns about data being able to be shared with other groups.

      It's all about how different pressure groups word things to cover their interests. GP's groups are not going to play on that angle, obviously since they can't then bill the NHS for providing the information.

      1. Ben Tasker Silver badge

        Re: Theoretically...

        > If most people were asked "do you support your data being held by an external contractor to the NHS, who only works office hours and therefore prevents the NHS from obtaining your medical data when you are in A&E in the evening or at a weekend" then the number of people in favour of retaining their information on paper with their GP would likely be less than if you listened to the concerns about data being able to be shared with other groups.

        I agree with the first part, the problem is that for it to be an either-or there has to be trust.

        Patients have to be able to trust that NHS Digital slurping the data will result in it being available to A&E, but going no further than that (i.e. no sharing with "other groups").

        That trust has been seriously undermined by NHS Digital trying to roll out a system sharing data with "other groups" with no meaningful notice, announcement or simple way to opt-out of the slurp.

        Hospitals having access is, undoubtedly, a good thing - the problem is for that to happen, NHS Digital need to have access, and it's currently impossible to trust that they won't later pass it on/sell it/leak it/otherwise screw the trust placed in them.

        Admittedly, I am laying a lot of blame at NHS Digital's door here, when really there's no doubt in my mind that the Secretary of State doesn't have his fingers in this particular pie somewhere.

        1. Rich 11 Silver badge

          Re: Theoretically...

          Admittedly, I am laying a lot of blame at NHS Digital's door here, when really there's no doubt in my mind that the Secretary of State doesn't have his fingers in this particular pie somewhere.

          Are you suggesting that perhaps he's got a mate down the pub who's first in line to buy data access on the cheap? Perish the thought! And I definitely can't see someone as successful and as honourable as our lovely Secretary of State for Health and Social Care being fired as a scapegoat anytime soon, then desperately needing a well-paid non-exec directorship or three to help pay the defence costs in any civil suit which might subsequently be brought against him.

      2. midgepad

        Re: Theoretically...

        You GP or their deputy is available for emergencies 24 hrs a day.

        Their secretary and receptionist not so much.

        The records sre not nowadays held in the Pracyices, they are held by a small number of system suppliers, presumably in multiple, redundant, fail over, backed up, data centres which are not adjacent.

        Those deputies, generally, are found among the same population of doctors who provide the GPS who hold lists.

        Some general practices are operated by health authorities - whatever the health authority is called this week.

        The contractual relationship between GPs and health authorities and the NHS is complicated. Much more so than that with consultant specialists. It grew.

        1. gwp3

          Re: Theoretically...

          Subsidiary of US healthcare firm will run more than 50 GP practices after takeover deal.

          https://www.bmj.com/content/372/bmj.n519

          and this is not the only such deal.

      3. midgepad

        On paper ...

        Not this century, much.

  5. Howard Sway Silver badge

    it belongs rightly to the citizen, that's the approach that we should take.

    But that's not the approach you have taken is it?

    The approach that has been taken is "let's grab it quickly with as little publicity as possible, make it hard to opt out of, and sell everybody's data off once and for all as a fait accompli, whilst telling the idiot voters it's all in their own interests using a bit of sentimental soft soap about 'saving lives'".

    The shitty way they've tried to do it on the quiet just shows how embarrassed they must be about what the true intent of this data grab is.

    1. Yet Another Anonymous coward Silver badge

      Re: it belongs rightly to the citizen, that's the approach that we should take.

      Thing politician say =! thing politician do

  6. Velv
    Childcatcher

    Not that I trust Cummings, but his assessment of Hancock seems not only reasonable, but probably understated.

    1. Anonymous Coward
      Anonymous Coward

      Not that I trust Cummings,

      ... is this one of those "even a stopped cock" things?

      1. Anonymous Coward
        Anonymous Coward

        Re: Not that I trust Cummings,

        ... is this one of those "even a stopped cock" things?

        Well, as Hancock is undeniably an utter cock, and he's been temporarily stopped, the answer to your question is yes...

