back to article Health trusts swapped patient data for shares in an AI firm. They may have lost millions

Seven NHS hospital trusts in the UK including world-renowned pediatric hospital Great Ormond Street appear to have lost millions of pounds following deals with an AI startup that has since delisted from AIM, part of the London Stock Exchange. The company, Sensyne Health, is a fledgling AI business trying to discover and …

  1. Eclectic Man Silver badge
    Unhappy

    Whaaat?

    I had no idea my health data (albeit 'de-identified') could be sold for anything by a health trust. I hope there were contractual clauses about what happens to the data in the event of bankruptcy, take-over or other major changes in status. Delisting from AIM sounds a bit worrying to me, but it may be completely innocent, I suppose.

    1. Anonymous Coward
      Anonymous Coward

      Re: Whaaat?

      Never heard of anyone other than NHS England using it like this as a commodity.

      1. Anonymous Coward
        Anonymous Coward

        Re: Whaaat?

        The surprise is that it is NHS England and not NHS Digital...

      2. david 12 Silver badge

        Re: Whaaat?

        Most of the rest of the world, data is held by private medical-records companies, contracting to GP's, hospitals, and health services. And they are either in joint ventures (as this example), or privately working on projects like this example.

        1. Anonymous Coward
          Anonymous Coward

          Re: Whaaat?

          What about them? this is a sort primarily about NHS organisations.

  2. Andy E

    Lost money?

    If I understand this correctly the NHS trusts haven't lost any money as they didn't spend any. They were swapping anonymised patient records for shares in the startup company. Its a very poor headline.

    1. Dan 55 Silver badge

      Re: Lost money?

      Only the end result is they gave away patient data to a "well-connected" company.

      And even if the hospitals in question managed to earn money out of it, it shouldn't have been done.

      Not having had the time to look properly at the director's list on Companies House, I have only found out that the first director in the list was also high up in an NHS Trust so there is a conflict of interest, and there is an high churn rate of directors in this company of others possibly doing the same? (As I said, not enough time.)

      But let's shrug and carry on.

    2. NIck Hunn

      Re: Lost money?

      I totally agree. Any shares in a startup have no value unless it has a successful exit and most of them don't. I would hope that all of these trusts entered into the relationship because they believed in the chance of successful therapies being developed.

      We need a much more nuanced debate about the potential benefit of sharing health data. If we make it more difficult to use by posting reports like this, suggesting that it is being "sold" for monetary gain, then it will take longer to develop treatments and more people will suffer and die. That is not responsible reporting.

      1. Anonymous Coward
        Anonymous Coward

        Re: Lost money?

        Have to disagree with the comments above.

        With the shares listed on AIM, they had a value. That value would be on the Trusts' financial accounts as an asset.

        With the shares no longer listed and with no readily available market to sell them, they are now worthless and the accounts will reflect that.

        Simplistically the Trusts are now worth less than they were previously because what once had a value now doesn't. As such, yes, the Trusts have "lost" money even if they never technically had it.

        1. Roland6 Silver badge

          Re: Lost money?

          >because what once had a value now doesn't

          Shares go up-and-down and AIM listed shares more so, the loss is an accounting one.

          So whilst they might be listed as an asset, only a fool or someone wanting to artificially inflate a business'es worth would assign any significant value to them.

          Given the shares were effectively given in exchange for patient data, the accounting loss can be rectified by recategorising patient data as an asset and giving it the same notional value as the shares.

    3. Anonymous Coward
      Anonymous Coward

      Re: Lost money?

      It's repugnant the idea that private medical data can be commercialised. These trusts were hoping to make a profit from the venture. This data, if it was safe to release, should have been put on a public share and given to anyone who wanted it for analysis. Now those shares are worthless, it still should be.

  3. Mike 137 Silver badge

    Who 'lost out'?

    "However, at least seven trusts, including Great Ormond Street Hospital, have lost out after striking deals they thought would be worth millions of pounds in exchange for sharing patient data"

    So they didn't get the shares they were offered in exchange for handing over patient data. My heart bleeds for them. I doubt that the cost of 'de-identifying' was a significant loss.

