England’s NHS is preparing to scrape the medical histories of 55m patients, including sensitive information on mental and sexual health, criminal records and abuse, into a database it will share with third parties.
The data collection project, which is the first of its kind, has caused an uproar among privacy campaigners, who say it is “legally problematic”, especially as patients only have a few weeks to opt out of the plan.
NHS Digital, which runs the health service’s IT systems, confirmed the plan to pool together medical records from every patient in England who is registered with a GP clinic into a single lake that will be available to academic and commercial third parties for research and planning purposes.
Cori Crider, co-founder of Foxglove, a campaign group for digital rights, said: “We all want to see the NHS come out of the pandemic stronger” but noted that the NHS had been “completely silent” on who would have access to the data.
“Is it pharma companies? The health arm of Google Deepmind? If you ask patients whether they want details of their fertility treatment or abortion, or results of their colonoscopy shared with [those companies], they’re not going to want that,” she said.
Foxglove has issued a legal letter to the Department of Health and Social Care, questioning the lawfulness of the plans under current data protection laws, and threatening further legal action.
Rosa Curling, a solicitor at Foxglove, wrote in the letter that she had “serious concerns” about the legality of the move because no explicit consent had been given and “very few members of the public will be aware that the new processing is imminent, directly affecting their personal medical data”.
Patients have until June 23 to opt out by filling in a form and taking it to their GP before their historical records will become a permanent and irreversible part of the new data set. Patients who opt out after the deadline can stop future data from being funnelled into the new system.
The plan to create a new data set was announced by Matt Hancock, health secretary, in early April and publicised mainly on blogs on the NHS Digital website, and through flyers at GP surgeries, said NHS Digital, which added that the plans had been in the works for three years.
But Phil Booth, founder of advocacy group MedConfidential, said: “They’re trying to sneak it out, they are giving you six weeks nominally and if you do not act based on web pages on the NHS digital site and some YouTube videos and a few tweets, your entire GP history could have been scraped, never to be deleted.”
He added that the NHS had “opaque” commercial relationships, often through middlemen, and that it would be difficult to trace who ultimately sees the data. NHS Digital says on its website that it publishes a monthly register of who it has released data to, and whether the data is anonymised or not.
Data that directly identifies patients will be replaced with unique codes in the new data set, but the NHS will hold the keys to unlock the codes “in certain circumstances, and where there is a valid legal reason”, according to its website.
NHS Digital said the Information Commissioner’s Office, the UK’s data regulator, had not objected to its plans, and that it was in the process of delivering a data protection impact assessment.
The plan comes following an attempt in 2013 to extract GP records into a central database, called the Care.data programme, which was abandoned in 2016 after complaints about confidentiality and commercial use.