back to article Opt-out is the right approach for sharing your medical records with researchers

Welcome to the latest Register Debate in which writers and experts go head to head on technology topics, and you – the reader – choose the winning argument. The format is simple: we propose a motion, the arguments for the motion will run this Monday and Wednesday, and the arguments against on Tuesday and Thursday. During the …

  1. Little Mouse

    Unfortunately, I simply don't trust those responsible to treat my data so that it is used for the common good.

    "Assumed consent", as I understand things, means giving your consent for your records to be shared and around & sold on to pretty much anyone at all who wants to take a look, for whatever reason.

    1. Anonymous Coward
      Anonymous Coward

      I started to trust physicians here as much as politicians. They are more interested in their gains and status than patients health. The experience with my late father in hospitals was not good at all.

      I won't trust them with my data, nor the the industry behind them which has showed to be greedier than Scrooge.

      I have no problem to help others to heal - but I'm afraid data would be used to make physicians even more selfish and arrogant, and the industry even greedier. Death may not be the worst outcome, in such situation.

      1. big_D Silver badge

        The doctors here, in Germany, have been excellent so far. I've had a few problems and they have been dealt with quickly, efficiently and professionally. No spurious drugs and no unnecessary operations, they try to be pro-active and tackle problems before they need to be operated upon and if there are non-invasive options, they will usually try those first.

        And, when it has been an emergency, they have responded swifty and in a friendly manner and sorted the problem out quickly and without fuss. In one instance, I was at the dentist and they suspected a stroke (it wasn't, just an inflamed nerve) and called an ambulance. The receptionist called my wife a couple of hours later to find out my current status and was thankful that I called back later in the day to tell them everything was okay and it was a false alarm.

        1. Bbuckley

          But wait! Germany is one of the most privacy-defending countries on the planet. Germans do not trust politicians or (especially) experts and companies with their personal data. So what are you saying? I bet the vast majority of Germans would not support this idea. Btw, I work in a Big Pharma company as a data scientist and we simply cannot get health data from Germany (we have tons of it from the USA...).

    2. ThatOne Silver badge
      FAIL

      Indeed, came here to say the same thing: "Sharing your medical records with researchers" sounds so serious and positive: Help the world, cure cancer, bright tomorrows, cue bird and whale song... But that's just sugarcoating, the "think of the children" routine: Actually who you'll be sharing your information with is Big Pharma marketing, so they can better concentrate on the most profit-making affections and better ignore the less commercially interesting ones.

      So, apparently that glorious "informed consent" starts with weasel words and half-truths. That's encouraging...

      1. Anonymous Coward
        Anonymous Coward

        Actually who you'll be sharing your information with is Big Pharma marketing, so they can better concentrate on the most profit-making affections and better ignore the less commercially interesting ones.

        If you think they can't do this well enough already, you must not be in the field.

        And health data is so all over the place (just in the UK, 150ish NHS trusts, all with not very expert people managing the informatics, and all with their own customisations) that it takes very careful work to get it to a point where it's at all usable.

        1. ThatOne Silver badge

          > If you think they can't do this well enough already, you must not be in the field

          I admit I don't know the situation in the UK, but there is IMHO a difference between unofficially slipping some information, and officially piping it all directly and unadulterated.

          GPs have always been quite eager to please the pharma industry which so kindly showers them with neat gadgets and wonderful vacations seminars in exotic places, but this would standardize and industrialize the whole information leakage.

          And while "Big Pharma" (loaded word, but appropriate) might be annoying, where things get really ugly is when marketing businesses get their dirty hands on that treasure trove and it starts affecting your everyday life (job, credit, insurance, and so on). All those businesses dream of is reasons to objectively reject all but the most profitable potential customers.

        2. ianproc

          Excuse me "all with not very expert people managing the informatics" - as somebody who works for an NHS Trust in Informatics that's a very sweeping statement to make. We go to great lengths to safeguard the data and we have some very well qualified people. Direct your coments to NHS England or NHS Digital not the individual Trusts. Its the central bodies who insist on hoovering up anything they can use for good or not so good purposes.

          1. Anonymous Coward
            Anonymous Coward

            Excuse Me, But..........

            @ianproc

            Quote: "....We go to great lengths to safeguard the data...."

            *

            Really??

            Link: https://www.theregister.com/2021/09/30/royal_free_deepmind_representative_action_uk/

            *

            1.6 million personal records handed over to Google/DeepMind.....with absolutely no permission sought from the 1.6 million people involved. You know...GDPR and so on.....

            *

            Ian......please try a bit harder!!

          2. Anonymous Coward
            Anonymous Coward

            Excuse me "all with not very expert people managing the informatics" - as somebody who works for an NHS Trust in Informatics that's a very sweeping statement to make. We go to great lengths to safeguard the data and we have some very well qualified people. Direct your coments to NHS England or NHS Digital not the individual Trusts. Its the central bodies who insist on hoovering up anything they can use for good or not so good purposes.

            I'm talking about the parlous state the data is in in almost every trust, other than standouts with top notch staff such as GOSH. Not talking about IG.

    3. Anonymous Coward
      Anonymous Coward

      This isn't straight forward at all. I presume most of us would agree to sharing aggregated anonymous data to cure disease and illness.

      But, certainly in the UK, there is a already a significant history of people either stretching these definitions or making a mess of them.

      It's extremely difficult to row back once this has happened.

      As such, I'm a no.

    4. big_D Silver badge

      The German system is opt-in and it is being expanded to an eAkte (eFolder or electronic medical history) sometime soon (it was planned for 2021, but looks like it will slip into 2022 at the moment).

      The system will give the patient control over their information. When they currently visit a new doctor, they have to sign a piece of paper giving the doctor authority to get the information from other doctors. That takes time. With the new system, the patient can grant access on the spot and the doctor can download the relevant information - the patient should also be able to define which bits of the medical record they can see; for example, if you are going for a prostate scan, you don't need to let the doctor look at your psychological problems or ingrowing toenail.

      The same would be true for research, you could open up the relevant parts of your information to medical research. The researchers only get the information you release to them and you can retract that permission at any time - and legally, the researchers will have to delete any locally stored information they have.

    5. Cuddles

      "Unfortunately, I simply don't trust those responsible to treat my data so that it is used for the common good."

      Exactly. The debater here actually makes a perfectly good argument, taken in isolation. Sharing medical data with researchers without getting explicit informed consent from every single patient is the only way it's possible to do some kinds of research. And as long as it's only proper researchers from real universities or similar institutions, with everything approved through a controlled process with ethics board and so on, that doesn't sound so bad.

      The problem is that's just not the case in reality. You can't have a debate devoid of all real world context, and in the real world they want to sell all our data to anyone who asks for it. The recent NHS data grab has already been mentioned many times. And that ignores the fact that it's already all being given to Google anyway. And just a couple of articles after this one, we have this - https://www.theregister.com/2021/10/11/data_guardian_police_bill/ - with all our medical data about to be shipped off somewhere else for non-research purposes.

      So the principle is fine. Anonymous data for actual medical research that can't be done in other ways, not a terrible idea. In principle. In the real world, there's simply no trust. We don't even need to worry that a good system could be exploited or cracked, since every proposal seems to be built around commercial interests or departmental overreach right from the start.

  2. Anonymous Coward
    Anonymous Coward

    NHS Data Slurp As A Threat

    Quote: ".....securely anonymised......"

    Key phrase in this article. The proposed NHS data slurp is stated to be "pseudonymised". This weasel word means that the data will be stripped of personally identifiable information EXCEPT FOR DATE-OF-BIRTH AND POSTCODE.

    *

    With people like Palantir and DeepMind available to match the slurp with many OTHER DATABASES, the data will only be anonymous for a minute or two.

    *

    As with many well-meaning commentators, the article states an obvious truth -- namely that aggregated health data will IN PRINCIPLE be very useful for managing the health care of large populations. Unfortunately, that other principle -- personal privacy -- is violated when the anonymity of individuals cannot be guaranteed.....and indeed it cannot be guaranteed.

    *

    If you think this risk is small, take a read through these links:

    - https://www.theguardian.com/technology/2019/jul/23/anonymised-data-never-be-anonymous-enough-study-finds

    - https://www.bloomberg.com/features/2018-palantir-peter-thiel/

    - https://www.theregister.com/2021/09/30/royal_free_deepmind_representative_action_uk/

    1. Joe W Silver badge

      Re: NHS Data Slurp As A Threat

      Yes. Very much this.