      2. KittenHuffer Silver badge
        Paris Hilton

        Re: Not that I trust Cummings,

        Upvote for the Freudian slip!

        .

        -----------------> Cos she knows all about a stopped cock!

        1. genghis_uk Silver badge

          Re: Not that I trust Cummings,

          Twice a day apparently...

  7. Mishak

    BBC News 24 talking to a medical researcher last night

    Summary of justification for trying to rush through the latest NHS data grab without properly informing the public:

    "Data saves lives, people are dying".

    At least they've moved on from "think of the children".

    1. LDS Silver badge
      Devil

      "Data saves profits, people are dying"

      And exactly because they are afraid to die, we can then charge them handsomely for drugs and treatments...

      I'm fine to sell them my data, where are the money? Or anything produced using people's data will be free and available to every body?

      1. nematoad Silver badge
        FAIL

        Re: "Data saves profits, people are dying"

        "I'm fine to sell them my data, where are the money? Or anything produced using people's data will be free and available to every body?"

        Eh?

        So you are happy that people can snoop into people's medical history recording abortions, drug treatments or mental health issues and the like?

        If it was only for research and development it might be acceptable, though I would still opt-out, but to just throw it open to those with the biggest wallets makes the proposal totally out of line.

        One other thought occurs to me. If the likes of Google, Amazon and Facebook are made to jump through the hoops and ask your permission to set a cookie, why the hell did anyone think that just scooping up people's most sensitive and potentially damaging data and placing it on the open market was either a good idea or even legal?

        Surely to God the GDPR has something to say about this.

        1. Yet Another Anonymous coward Silver badge

          Re: "Data saves profits, people are dying"

          >Surely to God the GDPR has something to say about this.

          Yes it says that government can totally ignore it for medical data

          1. Anonymous Coward
            Anonymous Coward

            Re: "Data saves profits, people are dying"

            >Yes it says that government can totally ignore it for medical data

            I'm not sure it does. The DPA 2018 exemptions are for policing and national security matters...

            1. Mike 137 Silver badge

              Re: "Data saves profits, people are dying"

              "The DPA 2018 exemptions are for policing and national security matters...

              These are derogations - permitted national variations, and stand out purely because of the structure of DPA 2018, which is divided into general, policing and national security sections (that are indeed for the most part almost duplicates). The UK GDPR, which exists as statute alongside DPA 2018, is essentially a set of minor adjustments to the EU GDPR to take into account the UK no longer being a member of the Union. However the core Articles as set out in the EU GDPR continue (for now) to have the same general effect.

              Medical data fall under Article 9, which includes government latitude for "...the management of health or social care systems and services" (Art. 9.2(h)) and "processing [...] necessary for reasons of public interest in the area of public health..." (Art. 9.2(i)). These override any expectation of processing on the basis of consent (Art. 9.2(a)). Consequently the UK government probably feels quite virtuous in offering us an opt out. We'll have to wait and see how long it lasts.

    2. Cuddles Silver badge

      Re: BBC News 24 talking to a medical researcher last night

      The part that really bugs me about that argument is that it actually makes things worse. If this data is so critical to share with everyone and people will die every moment it's not available, why have they waited until now to share it? How many lives could have been saved if there just hadn't been a six week notice period? How many lives are the Conservatives responsible for taking since they came to power over a decade ago? If it really is so urgent to get this data right now, why on Earth are they being so casual about it?

      1. Rich 11 Silver badge

        Re: BBC News 24 talking to a medical researcher last night

        How many lives are the Conservatives responsible for taking since they came to power over a decade ago?

        To be fair, they did try this six or seven years ago. Then after that it slipped their minds, presumably. Or they were too distracted by all their infighting over Brexit to give a shit about the rest of us.

    3. Sam Liddicott

      Re: BBC News 24 talking to a medical researcher last night

      Too many think that other people can be used as a "means" to their "end" on the grounds that someone is suffering

  8. alain williams Silver badge

    "the vast majority of people are strongly onside"

    The evidence is that "the vast majority of people have not objected" - so if they did not object then they must be strongly onside. That most people do not know about it or do not understand how easy it is to de-anonymize data and how personal data can be abused in years to come - is not an issue that Hancock wants to talk about.

