back to article Mega-data platform worth half a billion will suck in info from family doctors

A UK health minister has for the first time admitted that information from family doctors is set to be uploaded to the controversial Federated Data Platform (FDP), a set of technologies under a £480 million procurement for which US spy-tech company Palantir is the incumbent supplier. Speaking in the House of Lords, the UK's …

  1. Roj Blake Silver badge

    Seems Legit

    I'm sure we have no reason to distrust any minister from the party of Boris Johnson when they give us assurances that the rules will be followed at all times.

    1. Anonymous Coward
      Anonymous Coward

      Re: Seems Legit

      @Roj Blake

      Refresh my memory please. Which political party happily went to war on a lie?

      Moral... Never trust any political party. They ALL lie through their teeth.

      1. Yet Another Anonymous coward Silver badge

        Re: Seems Legit

        >Refresh my memory please. Which political party happily went to war on a lie?

        But that was just to keep the American government happy.

        This party aren't going to give American health care companies all this data so they can bid for the privatised NHS.

        1. GioCiampa

          Re: Seems Legit

          "This party aren't going to give American health care companies all this data so they can bid for the privatised NHS" - is that a "pledge" is it?

          Try not ignoring "Moral... Never trust any political party. They ALL lie through their teeth." next time, eh?

  2. Doctor Syntax Silver badge

    No doubt Lord Markham is well qualified to give us that assurance. I'm sure they teach IT security as part of an LSE economics degree.

    1. TimMaher Silver badge
      Headmaster

      Re: LSE

      You sure he went there? Bit lefty.

      Not Elton and Oxford for classics or a PPE?

      1. ICam

        Re: LSE

        If he went to Elton, perhaps he's a rocket man, or maybe just a candle in the wind?

  3. John Robson Silver badge

    No they won't have any access to the data we are asking them to file...

    None at all... How bloody stupid are these people?

    1. Arthur the cat Silver badge

      Re: No they won't have any access to the data we are asking them to file...

      How bloody stupid are these people?

      How high can you count?

      1. Brewster's Angle Grinder Silver badge

        Re: No they won't have any access to the data we are asking them to file...

        How high can I count? Infinity plus one.

        1. Dave559

          Re: No they won't have any access to the data we are asking them to file...

          @Brewster's Angle Grinder, "How high can I count? Infinity plus one."

          Shouldn't you be busy staffing the check-in desk at Hilbert's Hotel?

          1. Brewster's Angle Grinder Silver badge

            Re: No they won't have any access to the data we are asking them to file...

            It's okay, the hotel can wait till tomorrow - I have an infinite amount of time...

    2. MachDiamond Silver badge

      Re: No they won't have any access to the data we are asking them to file...

      "None at all... How bloody stupid are these people?"

      They may not be stupid, but something just as bad.... lawyers. Most politicians are lawyers by training and those people are often the most narrowly educated and experienced people in the world. Certainly in anything technical they can barely pronounce most of the nomenclature properly. They also have a sci-fi understanding of what can and can't be done, getting their information from movies and TV. Stuff where the investigators can take some CCTV footage that's better to start with then one ever sees and can infinitely zoom in and enhance to read the model of Rolex watch written on the face. They'll also have some genius on the team that has a host of limitations such as being unable to walk which has lead them along the path to being a hacker that can root any system 3/4 of the way into the 1 hour episode. Guess what politicians, doesn't happen in the real world.

  4. alain williams Silver badge

    So my data will escape ...

    from my GP and end up in the hands of USA corporations, a country that has inadequate data protection, also read Schrems II.

    1. MachDiamond Silver badge

      Re: So my data will escape ...

      "So my data will escape ...

      from my GP and end up in the hands of USA corporations,"

      That's by design as the NHS "Shares" the data with their "Partners". The translation being that they are selling the information to whomever has the money to pay. The revenue stream is to enticing to ignore.

  5. IGotOut Silver badge

    £480 million pound

    ...that's a fair amount of money they are paying us for all this info.

    What do you mean.....?

  6. Pascal Monett Silver badge

    "NHS patient details will only be available locally"

    Sure. Locally.

    Locally to Palantir, you mean.

    And from there to God only knows.

    1. MachDiamond Silver badge

      Re: "NHS patient details will only be available locally"

      "Sure. Locally.

      Locally to Palantir, you mean.

      And from there to God only knows."

      From there to an employee laptop that is stolen from their car or left on a train when they stopped to have a few after work and were too drunk to remember to take it with them when they got off. I never seem to hear what happened to "John Smith", the employee other than perhaps some mention that they were let go. Certainly there won't be any justification about why an employee is allowed to download a huge swath of private data to transport physically to their home "to do work some work over the weekend".

  7. Anonymous Coward
    Anonymous Coward

    ENGLAND ENGLAND ENGLAND

    The Registers transformation into an American site is now complete.