      And anonymising data is extremely difficult, if you want to do it properly.

      And if done improperly, it can be deanonymised.

      I'd say that provided the "securely anonymised" holds, then yes, the sharing of such information is potentially very beneficial. Unfortunately I am too old and cynic to believe in that premissa.

      1. Erik Beall

        Re: NHS Data Slurp As A Threat

        I voted yes but you're right, in too many cases the promised (and required by law) anonymization has fallen short, enabled the possibility of de anonymization, and with palantir and their kind involved.... The details of anonymization are extremely important to get right and those details are not regulated well enough (researchers demonstrate they are routinely able to break it, which leads to... zero change) and too complicated for general public discourse to understand. Gonna change my vote to no.

    2. My other car WAS an IAV Stryker

      Re: NHS Data Slurp As A Threat

      My not-a-doctor take is that birthdate (age) and postcode (location --> environmental factors) are useful information for interpreting medicinal outcomes, the former especially.

      Shirley there must be an acceptable third option (happy medium) instead of pass/fail (use or don't use). Is there a level where the data is sufficiently "blurred" to provide a higher level of anonymity without unduly sacrificing correlation with medical findings?

      What if birthdate was reduced to birth month? Or even calendar quarter?

      What if postcode was combined with neighboring postcodes to reduce location granularity?

      1. Flocke Kroes Silver badge

        Re: Shirley there must be an acceptable third option

        In theory there is. Do not share the data at all. Keep it on an air gapped system. Run the queries on the system and return a graph of number ill versus age or a low res heat map of disease incidence.

        In practice the UK government (blue or red) leaps at every opportunity to become even more untrustworthy. This sort of project should be kept on hold at least until they grow up.

        1. TRT Silver badge

          Re: Shirley there must be an acceptable third option

          This.

          The aim is to allow research questions to be answered - the method proposed it to essentially sell the raw data, suitably tagged so as to prevent the same individual from being double counted.

          The other way to do it is to run an "air-gapped" service which will perform the analysis and present the results, but that's likely to be far more expensive. Those interested in buying the data will no doubt complain that it's too much, and appeal to the powers of capitalism.

          1. Ken Hagan Gold badge

            Re: Shirley there must be an acceptable third option

            Then they don't understand capitalism. You can charge whatever the market will bear. Artificially driving the price down by legislation, just because of your perception of wider social good, is communism (or some other ism if the beneficiaries are more limited).

            1. DevOpsTimothyC

              Re: Shirley there must be an acceptable third option

              Then they don't understand capitalism.

              That's really the elephant in the room isn't it? The question being put to people is allowing access for medical research. The question is being put forward in a "Think of the children" tone. In reality it's just naked capitalism and how much your information is worth to anyone they can sell it to.

          2. MrTuK

            Re: Shirley there must be an acceptable third option

            Then its up to the powers that be to tell them to sling the flippin hook, but you would never get an honest politician to to that ! There aren't any honest one's, they believe that we minions work for them when in reality they are supposed to work for us ! Look at all the dodgy claims they would put in for properties and travel !

          3. Nick Ryan Silver badge

            Re: Shirley there must be an acceptable third option

            It's the selling of the raw data and transferring it to regimes with absolutely no worthwhile data protection laws (i.e. the US), that is the key issue.

            Once copies of data is out in the wild, they will never be anything other than "out there".

            Allowing access to anonymised data in the manner that the Office for National Statistics (ONS) provide - where accredited researchers may work on the already anonymised data and then provide the output to ONS staff who vet it and then transfer it from their network for collection. This provides a high level of data protection while not allowing access to raw data to predatory organisations only interested in using and abusing it for financial gain - and while I can see the medical benefits of large dataset analysis, the money comes from the abuse and use of the data for financial gain which is where these companies like Palantir come in.

        2. Doctor Syntax Silver badge

          Re: Shirley there must be an acceptable third option

          "until they grow up"

          Optimist!

        3. Stork Silver badge

          Re: Shirley there must be an acceptable third option

          Not simple. In Denmark, the Cancer Register has recorded statistics of the vast majority of cancer cases since 1943. The value of this, also to public health care, I believe is very significant.

          The risk is of course that you outsource to someone who finds “extra benefits “ in the data.

          1. W.S.Gosset Silver badge

            Re: Shirley there must be an acceptable third option

            Or an admin makes a brief mistake when interrupted in the middle of some upgrades at 2am 4 years from now and a "temp" copy of the whole lot gets left on an unsecured public VM/datastore without anyone realising. As we read about routinely on ElReg. For example.

        4. Graham Cobb Silver badge

          Re: Shirley there must be an acceptable third option

          I am very slightly more optimistic. I think the third option is to make it explicitly illegal to attempt to de-anonymise the data in any way. That should be combined with a licensing regime such that institutions need a "human health data processing" licence to be permitted to use the data, which the law would require to be withdrawn for 5 years if the data they had received had been misused, de-anoymised or exposed to unlicensed parties.

          That would make sure that legitimate institutions (universities, drugs companies) took great care of the data. There might be some other mechanisms also needed to make sure that unprincipled companies like Palantir (and other parts of the UK/US military-industrial complex) were prevented from being part of any such "research" project.

          1. Fred Daggy Silver badge

            Re: Shirley there must be an acceptable third option

            There isn't because the 3rd option is how you "help mates" and give yourself a non-executive board position when you retire from politics.

            And don't call me Shirley.

          2. Anonymous Coward
            Anonymous Coward

            Re: Shirley there must be an acceptable third option

            The punishment for attempted de-anonymization would also have to be significant.

            On the order of years of jail-time for any involved (whether actually doing it or ordering it done) and basically bankrupt-size fines for any companies involved.

            1. Graham Cobb Silver badge

              Re: Shirley there must be an acceptable third option

              Not really. For example, if a household name insurance company is caught doing this (or buying the resulting data) it will have considerable impact on their reputation, which will be a reasonable deterrent.

              Maybe if it is your entire business model (Google, Palantir) then yes.

      2. doublelayer Silver badge

        Re: NHS Data Slurp As A Threat

        Sure, that could be done. Birth year is sufficient for age. And truncate the post code or have a better way of representing truly large geographic areas, especially important for rural post codes which contain few people. And probably take a close look at any other information in there, because if they keep data that isn't identifying in itself but can be correlated for something that does, that needs work too.

        I would gladly give my medical information to researchers, if I could trust that they couldn't deanonymize me and only medical research would have access. I have no way to guarantee either. Worse, I know of plenty of places which would love having that data and would go to lengths, both legal and illegal, to obtain it. Forcing everyone to opt out when the problem lies with the collectors' refusal to treat the data subjects respectfully is therefore not acceptable.

        1. MrTuK

          Re: NHS Data Slurp As A Threat

          You hit the nail on the head, trust needs to be earned and not given away easily. Prove to me that the Gov never loses date ! Now let me think - lol, they have a lot of proving to do. Sadly if its a private company they could be sued, but you cannot sue the UK Gov for letting the cat out of the preverble bag. Remember all the Child benefit records (24M) were were compromised.

          1. Anonymous Coward
            Anonymous Coward

            Re: NHS Data Slurp As A Threat

            Why can't you sue the government? Happens all the time.

            1. doublelayer Silver badge

              Re: NHS Data Slurp As A Threat

              You can, but it doesn't often help. For one thing, a victory against them has no chance of affecting them, whereas a sufficiently large victory against a company could. If you win a large judgement from a company, they may have to declare bankruptcy. If you win that from a government, they put the taxes up. Also, you don't win that much from a government because the judges know it is not changing anything.

              This overstates the likelihood that you can successfully sue a company, but at least it's possible.

      3. MrTuK

        Re: NHS Data Slurp As A Threat

        These type of Organizations will already have a list of everyone's date of birth and postcode, yes you could miss identify some people, but sometimes it would be possible to lock a person down with just the first part of the postcode and their date of birth (to year and quarter only) and if you have all of UK's population DOB and Postcode over a long period of time no one would be anonymous.

    3. eldakka

      Re: NHS Data Slurp As A Threat

      Quote: ".....securely anonymised......"

      Key phrase in this article. The proposed NHS data slurp is stated to be "pseudonymised". This weasel word means that the data will be stripped of personally identifiable information EXCEPT FOR DATE-OF-BIRTH AND POSTCODE.

      This, absolutely this.

      When I read the argument, my immediate thought was that the entire argument was based on a false assertion, that data can be securely anonymised. That invalidates the entire argument as unsound.