    This is using the same logic that a losing candidate uses when claiming that the victor was elected by a minority ... having assumed those who did not vote as would have voted against the victor.

    Do we know if Hancock has opted out ?

    1. Mishak

      But the plans were on display…

      “On display? I eventually had to go down to the cellar to find them.”

      “That’s the display department.”

      “With a flashlight.”

      “Ah, well, the lights had probably gone.”

      “So had the stairs.”

      “But look, you found the notice, didn’t you?”

      “Yes,” said Arthur, “yes I did. It was on display in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying ‘Beware of the Leopard.”

    2. David M

      Re: "the vast majority of people are strongly onside"

      If most people are onside, then make the process opt-in. Have a form that states what will be shared and with whom, and have people sign that form and send it to their GP. This should be fine if most people are so strongly onside with the plans.

      1. Mishak

        Re: "the vast majority of people are strongly onside"

        It would also give Royal Mail some work.

    3. Yet Another Anonymous coward Silver badge

      Re: "the vast majority of people are strongly onside"

      > "the vast majority of people have not objected"

      Nobody has objected to my becoming el'Reg Emperor so I assume you are all onside ?

      1. alain williams Silver badge

        Re: "the vast majority of people are strongly onside"

        Do you wear clothes ?

        1. Yet Another Anonymous coward Silver badge

          Re: "the vast majority of people are strongly onside"

          >Do you wear clothes ?

          On zoom nobody knows you're naked

    4. RuffianXion
      Devil

      Re: "the vast majority of people are strongly onside"

      I am planning to set off a series of stink-bombs on the London Underground next week.

      Judging by the lack of protest I have seen so far, I'd say the majority of London's commuters are onside with my plan.

    5. Anonymous Coward
      Anonymous Coward

      Re: "the vast majority of people are strongly onside"

      As with most things by Wancock, where's the proof the vast majority are onside?

      He didn't ask the care homes about transferring patients and +40k deaths later he's in front of a parliamentary committee today.

      1. benevideslauren67

        Re: "the vast majority of people are strongly onside"

        As with most things by Wancock, where's the proof the vast majority are onside?

        He didn't ask the care homes about transferring patients and +40k deaths later he's in front of a parliamentary committee today.

        1. Ken Moorhouse Silver badge

          Re: "the vast majority of people are strongly onside"

          This was posted on the 10th June by someone else, unless you have two profiles here.

          Either way, not good.

  9. Anonymous Coward
    Anonymous Coward

    the vast majority of people are strongly onside

    sadly, he's right on this one. People are 'onside', in the very same fashion as they give away their data and privacy in exchange for FREE!!! Vast majority don't give a flying monkey fuck, so yeah, he's absolutely right, this little (...).

    1. Yet Another Anonymous coward Silver badge

      Re: the vast majority of people are strongly onside

      Which is odd given the huge government ad budget aimed at warning them of the dangers and the round the clock BBC documentaries about how this will be used by the insurance companies in the future

    2. Fruit and Nutcase Silver badge
      Coat

      Re: the vast majority of people are strongly onside

      the vast majority of people are strongly onside

      The same phrase used by our politicians when awarding themselves £££ above inflation/having gilt-edged pensions that the vast majority of their constituents could only dream of

    3. Anonymous Coward
      Trollface

      Re: the vast majority of people are strongly onside

      The "vast majority" might give away some privacy in return for something, but they don't usually do it for free. You have to at least offer them Nectar points or a Facebook account.

      Personally, if other people want to hand out their own medical data then I am happy with that. Except I am not - because the scope of medical data is drastically changing - would I want my relatives handing out their genomic data, for example, that can then be used to bump up my health insurance costs?