    Having worked in healthcare I can safely assert that absolutely anyone's entire health record is impossible to 'de-identify' as it's unique to the individual and it's surprising how little of it is needed in many cases to identify them.And it's been formally demonstrated that when personal data is 'de-identified' its utility declines a lot faster than its actual anonymity improves.

    So there's now a stash of (what was it?) 12 million health records of individuals floating about somewhere after the company went bust. I guess it's the data subjects that have really 'lost out', not the hospital trusts. The latter must be forced to recognise that it's not their data.

    1. hoola Silver badge

      Re: Who 'lost out'?

      This stinks of smart sales people using the perceived magic of "AI" to do clever stuff from a company that has no assets, limited capital and all sorts of dubious links to the people providing the anonymised data.

      Just another pyramid scheme where a small number of people have made money at a lot of other people's expense.

      Those data sets will have been sold on many times now and who knows what the level of anonymisation was.

    2. Roland6 Silver badge

      Re: Who 'lost out'?

      >So they didn't get the shares they were offered in exchange for handing over patient data.

      They got the shares, just as an AIM listed company the shares (and company) are very volatile.

      The Trusts accountants at some point assigned the shares some notional value - probably the share price on the day of issue and failed to assign a realistic risk factor to the valuation - probably because they didn't do any due diligence on Sensyne. Which if they had done, they would have readily discovered (Sensyne have been up front to shareholders on this) that there is a big mismatch between income and spend that can only be covered through £00M's investment. Hence the need for "Strategic Financing" and the delisting from AIM.

  4. alain williams Silver badge

    Not much comment on patient data

    Most of the write up was about the money.

    The point is that de-identified personal data has all to often been re-identified. So where will this data end up ? It has value so it may well be sold. When put together by some organisation that has a lot of other personal data: bingo - they now know more people's heath problems.

    Were strict limits put on how the data would be used ?

    When a company goes bust its assets are often sold to the highest bidder and original "use agreements" ignored or deemed unenforceable ?

    Sensyne Health is a UK company so subject to the GDPR (the Tories have not abolished it - yet). I do not know if de-identified data is still subject to the GDPR -- it should be.

    Sensyne Health has not (yet) gone bust but may be bought - possibly by a company not subject to the GDPR.

    1. Cederic Silver badge

      Re: Not much comment on patient data

      The de-identified data is very much subject to section 171 of the DPA 2018 - https://www.legislation.gov.uk/ukpga/2018/12/section/171?view=plain

      So the Trusts would have to approve any reversal of the de-identification for it to be legal, which then brings into question their lawful reasons for permitting that.

      1. Anonymous Coward
        Anonymous Coward

        Re: the Trusts would have to approve ....

        I don't doubt that's the legal position. But what enforcement of this will there be? And the data is - covertly or not - shuffled sideways somewhere outside the scope of UK law, is there any realistic likelihood of redress? Against who?

  5. Pascal Monett Silver badge
    Trollface

    Sensyne Health

    So, is that a new branch of Theranos ?

    Looks like it.

    1. Flocke Kroes Silver badge

      Re: Sensyne Health

      I was half expecting Palantir but I believe they have our medical records already.

      1. Anonymous Coward
        Anonymous Coward

        Re: I was half expecting Palantir but I believe they have our medical records already.

        I think that was why Denethor was so depressed.

  6. Anonymous Coward
    Anonymous Coward

    A few notes

    1) If this is a surprise to anyone then I am amazed you can read

    2) No one will face any comeback

    3) compare to the untold billions spaffed by this government to it's mates with PPE and the like, this is chump change.

    4) Your data ? I hope you waved goodbye to it when you handed it over.

    We all need to be ready to be spammed to death (possibly literally) by US healthcare providers who aren't bound by any suggestion of GDPR. Just wait util you start hearing from their affiliate "Christian science" partners for healthcare choices involving contraception and abortion/

  7. heyrick Silver badge

    A cynical person...

    ...might be inclined to think that this was just a bullshit ruse for the gullible in order to carry out a mass data grab.