      1. Neil Barnes Silver badge

        Re: NHS Data Slurp As A Threat

        Date of birth and postcode... Given that suburban postcodes may contain only thirty houses, there's a pretty good chance that those data alone are sufficient to identify someone.

        In the postcode in which I lived before I emigrated to the EU, it happened that I shared a birthday (even the year) with a neighbour. But as we were of different gender, we would still be identifiable.

        1. Tom 38

          Re: NHS Data Slurp As A Threat

          I'm sceptical of anyone posting things on the internet who feels the need to capitalize entire words, so I immediately thought nah, can't be sharing postcode, must just be postal region. Did some research and it actually is worse than that - its the full postcode, date of birth and NHS number.

          That's not anonymising data, its just using foreign keys.

          1. W.S.Gosset Silver badge

            "it's the full postcode, date of birth, and NHS number."

            > Did some research and it actually is worse than that - its the full postcode, date of birth and NHS number.

            This needs SERIOUS flagging-up for everyone to see more clearly.

            That is a Unique Identifier.

        2. Giles C Silver badge

          Re: NHS Data Slurp As A Threat

          Thirty - my own postcode covers 8 houses

          1. Nick Ryan Silver badge

            Re: NHS Data Slurp As A Threat

            From memory thirty was the published average for the number of dwellings covered by a single post code.

    4. JetSetJim

      Re: NHS Data Slurp As A Threat

      And as for assumed consent for sharing data, it’s important to remember that assumed consent is still informed consent: patients are told that they are assumed to have consented to the sharing of their data for use in metadata analysis and, should they wish to opt out, how to do so.

      Also, not forgetting that some govmts (mentioning no names, UK) don't do a very good job of informing the population about the availability of consent options in the first place, or of making it easy to opt-out.

      I'd be happy with my data being shared with organisations working on cures/treatments who have a socially responsible approach to such work, and whose results will not be used to gouge as much cash out of patients as possible. Until such agreements are in place, it's a "no" from me on that basis (although at present my records are unlikely to be of interest to anyone)

    5. Nick Ryan Silver badge

      Re: NHS Data Slurp As A Threat

      This is where it is absolutely critical that US based "no data protection here" type organisations NEVER have direct access to the master data. Access to very carefully curated and anonymised datasets, that's palatable, but never, ever access to anything beyond this.

    6. Teejay

      Re: NHS Data Slurp As A Threat

      'data will be stripped of personally identifiable information EXCEPT FOR DATE-OF-BIRTH AND POSTCODE.'

      This is so absolutely incredible I had to read it several times to be sure I hadn't misread it.

      Postcodes in the UK are granular, as are birth dates. Combining those two basically gives you 100 percent linkability, apart from maybe for twins living at their parents.

  3. Chris G

    "And as for assumed consent for sharing data, it’s important to remember that assumed consent is still informed consent: patients are told that they are assumed to have consented to the sharing of their data for use in metadata analysis and, should they wish to opt out, how to do so. "

    Right there is one of the bigger reasons why assumed consent is wrong.

    If the assumption is made then there are so many reasons why the effort made to inform fully will be less than perfect.

    With assumed consent TPTB already have what they want and will view anything that could reduce their treasure trove as undesirable and make as little effort as possible to do anything that may aid that reduction.

    Assumed consent is never acceptable and ethically wrong.

    1. andy gibson

      "Assumed consent is never acceptable and ethically wrong."

      Except for organ donation perhaps? Before the law change, 80% of the public said they supported the practice in principle, but only 38% of people had formally opted into organ donation, with the majority saying they simply hadn't got round to registering as a donor.

      1. Fazal Majid

        With organ donation the donor is dead and the interests of the still-living outweigh theirs.

        I realize the OP is Australian, but here in the UK the NHS has done things like transfer data to Google without proper consent, and given that despicable firm's equally despicable data practices, that means control over the data is forever lost.

        As for her contention that data can easily be "anonymized and securely aggregated", it is simply laughable, as all anonymization schemes this far have proven easy to defeat by a determined data scientist.

        The way to get that data for important purposes like epidemiology is by earning trust through transparency and accountability, and shady practices like implied consent are the opposite of that.

        1. TRT Silver badge
      2. John Robson Silver badge

        That's not consent regarding sharing of data - that's something which was pretty well discussed, and has pretty wide ranging benefits and limited downside.

        No-one really needs their organs once they are deceased.

        There are various groups who would like their bodies to remain intact post mortem - and that's fine, that's why there is an opt out.

        This is consent to sharing the most personal of data with completely unknown and unspecified companies for unknown and unspecified purposes.

        Given the attempt to shift the NHS to the US model of "care" that data becomes *really* dangerous.

        1. ecofeco Silver badge

          There is no U.S.model of care. That's any oxymoron.

    2. Mike 137 Silver badge

      Informed consent?

      "assumed consent is still informed consent: patients are told that they are assumed to have consented to the sharing of their data"

      Unfortunately that's not what 'informed consent' means. It's not enough to be told open ended sharing will or may take place. In the context of consent, 'informed' means (strictly) informed about exactly what will be done - i.e. about the details of the sharing. Under the GDPR at least, if these details haven't yet been defined, it's not possible for a data subject to consent as they don't yet know what they will be consenting to.

      The same applies if the details haven't been fully disclosed, even if already defined. But in the three years since the GDPR came into force I haven't seen more than a couple of 'privacy policies' that described data sharing adequately. However, despite this almost universal non-compliance (or perhaps because of it) it appears that the UK is aiming to relax the requirement to provide full information.

      1. Cederic Silver badge

        Re: Informed consent?

        Adequately explained or otherwise, I think she's entirely wrong that assumed consent is informed consent, for precisely the reasons you've articulated.

        I don't care whether it's lazy thinking, malicious or well-intentioned-but-wrong, the ICO need to assure that organisations holding private data don't make the mistake she's made.

      2. Anonymous Coward
        Anonymous Coward

        I agree that this is where the author faceplants

        They fail to make the necessary case shoing that their assertion that knowing vaguely where to find the place to opt in or out and read about data sharing is sufficient to rise to the standard of "informed consent" or even basic consent. They fail to address the real concerns of subsequent sharing/sale/use of the data by the parties once it is obtained.

        "Assuming consent does not displace personal rights, it simply creates a presumption in favour of a public good." is a rhetorical statement, not a logically sound argument.

        "Allowing limited access to data in ways that do not significantly impact personal rights favors a public good" is defensible, but only for what fit's those criteria. The unqualified presumption that it does not "displace personal rights" isn't sound, or in my view defensible. There may be cases where it dosen't that I think should be allowed, such as the simple case the author makes, but that is not vaild for any or all cases.

        Like the other author, they fall prey to framing their argument in a way that will engage people that already agree with them more then those that don't. Arm waving about how well Singapore did isn't going to convince a privacy advocate why they should give theirs up, worse it tars them with the same brush as anti-vaxxers and nevermaskers. Plenty of fully vaccinated people have privacy concerns, will they appreciate the implication or will they shut down completely. Plus they just triggered all the anti-authoritarians.

        They would be better off focus on the essential research that could be shut out, how better transparency and properly implemented controls can protect patients, and that there is a separation between legitimate academic research and the abusive use of patient date for commercial and worse, marketing purposes. All of those are stronger arguments, and would be a better use of space.

    3. Fr. Ted Crilly Silver badge

      Opt out forms available in the basement, down the stairs with blown light, in the disused toilet, beware of Leopard etc...

  4. wolfetone Silver badge

    We, unfortunately, live in a country where people hear a handful of very specific petrol stations are running low on fuel and immediately fill up every container they have to hand with fuel they don't actually need. Worse, they put it in to containers that are woefully unsuited to storing it. The information given was quite clear - specific petrol stations in a specific part of the country ran by specific companies were struggling with deliveries. The public took that to be something else, and agreed to accept the falsehood they came to, and we were left without petrol for the whole country, impacting on everyone else.

    To simply say that it's absolutely fine to take this data and for people to opt out because they'll be told what the data is used for is just pure bollocks. We have demonstrated time and again in this country that we don't understand what we're told, and often what we're told doesn't align with what we're given. Furthermore, you are assuming there is an understanding of what's being told. I think we've all been in conversations with people who aren't as tech savvy as some here, and they're absolutely amazed that their Faceache news feed is full of adverts for something that they were just discussing with a friend (verbally, not over the app). How are they allowed to do that? They have absolutely no idea that they consented to it when they signed up years ago, and have no idea it's quite clearly pointed out in the T's & C's that they scroll right down the bottom of just to accept to get access to the thing they've signed up to.