  10. Anonymous Coward
    Anonymous Coward

    On the question of why now, and why in this way, he remains silent.

    good time to bury the bad news. I mean, why would you NOT want to share this valuable, health and live saving data in those dire times of health and live hazard - for the benefit of us ALL?! (plus extra benefit of money-spinner to selected few but hey, sheep get sheared and get lighter and nimbler, while the shepherd needs to labour hard to recover his investment, win-win, eh?

  11. Diogenes8080

    Contractually Secure

    Would any of these prospective data consumers sign a contract saying "You accept full liability for any costs, fines or compensatory payments arising from public identification of any subject in this data"?

    I thought so. Problem solved.

    If they think they can get away with professing ignorance, add a few unique fictional records to each set so you know who leaked.

  12. Vikingforties
    Joke

    Tim for a Douglas Adams quote I think.

    Matt Hancock "The plans were on dislay"

    Us - "in the bottom of a locked filing cabinet, stuck in a disused lavatory with a sign on the door saying ‘Beware of the Leopard'".

  13. Anonymous Coward
    Anonymous Coward

    If you needed any confirmation that government works for business and not the electorate then this is it. Though it's always been known. This is Round 1, Round 2 will be the extra funding this will provide to the NHS that it so desperately needs. Maybe a couple of government friendly doctors on the BBC saying how much that will help. Add in a bit "pandemic struggle" and that's it most of the nation will be sold on the idea.

  14. Mr Humbug

    We had a poll done

    As Sir Humphrey explains:

    https://www.youtube.com/watch?v=G0ZZJXw4MTA

    Do you want to improve the state of medical research in this country?

    Do you think actual healthcare data from GP records could contribute to medical research?

    Do you think large data sets can improve the validity of research?

    Would you support the use of GP patient records in improving medical research?

  15. Anonymous Coward
    Anonymous Coward

    Will GP optout be effective?

    Whenever you submit your opt-out form to your GP Practice how will you know if they actually act upon it? I believed I had a data sharing opt-out (for anything that was for non direct-care-only purposes) in place with my GP more than 10 years ago which it turned out they didn't know how to act on and so some of my personal data was shared with central systems introduced since then. When I happened to mention that opt-out to my GP 4 years ago it turned out that only *then* did they (without telling me) start acting on the opt-out but they had shared my data with several system for 6+ years prior to then. They eventually admitted their mistake and I obtained via a DSAR an email from them to another part of health service were they were trying to justify their mistake by saying "He didn’t come back to us then to remind us not to share his data".

    Even if your GP acts on the opt-out, what happens if you change GP Practice (i.e. move home)? In "the old days" (TM) patient paper records were physical moved to the new practice (via some NHS intermediary?), these days it seems its happens via a GP2GP electronic system. How do you ensure that your new GP Practice will have your opt-out in place *before* they load your patient records onto their patients records system (EMIS, SystemOne, etc) ? If its not in place beforehand then their patient records system will happily upload your records onwards to GPDPR. I don't believe GP2GP includes the transfer of any opt-outs you might have had in place with your previous GP.

    If/once your personal data is accidently uploaded to GPDPR or any other central system you won't get it deleted from there....

    1. Vometia has insomnia. Again.

      Re: Will GP optout be effective?

      > "If/once your personal data is accidently uploaded to GPDPR or any other central system you won't get it deleted from there...."

      """""accidentally"""""

      I suspect we're going to be seeing an awful lot of "oops I accidentally all your data" considering that everyone involved knows the only penalty is to be told to not get caught doing it again and how about this cushy promotion? etc.

      The inaccuracies are going to be interesting, too. There's stuff that legally shouldn't be on my record that I've repeatedly told my GP to remove but hasn't happened, so once the not-actually-anonymised data is shared with everyone I shall be rather cross. Which is probably about the limit of whatever recourse is available.

      1. Yet Another Anonymous coward Silver badge

        Re: Will GP optout be effective?

        Somebody with the same surname and initial as me is getting IVF in a town I used to live.

        I know because I kept getting letters from my GP for them

        I did tell the receptionist but they weren't interested, I did mention Data Protection but she informed me that GPs were exempt.