    This is all to do with NHS ENGLAND ONLY, yet the story mixes "England" and "UK" interchangeably.

    1. xyz Silver badge

      Re: ENGLAND ENGLAND ENGLAND

      It's like the English (and USArians) somehow seem to think that England is UK whereas before it was England as Brits. In (Hotel California or Caledonia) Scotland ( you can check out any time you like but you can never leave the union seemingly) we don't have NHS England up our kilts, so wordsmiths o' the USA take heed. Nuff said.

    2. Anonymous Coward
      Anonymous Coward

      Re: ENGLAND ENGLAND ENGLAND

      > This is all to do with NHS ENGLAND ONLY, yet the story mixes "England" and "UK" interchangeably.

      Yupe. He's an English Health Minister - Scotland, Wales, and Northern Ireland (on the occasional times when it has a functioning government) each have their own Health Minister as health is a devolved matter.

      Also don't assume ICO will want to help with any Data Protection concerns around FDP and GP record sharing - in a ICO complaint regarding my GP Practice's sharing of my health data with a central system and the GP Practice later being unable to remove this information (for which they were the Data Controller) the ICO case officer stated in her Outcome:

      "my view at present is that it is unlikely that <GP Practice> have complied with their data protection obligations. This is because, although they have attempted to remove the data they have shared about you on the NIECR system they have been unable to. As data controllers for that information, we would expect that they should be able to do this."

      The ICO however decided to take no action again the GP Practice's failure to delete my personal data and also took no action against the central body (acting as Data Processor for the GP Practice and so legally required to follow 'instructions' from the GP Practice). My personal data remains on the NIECR due to the ICO's inaction regarding clear breachs of data protection law.

    3. Vometia has insomnia. Again. Silver badge

      Re: ENGLAND ENGLAND ENGLAND

      tbh I got the same thing when I lived in the Home Counties. A lot of people were at best vague about the differences between northern England (where I'm from) and Scotland and got annoyed if you pointed it out.

      Me: "Hello."

      Them: "Why can't you talk properly?! Where are you from?!"

      Me: "Newcastle."

      Them: "Och aye the noo!" (said in a sort of Welsh/Indian accent)

      Sigh.

  8. ecofeco Silver badge

    Mark my words

    Future data breach assured.

  9. Graham Cobb Silver badge

    Who will be the first woman to be sent to death row in Texas for having an abortion in the UK?

    Allowing NHS records to be controlled (and readable) by a US company (such as Palantir), even if "protected" by contracts, means that they are accessible to US courts.

    Many US states have passed laws banning all abortions - including ones performed outside the state. And in Texas the law does not even require the state to prosecute: any private individual can prosecute any woman who has an abortion.

    So, any pregnant woman from Texas visiting the UK had better make sure they do not have an accident and end up in an NHS hospital which deems it necessary to abort her pregnancy. The NHS records of that would become available to prosecute her once she returns to the US. If Palantir has the data they would be forced to disclose it to the US court, whatever agreements the NHS believe they have entered into.

    It is absolutely essential that the contractors, particularly foreign contractors, cannot access NHS data at all - even if there are contracts saying they will not. It isn't just Palantir and the US - similar issues could occur with any foreign contractor subject to the laws of another country.

    1. ecofeco Silver badge

      Re: Who will be the first woman to be sent to death row in Texas for having an abortion in the UK?

      Two down-voters obviously think you are exaggerating.

      I can confirm you are not.

  10. midgepad

    Planning for their retirement?

    This is a spectacularly bad idea.

    Again.

    And I don't believe a word of the Minister's assurances.

    Again.

  11. Wellyboot Silver badge

    AWS will hosting the data

    Data centre in which country and what safeguards* will be in place to prevent wholesale exfiltration?

    * other than a pinkie promise.

  12. Anonymous Coward
    Anonymous Coward

    When you’re getting assurances from a “Lord”

    You know it’s BS.

  13. Cynical Pie

    Can I interest you in this bridge? No? The what about these magic beans...

  14. tiggity Silver badge

    Data Processor

    There are handy loopholes in the GDPR data processor regs.

    "You can only process the personal data on instructions from a controller (unless otherwise required by law)"

    So, with teh early mentioned Texan having an abortion, if the US requested medical data on that woman, then the UK may oblige (as they tend to say yes to many "law enforcement" requests from the US)

    Note I am being kind and assuming the ICO quote means UK / English law (wording does not actually stipulate UK law on the ICO site!),

    Also

    "International transfers: the UK GDPR's prohibition on transferring personal data applies equally to processors as it does to controllers. This means you must ensure that any transfer outside the UK is authorised by the controller and complies with the UK GDPR’s transfer provisions."

    Place your bets on a data controller happily allowing data transfer outside of the UK (who knows may even be slipped into the contracts by default, contracts can contain other data access stuff too e.g. granting processor access to data as part of fault finding / fixing (AKA dealing with bugs) ).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like