    Further more, for as beautiful as the NHS is, there is a history of missteps resulting in catastrophic failures for people who rely on it which results in nothing happening. Right now I'm thinking of the Factor VIII/Factor XI scandal that has resulted in too many people dying, or living with a stigma, that is only now being investigated. We're 30 years down the road from politicians knowing the risks, medical bosses knowing the risks, and yet none of them are being held to account for it.

    If it's allowed to carry on, we'll be 30 years on from this decision and none of the people promoting this, in charge of it, will ever have to answer to their own mistakes (whether willingly made or not). That is the kicker for me more than anything. We will have to live with the consequences of this, while those promoting this fallacy will be happy in their retirement knowing they won't have to clean up the shit they've helped create.

    1. MrTuK

      Brilliantly put, but sadly people not being tech savvy or internet savvy of all of big techs data collection is actually quite common (98%+) and is quite difficult even for some of us that are truly tech savvy ! Only possible to avoid if you use Linux PC and not and Android or IOS device ! Now how many of us are willing to give up out Smart phones ? Unless you want to 8use PinePhone 64 and I personally don't think its quite there yet ! Maybe the never version will be !

    2. ectel

      The thing is, you hear about the factor X fiasco, but did you hear about the Epo usage in Renal Patients?

      opt out consent used to collect identifiable data was used to show regional variations in Hb in renal patients. Result: Standardisation and improved outcomes for all renal patients.

      All of this done under the requirements of the Act https://www.legislation.gov.uk/ukpga/2006/41/section/251

      Find all the fascinating (anon) data here.

      https://ukkidney.org/sites/renal.org/files/publication/file-attachments/23rd_UKRR_ANNUAL_REPORT.pdf

      Interestingly in the first few reports Hospitals where anonymised, but quickly moved away from that so that good practice could be shared.

  5. elsergiovolador Silver badge

    Twister

    assumed consent is still informed consent

    I fear for her patients...

    Why even publish this garbage? To let people know the bar to become a GP has been set too low?

    1. SCP

      Re: Twister

      "I fear for her patients"

      Given that this item is published as part of a debate it is unfortunate that you have chosen to make such a statement rather than address the weaknesses and failings of the argument. This type of ad hominen attack is the sort of thing that hampers open discussion.

      As someone who has offered to open the debate for the motion it is hardly her responsibility to point out weaknesses in her argument even if she is aware of them. Other commentators have already highlighted some of these (assumed consent <> informed consent, securely anonymized is dubious) - I anticipate that the respondent "against the motion" will also make these points.

      In the meantime it would be nice if the commentary could focus on the points rather than atack the people who happen to be presenting the arguments.

      1. Cybersaber

        Re: Twister

        This is not a debate contest. This is an opinion piece designed to inform and possibly sway public opinion.

        In a debate contest, it is correct that I should not bother addressing flaws in my argument. The goal is to win, and that is the format and the fairest rules for that format.

        This is not a debate contest. If I was arguing the FOR position of something horrible, and knew it was horrible, and then just said 'my opponent should point them out.'

        What if you earnestly believe your FOR position, but withold arguments that work against you. The effect could be that your opponent has facts that you dont, and you have facts that they don't, and the adversarial nature of a formal debate process means that each side, in an effort to "win" withholds data that might lead to better outcomes in combined. Yay, you *won* the debate and we're now all going to push our policy makers to do that horrible thing you argued for.

        What if your opponent isn't as good as you are? What if they missed a point you knew about that was persuasive to more people who don't necessarily think like you do? That cuts both ways too. What if your opponent has facts that you don't, and not having those facts weakens your case and now HE wins and we *don't* push for the policy you believe is the correct one?

        This is not a 'game' or 'contest' where you are competing to win prizes. These are real people and real-world impacts.

        In these formats, there *is* an ethical duty to point out the flaws in one's own arguments.

        In conclusion, the rules and ethics of debate contests are good for their format. They may however apply poorly to the format of public policy discourse.

        1. Cybersaber

          Re: Twister

          I ran out of time to edit (there are only 10 minutes given, and I caught this too late. Allow me to reword:

          "This is not a 'game' or 'contest' where you are competing to win prizes. These are real people and real-world impacts."

          You never said it was a game or that you viewed it that way. I only meant this in the sense that the rules you're championing (i.e. it's the opponent's responsibility to present counterfactuals, etc) *are* for that 'contest' format.

          Sorry for writing that in a way that appeared to put words in your mouth.

          My point is that formats like this, where the intended result is to form the best public policy should adopt rules best designed to foster the 'correct' outcome, and should be careful about borrowing from formal debate contest rules where the point is to designate a winner of a contest.

          1. SCP

            Re: Twister

            Except that The Register has explicitly framed this as a debate. But I agree that the subject matter is not a "game" nor that this debate should be seen as a "contest" - and I do not think that Dr Hanks has presented her argument in that way.

            As a GP I believe she is likely to be experienced and knowledgeable in the field of medicine - but possibly less familiar with the challenges of cyber-security. She has probably seen more human suffering than most on this site and has an earnest desire to see better outcomes for her patients, and presents a case for that.

            I still think that it is right that the advocates for and against the motion should focus on their side of the argument. A weakness in an argument is not the same as a deception, differences in values will lead to different weight being given to different facts (the value of improving medical outcomes vs the privacy of individuals).

            Even if we disagree with the argument (because we apply different values, or forsee particular problems) we should attack the argument not the person - especially because this is not a game or contest.

      2. elsergiovolador Silver badge

        Re: Twister

        A person capable of making such statement clearly has a fault in their logical thinking department or this is pure malice.

        I wouldn't make that argument if they have not mentioned that person is a GP. They use position of authority to peddle this nonsense.

        1. SCP

          Re: Twister

          Dr Hank made several statements - which one do you believe indicates a fault in critical reasoning that leads you to "fear for her patients".

          To my mind one of the weakest elements of the argument was equating "assumed consent" to "informed consent" - something several commenters have picked up on; it seems to hinge on a very weak application of "informed". **

          To me Dr Hank seems to have a reasonable knowledge of the value of data in informing medical practices and the benefits it could bring, and of her duties in protecting patient privacy. Indeed the way she has written her argument I formed the opinion that she has had to deal with the matter up close and personal in challenging circumstances.

          ** Given the challenges that have been encountered in explaining the benefits of vaccination over recent months it seems that it can be very difficult to inform sizeable sections of the community.

    2. Matthew 25

      Re: Twister

      She is a Doctor not a data scientist. This article says nothing about her fitness to be a GP. It just shows that specialisms should be left to specialists. The whole argument is specious. Assumption should never be taken as consent. e.g. 'I assumed you consented to give me access to your bank account'

      1. ecofeco Silver badge

        Re: Twister

        Exactly. Assumed consent is a fancy way of saying theft. In law, there is no such things as assumed consent. It's straight up theft.

  6. Dave2

    "it is both appropriate and extremely beneficial for the progress of medical research to know that 50 year old men with prostate cancer who take medication A live for longer than those on medication B."

    Extremely useful but should be part of a properly conducted randomised trial. The NHS has made great strides with outcome analysis (in covid treatments) without needing to give data to 3rd parties. The properly anonymised data may at best indicate that a trial should be performed.

    A big issue is that once the data has been given out there is no mechanism to later withdraw consent. (unlike organ donation for example)

    Why not have internal NHS researchers?

    1. Milo1970

      The trials of which you speak (RCTs) which study very small amounts of people are very different from mass data research in a generalised population.

      RCTs to develop new treatments cost millions and then to bring new drugs to market from those trials cost billions (typically). Universities cannot afford to run such trials and big pharma is not going to gamble on them for anything other than close to dead certs. Rare diseases don't get a look in.

      A mass data analysis is quick, cheap, focussed and doesn't put patients at risk by exposing them either to untested drugs or denying them those potentially life-saving drugs (at the efficacy stage - Phase IIa/b and Phase II of the trial process) if they are on the placebo wing of the trial. This is not comparing like with like. Data research for mass disease is a totally different paradigm.

      1. Dave2

        The trials I was thinking about were relating to articles in the Guardian:

        "The UK has led the world in testing Covid treatments

        The UK Randomised Evaluation of Covid-19 Therapy (Recovery) organisation has become the world’s largest collaboration for trials on people in hospital with Covid-19, with more than 180 hospitals and about 40,000 hospital patients taking part so far."