        I'm hoping that being a guy apparently receiving IVF won't affect me once Facebook get all "my" records

        1. Pete B

          Re: Will GP optout be effective?

          "I did tell the receptionist but they weren't interested, I did mention Data Protection but she informed me that GPs were exempt."

          I'd have a word with the ICO - GPs most certainly are covered by the Act, so you've got a breach, refusal to correct an error and demonstration of insufficient training all in one go here.

        2. Vometia has insomnia. Again.

          Re: Will GP optout be effective?

          The Daily Mail might run a nice story once it's given to them, I suppose.

          Er anyway, I had a similar thing with the local hospital who sent me a letter containing extensive medical information about someone who didn't even have a vague similarity (i.e. completely different name, address and a department I'd never dealt with).

          When I reported it to them, they showed their unerring commitment to upholding the DPA or whatever it was at the time in that they mobilised their legion of managers to do the standard thing of blaming it on some minimum-wage temp whose name they couldn't remember. But they could still recall with absolute clarity that it was absolutely definitely some minimum-wage temp who no longer worked there. It was therefore Somebody Else's Fault™ even though the "somebody" was almost certainly fictitious, job done, no further action required etc (I know I could've pursued it on the basis that they are still responsible anyway, but life's too short, etc).

          Then again, this is the same hospital that insisted "it never happened!" when I needed to make a complaint about an unrelated incident, and then followed it up with "if you don't drop the matter, we will produce an unnamed witness who will confirm that they witnessed nothing happening and that it was also your fault." Sigh.

  16. Pascal Monett Silver badge

    "only a few posts on NHS Digital's website and associated tweets by way of notification"

    Okay, so I am to understand that Twitter is now an official government information platform ?

    I mean, I know every twat in office spends much more time on Twitter than he apparently spends working (hmm, there might be something there), but I was not aware that I should now be obliged to have a Twitter account and follow all governmental departments to get official news.

    Official news should be broadcast on the telly or radio at official news times, presented by a professional news anchor and possibly commented on by a guest invited for that purpose - hopefully, someone from NHS, or at least the medical profession.

    I'm not much interested in the opinion of a celebrity or an "influencer" (gah) on this matter.

  17. Potemkine! Silver badge

    prize for stomach-churning political double-speak

    There are a lot of candidates for this one!

  18. nojobhopes

    Is Hancock out of prison already?

    https://www.bbc.co.uk/news/uk-56125462

    https://inews.co.uk/opinion/matt-hancock-pandemic-ppe-contracts-good-law-project-881736

    He's a born liar

  19. Electronics'R'Us Silver badge
    FAIL

    It is crap like this...

    That pushed me to opt out of the organ donor register.

    When it was opt in (as it used to be) I thought it would be a wonderful thing to donate my organs in the event of an untimely issue (although at my age I am not sure they would have many more years in them anyway) but when it changed to opt out (if you don't opt out then we can just take them) I went and opted out.

    There were all the 'do you really, really want to opt out"? messages of course.

    They asked for a reason (for feedback purposes natch). I simply wrote:

    I am not a chattel of the state.

    Had to change my driving licence (had to do it twice as the first time did not change the status with a strongly worded letter to the effect of 'I deliberately stated I am NOT an organ donor. Please remove it from the licence')

    I have already opted out of this one as well. Funny that Matt Hancock thinks so many people are on side; everyone I explain it to is horrified at the thought of their most private information ending up in the hands of some unscrupulous data fetishist in an insurance company or some other company that will be handing out directorships (as we all know it eventually will).

    1. Anonymous Coward
      Anonymous Coward

      Re: It is crap like this... (organ donation)

      The information isn't really clear on this, but I've been told that, even though in England organ-donation is now opt-out, family will still be asked before donation goes ahead. This is supported by

      https://www.organdonation.nhs.uk/helping-you-to-decide/about-organ-donation/consent/

      which contains the lines

      "Your family will always be asked to support your decision before organ donation goes ahead, and clinicians will never proceed if your family objects."

