Shadow of defunct care.data looms over patient record sharing progress
As a consultation continues over how health authorities should move forward with the possible sharing of GP records, critics question if NHS Digital is going backwards over opt out commitments
The key ambitions of the now defunct care.data project could still remain in place without addressing the key privacy concerns around patient opt outs that saw the project delayed and later cancelled by authorities earlier this year, critics of the programme have claimed.
In July, it was announced that care.data, which was designed to make use of patient data extracted from GP records with the aim of informing clinical planning and other health initiatives, was being scrapped after successive delays on the back of vocal criticism from privacy campaigners.
The cancellation followed a wider review by National Data Guardian Dame Fiona Caldicott of how patient information was shared and protected across UK healthcare. This in turn led to a consultation being established to look at future directions for patient data sharing programmes and how individuals should be informed about them.
NHS Digital, the national provider of information, data and IT systems to UK public healthcare organisations, has maintained that the consultation process is continuing and therefore no decisions have been made over future initiatives for a possible successor to the programme.
Until this month, NHS Digital had been known as the Health and Social Care Information Centre (HSCIC), but was rebranded in a move that Dame Caldicott argued would make the organisation’s links to the National Health Service much clearer.
With the previous care.data project dropped, NHS Digital has since moved to reject reports that a proposed procurement of a Data Services Platform (DSP) was to serve as a new form of data collection and a direct replacement of the care.data programme in all but name.
“The Data Services Platform (DSP) proposal is not a new data collection. The DSP would be a piece of technology, which would allow NHS Digital to securely collect existing datasets in a more effective way, and to better store and process the information,” said a spokesperson for the organisation.
“New data collections are managed entirely separately from the DSP. Any proposals to collect new data are required to go through a rigorous, public, process of independent scrutiny and approval and to meet the necessary legislative requirements.”
With the consultation recommended by Dame Fiona Caldicott still understood to be open for submissions until next month, it is not known how NHS Digital may look to obtain information from GP records, if at all.
With the argument that the aggregation of anonymised records and information is vital to better inform clinical services, planning and functions, healthcare authorities have nonetheless sought to play up the importance of having a dataset of patient information, even in some anonymised form.
Health Secretary Jeremy Hunt has previously advocated for data sharing to be embraced when in a “patient’s interest”, though privacy campaigners have demanded much clearer commitments and restrictions on the type of organisations that may be granted access to the information. However, proponents of sharing GP record information have argued that it remains important to have as accurate and large a set of data possible with regard to planning services.
It was within this space where care.data found itself facing multiple delays leading to planned trials at select Care Commissioning Group (CCG) areas identified as pathfinders in order to try and address concerns over how patients were being informed of rights to opt out from sharing information.
In reviewing how patient information should be shared in the NHS, Dame Caldicott argued earlier this year that “de-identified data”, designed to remove factors that could lead to an individual being linked to a specific record, would benefit commissioning and planning.
Caldicott also used the review to argue that the public appeared “broadly content” for this information to be used for health and social care purposes.
“The review strongly encourages organisations to continue exploring where de-identified and anonymised data that meets the Information Commissioner Office’s (ICO’s) Anonymisation Code of Practice may be used rather than personal confidential data.
The document also proposed that data should be passed to NHS Digital “as the statutory safe haven of the health and social care system” in order to de-identify or anonymise data and share with selected parties.
Caldicott’s findings therefore recommended against allowing individuals that already chose against having information shared under care.data or any other programmes from being exempt from what it called a “de-identification process”.
“However, NHS and social care organisations are more likely to use de-identified and anonymised data if they can be confident that it is of high quality and provides the complete dataset,” said the document.
“For that reason the review recommends that, in due course, the opt-out should not apply to all flows of information into the HSCIC.”
Dr Neil Bhatia, a GP and Caldicott Guardian in Yateley, Hampshire, has argued that any potential ambiguity around what constitutes “de-identified” patient information could further erode public trust in any future NHS Digital data initiatives to inform clinical processes.
Dr Bhatia claimed that GPs already had the capabilities and technology to provide aggregated information that did not identify patients for clinical purposes.
However, he questioned if this might be chosen over a solution where NHS Digital was responsible for de-identifying information.
Phil Booth, coordinator for the Medconfidential campaign group, was also critical about the likely outcomes of the ongoing review of patient data sharing.
“The government consultation to the Caldicott Review will give the first indication of which lessons have been ignored," he said.