        "The trials have been hugely influential. By March 2021, dexamethasone, a cheap steroid, was estimated to have saved 22,000 lives in the UK and more than 1 million worldwide. " ... "Recovery trials also established things that did not show clear benefits, such as hydroxychloroquine and convalescent plasma"

  7. Pseu Donyme

    re: consent

    Assumed consent is not consent, never mind informed consent.

  8. This post has been deleted by its author

  9. Jedit Silver badge
    Flame

    "Assumed consent is informed consent"

    What the hell even is "assumed consent"? It sounds like something a rapist would use as an excuse after putting a roofie in a woman's drink. "Well, she came home with me, so I assumed she consented to sex."

    This is right up there with the "Legitimate Interest" buttons on opt-outs. If you ask for an exception to my refusal for legitimate interests, then you admit your regular interests are not legitimate. If you have to assume my consent, that is because *I have not given my consent*.

    1. elsergiovolador Silver badge

      Re: "Assumed consent is informed consent"

      "She didn't keep an eye on her drink, so I assumed she consented"

  10. b0llchit Silver badge
    Unhappy

    The problem with data

    Once the data is generated it will be "lost" or "abused" at some stage. The more data is gathered, the more likely it is for loss or abuse to happen. The only secure data is the data not generated and stored.

    The whole discussion of data (aggregation) with(out) consent is a distraction. You have lost control once the data is generated and stored by a second or third party. That is the point. You, as a person, are an afterthought when you are not the sole proprietor of your own data on your own systems with your own exclusive access and rules.

    These discussions of opt-in/opt-out are post-factum rationalizations. They are only to make one feel good and have ultimately no effect.

    If we'd really be talking about the user's choice of opt-in/opt-out, then a) opt-out as initial choice would no exists and b) we'd be asked every time, for each and every thing, to opt-in. We'd also have total control of where any data is stored and accessed, all the time.

    Unfortunately, most people simply do not care or do not understand.

    1. Milo1970

      Re: The problem with data

      If you actively consent (and it is possible to actively consent even within the aegis of 'assumed' consent) because you see a personal benefit or a benefit to the commonwealth then it is less a matter of losing control, rather actively taking control. It is perhaps like stepping on an aircraft. One makes an active decision to handover control in one's personal interest. That is, in itself, a controlled decision.

  11. firu toddo

    So much wrong

    Automatically opting people in is NOT informed consent. The UK government tried this before. Just forgot to tell us what they were doing. I for one wouldn’t trust them not to try the same again. Those actions call into question the motives behind data sharing. For sure it seems as if the data isn’t really seen as the patients, more like a resource that the medical profession thinks they should control Doing ‘informed consent’ this way is just a way to take something away from the uninformed or those who never get round to it opting out.

    Wanting to share our data with everyone is dangerous. Individual patients have no idea who will end up with their data. As for randomising data, HA! At best it’s pseudo random and can be backtracked in the UK. And there’s always the mission creep factor. It’s for medical trials now. But just imagine, that Colostomy you’ve got, how neat would it be if we could offer the patient cheaper stoma care products?

    Singapore has many reasons for having better Covid outcomes than other place’s besides data sharing, so comparing Covid outcomes between authoritarian regimes and more liberal regimes isn’t an argument that would persuade me. In fact it strikes me as almost emotional blackmail being used to support a pretty weak proposition.

  12. Chris Evans

    Very sensible approach to my mind.

    I have no problem with:

    "The NHS cannot analyse all information on its own, so we safely and securely share some with researchers, analysts and organisations who are experts in making sense of complex information. We only share what’s needed for each piece of research, and wherever possible, information is removed so that you cannot be identified." From: https://www.nhs.uk/using-the-nhs/about-the-nhs/sharing-your-health-records/

    Why? Well:

    I'm nearly finished treatment for Prostate Cancer (They say the treatment should 'cure' me). I had a friend (half my age) who died of cancer last week leaving a wife and two young children.

    If my medical history could help others I'd be more than glad. They do need make sure the safeguards are strong and there will probably be breaches, but to help my fellow citizens it seems a no brainer to me.

    1. Milo1970

      Re: Very sensible approach to my mind.

      I agree. The dangers, such as they are, are hugely overwhelmed and rendered irrelevant by the huge gains and advances at stake for humanity. I have not heard anyone yet articulate a clear and tangible risk to an individual from a data breach. While I am sure those risks are real, I would then want a clear weighing up of those risks against the massive benefits available to release of medical data that can track age, co-morbidities, extant drug interventions etc that will be available to researchers as a result of this data share. In moral terms this is a slam-dunk utilitarian argument. Condemn millions to offer a nominal protection of the individual from a non-specific low risk.

      1. doublelayer Silver badge

        Re: Very sensible approach to my mind.

        I would also be happy to contribute anonymized information, but there are clear harms from a breech. Here are a few situations:

        Someone who has medical conditions may have that appear in checks of public data, which could be misinterpreted by others. For example, the original poster in this thread's history of cancer might convince employers that they will be more likely to have a health situation requiring time off work, so they don't get a job. That's a single possibility which can harm someone severely. The same can happen in locations where private health care means that people's risk for conditions can increase what they have to pay for their health care. Both situations can also apply to children if your health information suggests a risk for inherited illnesses, and since there isn't sufficient data to ensure that, the risk can be used even if it's incorrect.

        There are less severe risks too. While it probably won't directly hurt you to have advertisers hold your medical data, that wouldn't be popular for the simple reason that it's creepy. Medical data is among the most private out there, and therefore the controls over who can see it must be strong. Assuming that anything you like will be fine is not strong.

        1. Milo1970

          Re: Very sensible approach to my mind.

          I feel the harms suggested are hypothetical.

          1. A risk that an employer may know of your disease profile, or the hypothetical genetic risk you may get a disease and not employ you is unlikely. This would be subsumed by many real-world realities. For example, women of child bearing age are given jobs despite the fact they may fall pregnant on the company clock.

          2. The majority of the working population has (in aggregate) a chronic disease and/or mental health issues. At least a third of us will die of cancer. More will contract it and survive it with treatment. If we don't get cancer in work time the chances are we will get something else, before we retire. Employers, whether they know an individual's risk profile or not, must deal with the reality that health problems are common. Further, we all have genetic dispositions to develop certain diseases given sufficient time and environmental triggers. It feels unlikely that a prospective employer will fish out the theoretically healthy option (assuming they know the health profile of everyone) given that so many of us will get ill at some point. Who are the genuinely healthy safe bets?

          3. The above is therefore priced into the labour market and employee risk profile.

          4. Speaking personally - not therefore strictly logically (arguing from the particular to the general which is at best inductive logic) - I have T1 diabetes and a rare cancer. I have always been explicit about these before accepting a job and I have never been turned down for a job.

          I believe, therefore, that the risks commentators are supposing are theoretical and are outweighed by the real, obvious, tangible and concrete benefits of anonymised data sharing.

          1. doublelayer Silver badge

            Re: Very sensible approach to my mind.

            I cannot say what everyone will do, but I know people who make hiring decisions who would, if it were legal and reasonably cheap, have their candidates surveilled for days in order to find things. Since that is neither, they engage in plenty of other fishing expeditions looking for potential reasons not to hire them. Health data could be used, and you wouldn't know. Your successful hiring despite health risks may be due to me being wrong about the general employer, but it might also be due to you having more in-demand skills. Not everyone has that.

            If you still don't buy my argument, I'll be more simple about the harms, then. The harm is that nobody has given consent. It is not your decision what happens to data that is not yours, even if you can think of some reasons having it could be useful. I can conceive of several benefits I could obtain by having full access to your personal data, health or otherwise, but that doesn't give me the right to take it. Researchers have no special exception from that and the others who would process it lack even the public good argument.

  13. teebie

    "societies whose people are willing to widely participate in public health measures like social distancing and wearing masks for the collective good have better outcomes. This is a lesson that translates to health data sharing."

    In what way?

    In an opt-out system there is an incentive to design the system well, in an opt-out system you have a huge captive audience, so don't have to care.

    And anonymisation isn't always possible. 50 is fairly young for prostate cancer. If he's a new case then, combine that with Brian living in London and we've narrowed him down to around 3000 people (1700 new cases per 100k in people aged 50-54. 9 million people in London). Currently there are around 100 Brians born a year in the uk - it was probably higher in 1961, but I still think we have enough data to uniquely identify him.