      "Your family will have the opportunity to provide any additional or more recent information about your decision, and this will always be respected."

      "If you have not recorded an organ donation decision, the specialist nurse will speak to your family about organ donation as a possibility."

      You don't say which country you are in (the law differs across the UK), but regardless, I understand your position (and agree) that organ-removal for donation should not be automatic. I personally agree that discussion with the family of the deceased should be automatic, unless the deceased has opted-out. (I also believe that this is what currently happens in England.) Unfortunately the message from the NHS about this hasn't been as clear as I would like.

  20. Charlie Clark Silver badge

    we can use this modern asset

    Nuff said, really.

    The NHS has lots of examples of using patient data efficiently and securely for analysis but there is little or no need to make such data available to private companies because it is a not an asset and anyone who says it is should be turfed out immediately.

    1. Yet Another Anonymous coward Silver badge

      Re: we can use this modern asset

      Your medical data is very much an asset.

      It's valuable when I'm thinking of hiring you or selling you life insurance and once the NHS is privatised and sold to Kaiser/Cigna it will be very valuable in setting premiums and deciding who to cover.

      1. Charlie Clark Silver badge

        Re: we can use this modern asset

        Your medical data is very much an asset.

        I totally agree, but there's a paradox in the ownership: as long as I own it, no one is going to pay fair value. And, thank fuck we don't have the US health insurance model in Europe!

  21. Pat 11

    Goldacre

    So Hancock commissions Ben Goldacre to do a review of health data uses for research:

    https://www.goldacrereview.org/

    Goldacre is very much careful about who gets to use data for what - he made Opensafely, a perfectly secure platform for doing analysis of this same data:

    https://www.opensafely.org/

    Simultaneously Hancock oversees a massive insecure data grab of the most sensitive data any of us have, and spouts some bullshit about patients owning their data.

    I think Hancock is full of shit.

    1. Anonymous Coward
      Anonymous Coward

      Re: Goldacre

      > "Goldacre is very much careful about who gets to use data for what - he made Opensafely, a perfectly secure platform for doing analysis of this same data:"

      Looking at that website I see:

      "We are working on behalf of NHS England, who are acting as Data Controller for the purposes of this urgent project; each EHR vendor acts as Data Processor. The Secretary of State for Health issued NHS England/Improvement a notice under the Health Service (Control of Patient Information) Regulations 2002 3(4) which enabled NHS England to collect the data required from GP practices directly from their EHR vendor."

      GP Practices are Data Controllers for their registered patients' records stored on EHR systems (i.e. EMIS, SystemOne, INPS) where the EHR provider used by the Practice acts as Data Processor for the GP Practice.

      The above text "enabled NHS England to collect the data required from GP practices directly from their EHR vendor" implies that NHS England has bypassed the general Controller-Process relationship, per GDPR, where a Processor is only supposed to act upon instructions from the Controller.

      It may well be that NHS England instructed all GPs to instruct their EHR supplier to enable the collection but from the above this sounds unlikely. Therefore the Practices as Data Controllers are not actually in control of their patient records...

      So what's the point of Data Controllers in law if they can be bypassed like this?

  22. The commentard formerly known as Mister_C Silver badge

    6 May PCC elections

    The turnout for the recent Police Crime Commissioners was less than 1/3 of eligible voters. Can the gummint therefore accept that the vast majority of people are fine with doing away with the concept?

    Source: https://commonslibrary.parliament.uk/research-briefings/cbp-9244/

    "Turnout averaged 33.2% across the 34 police areas where data is available (measured as valid first preference votes as a proportion of the electorate)."

    edit. Police and Crime Commissioners. my bad.

    1. tfewster Silver badge
      Facepalm

      Re: 6 May PCC elections

      We have enough Crime and Police Crime, I don't think we need to commission any more.

  23. Ken Moorhouse Silver badge

    A Piss up in a Brewery

    At least I can say that I have organised one.

  24. Boris the Cockroach Silver badge
    FAIL

    Hancock

    why dont we just delete the han part so we have an idea of what hes really like

    More to the point... is there a special training school in tory party HQ for churning out useless twats to 'run' the health service?