    A much more pertinent question than asking about the fantasy money is what sort of protections are in place regarding the data handed over (and no doubt without any patient consent), especially given that - since GOSH is implicated - this is likely to involve medical data of children.

    It's high time that it is written in law that NO medical data can be handed to any third party without the express permission (accompanied by a signature) of either the patient or their legal guardian, and that which is given is subject to a no-further-passing rule, with heavy penalties for non compliance.

    Enough of this shit.

    1. hoola Silver badge

      Re: A cynical person...

      Whilst I am completely with you on this the real challenge now with so much held electronically is that one the data is handed over there is no chain as such. it is just a file that can be easily copied, exported and messed around with, usually to make money. One the data has been put somewhere where there is not control, to all intents it is no public.

      At least with a paper record it is much more difficult to distribute.

  8. The man with a spanner

    Absolute v Proportional

    Telling us that trust A negotiated 1 500 049 shares is not particularly helpful. More interesting would be the proportion of the company owned by trust a, B, C etc. If it were to be a significant then the trusts have some influence and the structure potentialy makes more sense.

    1. Doctor Syntax Silver badge

      Re: Absolute v Proportional

      Maybe, as per The Producers, they have several hundred percent.

    2. Graham Cobb Silver badge

      Re: Absolute v Proportional

      I just can't believe that these NHS Trusts were naive enough to put values on these shares! Startup company shares have no value at all unless you have a buyer offering money for them. Surely these trusts have (a) professional financial advisors, (b) accountants and (c) auditors to tell them that.

      Please tell me that no one let them create budgets or plans based on those supposed "share values"!

    3. Roland6 Silver badge

      Re: Absolute v Proportional

      If you have the time going through the Sensyne press releases does provide much information, although I would had expected the article author to have done the legwork.

      From the few releases I've accessed, it seems each Trust received a circa 1% overall shareholding for their "Strategic Research Agreement".

  9. Trotts36

    Unfit for purpose

    The nhs is barely able to run itself as a health provider let alone as an investor (with other peoples data) in startup high risk companies.

    Everyone who had any hand in this disaster should be facing the sack for gross incompetence, but I suspect they’ll instead get bonuses and a knighthood.

  10. Tony W

    What, exactly, did they do wrong?

    Something, surely, but I found it hard to define. In the end I decided that the problem is, that the data should not have belonged to the trust in the first place. If our data is to be used for medical research to benefit humanity, then it should be guarded by an independent organisation with no financial interest in handing it over. Any quid pro quo should go to benefit the NHS as a whole.

    1. Buttons

      Re: What, exactly, did they do wrong?

      Agree the data should not have belonged to a "trust" (Who names these orgs?) and I'd prefer that it did not to belong to any organisation as they cannot be trusted either. The benefit of humanity? How well has that been going?

      Anyway, I'd prefer to own my own data, DNA, my body, my personality, kidneys and everything else that makes me profitable. I want to share in the bonanza. If you want a piece of that, pay for it, otherwise talk to my lawyers.

      Why should I be the only person not to benefit from this wealth?

  11. Jan K.

    NHS apparently loves AIs?

    2017 handed over data to google's deepmind https://news.sky.com/story/nhs-patient-data-given-to-google-illegally-10935315

    ... and being sued now 5 years later... https://news.sky.com/story/nhs-patient-data-given-to-google-illegally-10935315

    1. Tom 7 Silver badge

      TBF the last time I looked at 'oversight planning' it was more like asking for them to really really really promise not to let the data get into the wrong hands rather than just promise. Sort of of lack of understanding of what a piece of wire or even air can let through.

  12. Anonymous Coward
    Anonymous Coward

    The data was 'de-identified you say

    Just as well.

    I don’t want people knowing about the nasty rash on my wedding vegetables!

  13. razorfishsl

    Yep.. so they sold their patients out to get personal profit & then got ripped off

    but then that company can sell the data on

    1. Tom 7 Silver badge

      I would hope the trusts woudnt be so stupid as to allow the company to sell on the data in any form without permission from the trusts. Though of course someone could always devalue the company and then be bought out on the cheap.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022