  14. Cederic Silver badge

    aggregated and securely anonymised

    Leaving aside the assumed/informed consent, this part is key to me.

    I don't actually believe the NHS are capable of properly anonymising data, and I'm far from convinced that they'll even try. Which is why I've opted out.

    1. DJV Silver badge

      Re: I don't actually believe the NHS are capable of properly anonymising data

      Yep, nothing to worry about there at all. It will probably be done by little Jimmy (some doctor's offspring) as a school project using one of the NHS's ancient Windows XP machines with the data held in an old version of MS Access.

    2. NinjasFTW

      Re: aggregated and securely anonymised

      Why even bother to try when its based on date of birth and postcode.

      There is 3 houses in my postcode.....

  15. alain williams Silver badge

    "assumed consent is still informed consent"

    No: even if this is explained on the front pages of all newspapers most people will not understand what it is about. Their eyes will glaze over after a few words and they will look for the latest story about $celebrity.

  16. jonathan keith

    I'd be happy allowing my data to be used, but only if certain conditions are met:

    1. The scheme is opt-in, not opt-out. As mentioned by many earlier commentards, 'opt-out with assumed consent' is a fox-guarding-the-chicken-coop disaster.

    2. Absolute transparency about how data are aggregated and anonymised.

    3. Absolute transparency about how data are encrypted and secured.

    4. Aggregated and anonymised datasets are not able to be / intended to be downloaded or distributed, and that the doing of such is a serious criminal offence.

    5. A written public policy (not 'guidelines') clearly defining the boundaries of acceptable use (which does not - and never will - include for commercial purposes.)

    6. Absolute transparency about who has access to the data, and for what specified purposes, in granular detail. For example:

    - Name of the research group

    - Name of the research group leader

    - Organisation the research group belongs to

    - All sources of funding, both direct and indirect

    - Purpose of research, written clearly in plain english

    - The name and position / job title of the Civil Servant or Health Service staffmember directly responsible for granting permission for the research group to access the data

    7. Audits to ensure that research teams / orgs are behaving themselves.

    8. Clearly-defined protections for whistleblowers.

    Set the system up with all that and I'm in!

    1. yetanotheraoc Silver badge

      Re: I'd be happy allowing my data to be used, but only if certain conditions are met:

      Your well thought out system will go for naught when some PFY exposes the entire NHS dataset on an unsecured AWS bucket.

  17. Falmari Silver badge
    Mushroom

    Public good!!

    Dr Katherine Hanks main arguments are that the data can be anonymised and is for the public good.

    The problem with anonymised data is that it can always be deanonymized. You will not be able to identify an individual from a single data set but once combined with all the other data sets out there that an individual falls into the easier it becomes to deanonymize and identify an individual.

    What I really have a problem with the public good argument. It is for the greater good, it will reduce health care costs etc. Why would individuals not want to give up their private medical data for research and the benefit of society?

    Well, I will when the medical industry also works for the benefit of society and not for profit. That is what will happen from the research on our medical data. From private health care to big pharma huge profits will be made from research on our medical data.

    The best way to reduce health care costs for the benefit of society is to reduce the bloody huge profits that are being made by the medical industry.

    If you want to use our data for the good of society then for the good of society you should not be making a profit from that data.

  18. Electronics'R'Us
    Stop

    Personal rights

    Assuming consent does not displace personal rights, it simply creates a presumption in favour of a public good.

    Yet it does displace personal rights. It creates a presumption that I am a vassal of the state (with an opt out that is to be made as difficult as possible). I agree that suitably researched aggregated data can offer insights into treatment regimes, but how that is done needs to be very tightly controlled.

    The NHS has my data for one very specific reason; so they can give the proper treatment in case of necessity and any other use of that data is not a reasonable use nor should there be any expectation that data may be used for any other purpose.

    As to anonymised data, I would be interested if there were any (so called) anonymised datasets that have not been (or could not be) de-anonymised; the more you remove from the data (which is one way to do it) the less valuable it becomes in all senses. The less you can learn from it. The corollary is also true - the less you remove, the more valuable it becomes.

    The problem lies in that value; high value to researchers also means it has high value to other players who have other ends in mind. The higher the value of the data, the more incentive there is to de-anonymise it for certain commercial interests (and other miscreants) to de-anonymise it. That is simple economics.

    The economics of encryption is a good analogy here: Making decryption more expensive than the value of the encrypted data results in far fewer attempts at decryption (there are always some who will, for various reasons, continue to try). Commercial interests will do a cost / benefit (for them) analysis so if it costs more to de-anonymise the dataset than the value they perceive in it, they won't bother.

    Now the value of the entire NHS (England at least) patient data is enormous to various industries and therefore strong legal safeguards will need to be in place. Sadly, that is something successive UK governments have been unwilling to do.

    They have form here. The information that DVLA hold for me are the details for my driving licence and the records for my vehicle which should be used only for that purpose, but for many years that data has been for sale to parking companies (and just about anyone).

    Personally I do not trust the UK government as far as I could throw an elephant (as real one) when it comes to proper data protection.

  19. Snowy Silver badge
    Facepalm

    No

    The NHS does not even share your data with itself.

    I had to go to A&E to treat a big blister, they took some blood to be tested, also swabbed the wound. No idea what the results where as they have not shared that data with my doctors practice. So before they talk about sharing data with some random researchers maybe get the parts of the "National" heath service to talk to each other.

  20. yetanotheraoc Silver badge

    The shoe could be on the other foot

    Does the GP realize it is not only the patient's data at risk? The insurance companies, to take one example, will be just as keen to know which doctors have worse patient outcomes. And in fact wouldn't the patients also like to know that?

    The fact is, for "data integrity" purposes, it must always be possible for "authorized agents" to deanonymize the data for "authorized purposes". And in future the government is free to change both "authorized" lists for any public benefit du jour. Which is what they *will* do, because doing *something* (anything really) is how to win elections.

  21. Anonymous Coward
    Mushroom

    patient records should be shared with medical researchers on an opt-out basis.

    Oh, really. Because patients and benefit and research and science.

    Everything's secure, yeah right. Because anonymize.

    You seem to have forgotten money. Where does that fit in this picture?

    What a horrible idea. That's Facebook's MO as well.

  22. Cybersaber

    The devil is always in the details....

    The set of professional data scientists (with probably a few outliers) does not contain the set of medical researchers, and almost certainly has no overlap with the set of information security researches. Therein lies the hidden problem in this proposition.

    All three fields need to come together to design research protocols for this type of issue, but yet the foundational problem of personal data control, security, and access is still a hot area of research and is full of debate. Actual domain experts in privacy and security of personal data are saying they don't (yet) have a good way to do so that prevents de-anonymization by adversarial actors.

    "...it is both appropriate and extremely beneficial for the progress of medical research to know that 50 year old men with prostate cancer who take medication A live for longer than those on medication B."

    This is not anonymized data. This is a conclusion based on that hypothetical data, which isn't part of that statement. It's a bit of probably unintentional hand-waving.

    This statement says more loudly than any other that the person arguing the FOR proposition does not sufficiently understand the subject to be credible as an expert in the field being discussed. She's probably a very, very good GP, but she's putting forth an argument that is outside her field of expertise. Her specialty is medicine, and the field being discussed is information security.

    1. yetanotheraoc Silver badge

      Re: The devil is always in the details....

      "Her specialty is medicine, and the field being discussed is information security."

      Actually, are not both being discussed? The arguments _for_ are medicine, and the arguments _against_ are information security. Never the twain shall meet. I thought the GP did a good job putting the _for_ case, even though logically it's bound to lose once the _against_ arguments are heard. I did try to read the article with an open mind, but I'm afraid I failed.

      1. Cybersaber

        Re: The devil is always in the details....

        In a debate, you have to defend your premises.

        Her argument fails because of the false premise "...shared anonymously..." i.e. _IF_ the data can be shared anonymously, THEN here are the benefits of sharing it.

        Since the data _can't_ be shared anonymously, it renders her argument hollow. She doesn't have the professional credentials, to hold up that leg of her argument, thus it falls down.

        If X, then Y.

        X is not true, therefore the truth or untruth of Y cannot be determined.

        If X were true, I could probably agree with her, but that's not the world we live in.