  25. WanderingHaggis
    Facepalm

    But GDPR requires opt in - doesn't it?

    As I understand it GDPR requires opt in and doesn't consider failure to opt out as consent. It always defaults to the most private secure settings. So how can the gov. claim people have consented if they haven't opted in. Should the ICO get involved and fine Matt?

  26. Anji

    Coincidence?

    Interesting that yesterday (9th June) I received an unsolicited email, claiming to be from "Patient Access", the company that manages my GP's patients' web access.

    In that email I was entreated to click on two separate links (destinations obfuscated behind buttons).

    One regarded T&C's, the other their Privacy Policy.

    "Please read and understand the above. Any ongoing use of the service constitutes acceptance of the updated terms and policies."

    I have clicked on neither, but examined their code to identify exponia.com as a common destination. They are an American owned Customer Data Platform, acquired by "Bloomreach" VERY recently.

    On the GP's website there is no mention of any changes in T&C or Privacy Policy.

    So, is this an attempt to get me to unwittingly give permission for data-slurp?

    Or perhaps it's good old fashioned spear-phishing by someone with access to my medical records?

    Either way I'm not impressed.

    1. Sean o' bhaile na gleann

      Re: Coincidence?

      I just received the same mail myself (today, 10th).

      Clicked on the T&c's link - blocked by ublock "because to the following filter: ||exponea.com^"

      Same for the Privacy Policy link.

      Tried the 'Log in' link right at the bottom - had forgotten the password, so asked for a reset link in e-mail.

      Got that, and responded with a new password which was apparently accepted, because I logged in with e-mail id and (new ) password, only to be confronted with a requirement for 4th 8th and 10th letter of my memorable word.

      Could not exactly remember that word, so asked for the reminder to be displayed - that led to my remembering the memorable word.

      But it is only 9 characters long...

      Clicked on the link for a memorable word reset. Was told that e-mail had been sent. It didn't arrive. Requested the e-mail again and it finally arrived.

      Another link in the e-mail to get to the memorable word reset resulted in ublock again blocking the page, objecting to the same filter as before.

      Round and round we go...

      Why why bloody why is it so effin difficult!!??

  27. anonymous boring coward Silver badge

    It seems that Cummings wasn't making up that Hancock is an excellent and frequent teller of porkies.

    1. Anonymous Coward
      Anonymous Coward

      Porky pies

      So the Government's chief pork-pie producer knows that Hancock is an excellent and frequent purveyor of pork-pies to the public. It's not a huge surprise.

  28. This post has been deleted by its author

  29. Teejay

    Nothing to see here, please move on...

    That this kind of data grab, of basically the most private and sensitive information anyone has, is at all up for discussion seems baffling to me.

    I'm not the greatest Cummings fan, but what did he say about somebody basically being a totally immoral liar? I must have it written down here somewhere...

  30. staringatclouds

    "Whilst of course preserving the highest standards of safety and privacy"

    Right up until everyone has forgotten & a minister decides they can safely change the legislation because no one who hasn't opted out can opt out at that stage

    Say 6 months to a year

  31. Anonymous Coward
    Anonymous Coward

    Sensyne Health had a good model here

    They're UK-based, the NHS has shares in them and they don't sell data, only run studies locally.

  32. Anonymous Coward
    Anonymous Coward

    The arrogance of the man is unbelievable.

    We live in the generation of apparently untouchable and unaccountable ministers. Only a series of legal actions has come close to stopping their various subversions, and they have tried their damnedest to fight against any form of transparency or legal accountability.

  33. EvilOldBugger
    Unhappy

    EU Citizens

    There was an advert on TV yesterday, I think Channel Five, saying that EU Citizens needed to register as EU Citizens before June 30th, or they might lose the right to health care etc. So, something that affects a small? percentage of the population can be publicised, but something that affects everybody (including those EU Citizens?) gets no publicity whatsoever.

    Only goes to show what really counts here.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021