        Edit: You are correct that both fields are being discussed, and I wrongly framed it as an either-or, when it should have been an AND. But since AND requires both inputs to be true, it makes you accurate, but doesn't really change the meat of my argument that she's not qualified to argue the affirmative case because she lacks expert standing in one of the required knowledge domains underpinning her argument.

        1. W.S.Gosset Silver badge

          Re: The devil is always in the details....

          It also fails on internal contradictions, esp. re ethics and the shifting/multiple definitions of informed and consent. See my note below.

  23. Sloppy Crapmonster

    No it isn't

    On the one hand, it would be *absolutely fucking fantastic* if we could trust everybody involved in these transactions to do the right thing and use this data for furthering humankind.

    On the other hand, everybody involved in these transactions are trying to turn data into money, and no fucking thank you to that.

    We have the technology to be living in a Star Trek era right now, but each of F, A, A, N, and G want the whole pie to themselves, which is the diametric opposite of Star Trek.

    Fuck everyone.

    1. ecofeco Silver badge

      Re: No it isn't

      Nailed it.

      Instead of StarTrek we got Idiocracy meets Brazil. Fuck everybody indeed.

  24. bigtreeman

    Hotdocs

    Our doctors surgery uses hotdocs to fill out various forms.

    The "agreement" attached gives the hotdocs company too much scope to share your medical information.

    This is just some dicky third party organisation facilitating the information sharing,

    but they think it's their right to use your data as they see fit.

    Have a look next time, don't just tick the box before using the hotdoc.

  25. sreynolds

    If it's in the national interest....

    Then let a national body take oversight. Is there not enough anonymised data out there.

    The medical industry is only looking for profit. Once that data is out there it can only be used against you.

  26. -v(o.o)v-

    Typical Australian. What else would be expected from the near-fascist country where people gladly give up any rights.

  27. W.S.Gosset Silver badge
    Mushroom

    This entire weasel-whine is an absolute disgrace from start to finish.

    > "Even though it is illegal and unethical for me to disclose private medical information without permission,"

    "...but if I TELL you I'm going to do it, then it's both legal and ethical. Oh, OK, alright, OK, I'll let you say no if you REALLY want to: just go to a govt website somewhere and click around a few levels and hope they've implemented something that actually works AND put it where you can find it. But I'm going to avoid all that unnecessary thinking and hassle and choice for you by just pretending --in my own head-- that really every doctor is going to sit you down every single time you see a doctor and always give you a quick lecture on how they're going to use your data unless you say no by going to that govt website and finding the right tiny bit of it and saying no. And because I've pretended that in my head, then you have given me full consent to do whatever I want with any of your medical data. Because you would have been informed.

    Ethics!!"

    This entire weasel-whine is an absolute disgrace from start to finish. It is entirely misrepresenting essentially every factual aspect, and belabouring utterly fictional emotional dogwhistles to try to distract the reader and to direct the reader's framing & emotional reaction.

    It presents WannabeNannyism. It presents contempt for the population. It meta-presents extremely strong contempt for the reader, by insta-resorting to these weasel-games.

    In this, it is EXACTLY what you'd expect from south-east Australia's privileged classes. As this attitude has been their touchstone for 20-30 years. Example re OptOut? They played exactly this game --EXACTLY-- once before with superannuation. Dogwhistling protection of the poor & uneducated. Ohhh the benefits! Opt-out necessary. Outcome? The poor & unemployed (n.b. the shift in groups) had a large amount of money taken off them and given to the privileged, right down to needing "corrective/protective action" of having entire chunks of their compulsory savings removed from them because too much had been given to the wealthy so the govt should take over what's left "for their protection". Doubling up on the fuckup for the poor & unemployed. I am not joking about this, by the way, nor exaggerating.

    This attitude is the problem. And it appears to have simply found a new venue to play the piss-on-plebs game.

    1. SCP

      Re: This entire weasel-whine is an absolute disgrace from start to finish.

      Ethics are not an absolute truth - they reflect the norms of the society to which they apply. Societies change and so do their norms - which leads to changes in what is considered ethical.

      An example already mentioned in the comments is the change to "assumed consent" for organ donation with an opt-out; another example from a few years back was the debate on stem cell research. The medical profession faces many other dilemmas in balancing the benefits to medical science (and patient outcome) with what society's norms will tolerate - medical researchers typically have to satisfy their ethics board before they undertake a new area of research. They also get to see a great deal of human suffering as a consequence of the unwillingness of society to change - so I believe it is wrong to dismiss their viewpoint as a "weasel-whine".

      If we want to make the case that the societal norms we want to preserve are worth the possible cost in human misery we should be clear about our reasoning for this. Fortunately many other commenters have done so without impuning the character of the advocate.

      If these debate items are to have value, advocates with challenging arguments are needed. Living in an echo chamber does not provide any advance in understanding - but being able to rebut a well made argument should provide a better understanding of the issues (or reveal weaknesses in our own views). Attacking the character of advocates is not conducive to getting good people to contribute to this forum, nor in usefully advancing any understanding.

      1. W.S.Gosset Silver badge

        Re: This entire weasel-whine is an absolute disgrace from start to finish.

        >  a well made argument

        As I made very clear, there wasn't one :-

        > It is entirely misrepresenting essentially every factual aspect, and belabouring utterly fictional emotional dogwhistles to try to distract the reader and to direct the reader's framing & emotional reaction.

        The argument ("factual aspect") had already been addressed by others.

        I called out the non-argument games and gamesmanship. I did so explicitly.

        You regard it as unfair to make the structure of the article explicit. You regard it as inappropriate to make non-argumentation tactics explicit. Likewise raising the real-world consequences of a previous example of exactly these non-argument tactics being used re the discussion topic's core, is a bad thing. Likewise identifying these tactics in a larger perspective as part of a pattern, explicitly, is deplorable.

        > If these debate items are to have value

        ...then they need to be based on facts and explicit reasoning, through to real-world consequences.

        NOT on games and gamesmanship, through to toytown ideologies.

        1. SCP

          Re: This entire weasel-whine is an absolute disgrace from start to finish.

          SCP: a well made argument

          WSG: As I made very clear, there wasn't one :-

          Debateable - you sprinkled your response with ad hominens and emotional dog whistles yourself. Your excerpt from my response was from a part in which I was setting out the case of the value of having debates - not an assessment of Dr Hanks argument. (I was not convinced by Dr Hanks argument).

          WSG: It is entirely misrepresenting essentially every factual aspect, ...

          OK - you later cite others as having addressed this so I will go back and see what others have said on ths point.

          WSG: ... and belabouring utterly fictional emotional dogwhistles to try to distract the reader and to direct the reader's framing & emotional reaction.

          I think that in this case Dr Hanks is entitled to make an emotional argument part of her overall argument since negative medical outcomes have significant human impact - it is [should be] more than just a numbers game. It seems right that Dr Hanks should ensure that the reader is aware of that impact and is informed about it. That does not mean we cannot be critical of an emotional argument and we should remain wary of overreach and our emotional reaction blinding us to other considerations. I would not charactize it as dog-whistling or gamesmanship - that in itself is dog-whistling and gamesmanship.

          WSG: I called out the non-argument games and gamesmanship. I did so explicitly.

          It would have been better if you had evidenced it.

          WSG: You regard it as unfair to make the structure of the article explicit.

          No I don't. I regard it as counter-productive to attack and denigrate the author rather than demonstrate the flaws in the argument. Having your work pulled apart is dispiriting enough - the unnecessary personal attacks are just mean-spirited (and ultimately destructive to the concept of open debate).

          WSG: You regard it as inappropriate to make non-argumentation tactics explicit.

          No I don't. [see above]

          WSG: Likewise raising the real-world consequences of a previous example of exactly these non-argument tactics being used re the discussion topic's core, is a bad thing.

          I don't think that - these would be evidences in support of the counter-argument. It is perfectly possible to bring such things into a debate without using language intended to demean the author.

          WSG: Likewise identifying these tactics in a larger perspective as part of a pattern, explicitly, is deplorable.

          Not really - depends on how you go about it.

          SCP> If these debate items are to have value

          WSG: ...then they need to be based on facts and explicit reasoning, through to real-world consequences.

          I agree. However I am sure that Dr Hank's experience of the real-world consequences are significantly different to mine. I owe it to myself to listen to her viewpoint, express my viewpoint where necessary, and point out flaws and weaknesses in her argument. Doing so in a reasonable and measured manner may lead to both sides or the argument gaining a better understanding of the issues and (where appropriate) modifying their viewpoint.

          I don't think simply pissing all over people and dismissing them as part of a privileged class [Newsflash: just about everybody here is privileged] with toy-town ideas is the way to go. It shuts debate down and we are just left with an echo chamber full of loud angry voices. I can get that anywhere on Twitter [other anti-social media outlets are available].

          1. W.S.Gosset Silver badge

            Re: This entire weasel-whine is an absolute disgrace from start to finish.

            The bulk of your post could have left me baffled by your apparent inability to read/understand what I wrote. But [re '...every factual aspect'] you explicitly said "OK - you later cite others as having addressed this so I will go back and see what others have said on ths point."

            Essentially the entire thread is people "addressing" (hammering) the simple factual aspects.

            You say you didn't pick up on that.

            ...

            You unremittingly make it very clear, both re my post and other people's above: you are not reading nor understanding what people are posting here. You appear to have something firmly in your head and are keywording to try to get things to fit into that framework.

            There is no point engaging with you.

            1. SCP

              Re: This entire weasel-whine is an absolute disgrace from start to finish.

              Ditto.

  28. chris street

    "As a GP I am well versed in navigating individual health privacy considerations" - very true and no one will argue otherwise. Sadly that doesnt extend into the situation on mass.

    The pseudoanonymisation of the dataset that is proposed means that it is as trivial as a few seconds work to add back in the data that was stripped out - and then who is going to be misusing it?

    Remember the 2011 census taken by Lockheed Martin - who then were promptly rogered by the Chinese govt in the RSA hack? Bets on how much of that data was taken along with everything else they lifted? We wont know ever I suspect - but this is what is to be guarded against. Multiple disparate datasets, some held legally, some not all added together make for a scarey combination and potential for misuse.

    Now we have the police wanting unfettered access to medical records. Why? What do they need and where is the oversight there? The "attack surface" keeps on growing.

    There is no way that I would ever consider permitting the distribution of the dataset that is me to anyone other than for what it is intended for - my personal care. If other people want it - they can pay for it, assuming I will permit it in the first place. It's a hard no from me.

  29. drankinatty

    "assumed consent is still informed consent"

    In Texas there is one word for that proposition: "Bullshit". Or perhaps formally "legal legerdemain" or a surreptitious way to disseminate protected health information. When we design electronic systems to handle private information and pass laws to keep that data private for a limited purpose, we all know what "assuming" consent means.

  30. Anonymous Coward
    FAIL

    "assumed consent is still informed consent"

    False.

    Assumed consent isn't even consent, let alone informed consent.

    This doctor should stick to treating patients and leave information security and privacy issues well alone.

    1. ecofeco Silver badge

      Re: "assumed consent is still informed consent"

      Assumed consent is theft.

  31. ibmalone

    "And as for assumed consent for sharing data, it’s important to remember that assumed consent is still informed consent"

    Declaration of Helsinki, which should cover all medical research involving humans:

    "25. Participation by individuals capable of giving informed consent as subjects in medical research must be voluntary. Although it may be appropriate to consult family members or community leaders, no individual capable of giving informed consent may be enrolled in a research study unless he or she freely agrees."

    https://www.wma.net/policies-post/wma-declaration-of-helsinki-ethical-principles-for-medical-research-involving-human-subjects/

    Directly at odds. So no. Assumed consent is not free and informed. A central plank of recording consent is that the subject must have the study explained to them and can only consent if they understand. (Participants not capable of informed consent are a different category, this may include, for example, a trial of some emergency care practice, in which case there are further guidelines about how this could be carried out.)

  32. Data Mangler

    "The experience of COVID-19 has shown that more collectivist, “tight” societies like Singapore and others in South-East Asia have fared better than more individualistic “loose” societies like the USA and the UK."

    I fail to see how this is an argument in favour of the motion. It says lots about decisive government action and nothing about sharing medical data. Repeat after me: "Association does not imply causation". This, of course, is yet another argument against basing medical treatment on statistical studies. I would submit that there are far too many unrecorded confounding variables for many of the statistical studies to be of any value at all. I would much rather see the time, money and effort put into real medical research into the underlying causes of disease instead of epidemiological studies of dubious value.

    1. W.S.Gosset Silver badge

      > I fail to see how...

      Non-sequiturs are a valuable technique for obfuscating a lack of validity.

      > statistical studies

      Quite. But large data sets ARE wonderful tools for p-hacking. And p-hacking is a wonderful tool for supporting ideologies and memes.

  33. staringatclouds

    It's my data, if you want to access it you can ask me, if you present a decent case, can ensure anonymity & privacy I'll let you have it, otherwise, no

  34. ecofeco Silver badge

    Assume I give permission?

    Can they even hear themselves? Talk about unclear on the concept.

    Assuming someone gives permission is just a fancy way of saying it will be taken without permission. In other words, theft.

  35. Squeensnex

    Holding it wrong

    The people in the photo are holding that chest x-ray backwards, unless the patient has situs inversus (the heart on the right rather than the left). Can you trust them with your data?

  36. JohnMurray

    Looking more-amd-more likely that opting-out may be not possible soon

    https://www.theregister.com/2021/10/11/data_guardian_police_bill/

  37. Gerry Hatrick

    No thanks Doctor.

    My medical records are mine. Nobody sees them other than my physician. I couldn't give a rats ass about "the collective" and I especially never ever "think of the kids".

  38. Anonymous Coward
    Anonymous Coward

    Dr Katherine Hanks writes "it’s common for a patient to want to know what their partner told me in their consult,"

    In UK it seems to be normally accepted practise that when man visits a consultant his wife is just assumed to be party to the consultation. I had prostate cancer and routinely the physician would come to the waiting room and invite us both in. I had an issue I wanted to speak about in confidence and was only able to get a message through to say I wanted a personal individual consultation because I was able to speak to the receptionist when my wife went to the loo. It was so unusual for her not to be invited in (unlike previous visits and unlike other couples in the waiting room) that she was clearly aware that something strange was happening. When I was called in she stood up to join and the doctor said he just wanted to speak to me alone first. I asked the doctor to bring her in later for a "managed update" to allay her concerns.

    On a second similar instance, this time with a urology nurse, I was able to do the same but the nurse then invited my wife into the room and told her that "men can be uncomfortable about talking about the more intimate details" and went on to tell her exactly what I'd been concerned about sharing - without my consent.

    Interestingly this is a gendered decision, when accompanying my wife to the hospital for her various tests and consultations normal practice is to just invite her to the consultation - OK I don't especially want to be involved in her mammography, hemorrhoids, cystoscopy etc consultations, I know she'll give me as much detail as she feels comfortable with but why can't I be routinely granted the same degree of confidentiality? I know my wife will give me an edited version of her consultation, she will down-play any more worrying aspects but that is her right, why do I have to go out of my way to get the same right?

    As for the wider debate... My treatment had some complications (metastasis) and I was invited to join the 100,000 genomes project. That involved a half hour session with a specialist nurse to explain in some detail what was involved and the extent to which my data would be shared. I was satisfied that at least the intent to properly manage my data was there (but I remain concerned that there is always the risk of bad-actors gaming the system or gaining unauthorised access to the database - or suppose Dido Harding had got the job as CEO of the NHS). That half hour session was probably not the best use of a nurses time but was evidence that those involved in the project were concerned that patients be fully informed before consenting. Personally I'd had many tens of thousand pounds worth of treatment over a 12 month period at no cost to me, to exchange tightly controlled access to related personal data is a very small price to pay. Furthermore there were additional potential benefits for example: for a reported ~20% of participants one outcome was a recommendation for some further treatment.

    Broadly speaking the NHS data resources are a bit of a shambles, there are centers of excellence, it's the rest that's a problem. Get a firm grip on that with the strictest possible control of access to that data and I'd be happy for implied consent. That database is among the most valuable on the planet to medical researchers and there are drug companies who would leap at the chance to access it at the lowest possible cost in order to create new treatments they could then sell back at extortionate prices. The equation is skewed, the NHS has to have "some skin in the game" i.e. trade a share in the patient data for a share in the rewards, otherwise they are flying blind, selling the data for a price based on a speculative value with no share in the future royalties.

  39. Teejay

    The same old arguments we already heard regarding child protection and terrorism

    It's those same old lobbyist arguments again: 'What could possibly be wrong with saving children and protecting against terrorism, so let's monitor all data and decrypt all conversations.'

    At the end of the day, it's big state, big data, big pharma and thus big money trying to get hold of some of our most private information.

    Just make it opt-in. End of story.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon