The NHS’s greatest asset — that’s how the 67 million files containing patients’ medical records and held by GP surgeries across the UK have been described.
This vast library of information, detailing every diagnosis and treatment each of us has ever had, is a precise account of the nation’s wellbeing and a vital tool for tracking illness and improving standards of healthcare.
But in May, NHS Digital — the body that oversees the use of data in the health service — revealed plans for a new scheme, called General Practice Data for Planning and Research, to upload records of all NHS patients in England from GP surgeries to its own central database from July 1.
NHS Digital has given every adult and child in England until June 23 to opt out of the initiative (see box). If you don’t, your confidential data, or parts of it, will be shared with organisations requesting it for medical research, or to help plan a more effective use of the NHS in future.
The Government’s chief medical officer, Professor Chris Whitty, has backed the scheme, pointing out that such data ‘proved its worth in the pandemic’.
Yet doctors’ leaders fear it is being rushed through and will shatter patients’ faith in GPs, who are the legal custodians of our records but are legally required to upload data to NHS Digital.
The NHS’s greatest asset — that’s how the 67 million files containing patients’ medical records and held by GP surgeries across the UK have been described
Your notes have been shared for years
It may surprise you to learn that the sharing of confidential NHS patient data is nothing new — it’s been going on for at least 30 years.
Each time you visit a hospital for emergency treatment, a routine test or planned surgery, it is recorded in the hospital episode statistics, which are collated by NHS Digital.
Every year, it collects around 16 million of these ‘episodes of care’, including patient details such as name, address, sex and medical problems.
This data is made available to interested parties, such as NHS bodies, universities, data analysts and commercial companies — for use in research, but with safeguards to prevent patients from being identified.
A small fee is charged to cover the cost of processing the data requests.
Similarly, the anonymised records of nearly five million people across the UK are already stored on the General Practice Research Database.
Set up in 1987, it is run by the Medicines and Healthcare products Regulatory Agency (MHRA), the government body that vets the safety and use of medical treatments.
This regularly gathers data from 480 GP surgeries, which it then passes on to universities, government departments, drug companies and charities for research.
Any application for data is carefully vetted and the MHRA says it makes no money from the scheme. GPs, meanwhile, get a one-off fee of 10p per patient for sharing their records.
But the controversial new database takes NHS data harvesting to another level, by including every single person — adult and child — in England. It’s the scale of the scheme, and therefore who might be interested in the data, that is setting off alarm bells.
It’s vital for breakthroughs
Britain’s health records are regarded as among the best in the world, because of the amount of detail in them. And there is no doubt patients — around the world — have benefited from the sharing of this data.
The General Practice Research Database, for example, has played a crucial role in ground-breaking research down the years.
In 2004, it was used to carry out a study, later published in The Lancet, which proved that the measles/mumps/rubella (MMR) vaccine did not cause autism, as had been alleged by controversial medic Dr Andrew Wakefield.
And in 2008, scientists used the database to confirm that painkilling drugs known as Cox-2 inhibitors, taken for arthritis, increased the risk of heart attacks and strokes in some people, leading to new guidance on their use.
Meanwhile, at the start of the pandemic, the NHS set up a store of Covid-related patient data to identify those who should shield.
‘Being able to use GP records in this way is vital,’ says John Appleby, director of research and chief economist at the Nuffield Trust, an independent think-tank which investigates ways to improve NHS healthcare. ‘This is invaluable if we are to make NHS services more effective.’
There is already a constant flow of important NHS data to ‘interested parties’ — latest NHS Digital records show that in April 2021, it released 4,660 separate batches of patient data.
Britain’s health records are regarded as among the best in the world, because of the amount of detail in them. And there is no doubt patients — around the world — have benefited from the sharing of this data
The vast majority were organisations such as clinical commissioning groups (health authorities that organise care at a local level), universities, or private data analysis firms that carry out work on behalf of the NHS. Topics ranged from latest figures on the performance of maternity services to cancer waiting times.
According to John Appleby, this data release is ‘very secure’. ‘Anyone wanting access to it has to fill in lots of forms, detailing exactly why they want the data and what they plan to use it for. It’s a very rigorous process.’
NHS Digital told Good Health that data is only ever released when applicants have demonstrated a ‘legitimate’ need for it.
It said: ‘It must be used for health and care planning and research purposes. It would be disingenuous to suggest applicants use it for other activities.’
Its most recent figures show that pharmaceutical giant AstraZeneca was sent patient data covering heart disease rates in England, for example. Clearly there is a ‘research purpose’ to such work, but it may be fair to assume that it’s driven by commercial interest — and the industry is getting such data very cheaply.
Tell patients what’s going on
Critics of the new scheme say access to good data is vital for medical research.
But they accuse NHS Digital of trying to rush the database through while the public is distracted by the pandemic.
One reason for doing this, some argue, is that a similar government scheme — called care.data — was scrapped in 2016 after an outcry over the alleged failure of NHS England to fully inform patients about the plans. The latest scheme, some claim, is just the same idea in different clothing.
‘This has been dropped on us in the middle of a pandemic, with little notice,’ says Dr Neil Bhatia, a GP from Hants with a special interest in patient confidentiality.
‘NHS Digital sees this as an opportunity to hitch a ride on the groundswell of public support for how well data has been used to tackle Covid-19. But they have done nothing to promote it to the public: it’s brazen opportunism.
‘I have no objection to the ethos behind it. But people have a right to say yes or no because once your data goes to NHS Digital, you have no say in what happens to it. I have chosen to opt out because I don’t like the idea of losing all control of my medical records.’
Dr Bhatia adds: ‘For example, some people may object to their records going to companies that may be interested in privatising the NHS. Others might be ethically opposed to it being shared with companies that produce drugs used in abortions.’
Phil Booth, from campaign group MedConfidential, which lobbies for greater transparency on medical data use, says: ‘We are all in favour of using anonymised data for research — but it has to be ethical research that has the fully informed consent of the patient.’
So who will see your files?
Public trust in the safety of confidential records has been undermined by a series of controversial data releases.
In 2018, Public Health England came under fire after sharing data on nearly 180,000 lung cancer patients with a U.S. consulting firm that had affiliations with tobacco companies, although PHE insists it did nothing wrong.
And in 2017, the Information Commissioner’s Office ruled that a high-profile research trial run by the Royal Free NHS Foundation Trust in London and Google (specifically, its artificial intelligence arm, DeepMind) breached data protection rules when details on 1.6 million patients were handed over to the tech giant.
These patients were not adequately informed that their data was going to be shared.
So who will see the data from the new database? On its website, NHS Digital says ‘we do not sell health and care data’ — nor does it share it with ‘marketing and insurance companies’.
But it doesn’t say who it does share information with.
Its figures show commercial companies make up less than 5 per cent of the bodies allowed to access NHS patient data. And around one in five applications fails ‘because they do not meet our standards’ or are withdrawn before approval.
Yet even the Royal College of GPs (RCGP), which backs the scheme, wants the Government to be clearer with patients about how data will be used.
RCGP chairman Dr Martin Marshall says: ‘Patients must have confidence and trust in how the NHS and other bodies might use their information.’
And while every application to access UK medical records is scrutinised by an independent panel of experts, comprising medics, lawyers and members of the public, some experts say there are cracks in the system.
‘A fair amount of patient data goes to universities that may have connections with commercial firms,’ says Phil Booth from MedConfidential. ‘For example, academic research groups often have close ties with drug company representatives, with whom they may share data.’
How to opt out
If you don’t want to have your GP medical records on the new database, search online and print off a ‘type 1 opt-out form’ — or ask your GP for one. Return the completed form to your GP practice.
Alternatively, call NHS Digital on 0300 303 5678 between 9am and 5pm Monday to Friday and ask for one to be sent to you. (Calls to 0300 numbers cost up to 10p per minute from landlines, and up to 40p per minute from a mobile.)
Return the form to your GP practice on or before June 23 to allow time for it to be processed before NHS Digital starts collecting the data on July 1.
If you miss this deadline, you can still opt out, but this only stops new information on your records being added to the database — it won’t erase information already there.
To opt out of having your hospital data shared, visit digital.nhs.uk/services/ national-data-opt-out.
How ‘anonymous’ will details be?
The new database will release information in ‘pseudonymised’ form. So details such as your NHS number, date of birth and postcode are replaced with unique codes generated by special software.
Unlike fully anonymised data, where the patient is completely unrecognisable and cannot be traced, pseudonymised data can be reversed, using a special code that means the patient becomes identifiable.
NHS Digital is adamant this would only ever happen in exceptional circumstances, such as when scientists setting up clinical trials need to find suitable volunteers for their studies — and it would only then apply to patients who have given consent for their data to be shared.
But Dr Bhatia adds that if data users, such as drug firms, can justify it to NHS Digital, ‘they can re-identify you’.
However, John Appleby of Nuffield Trust says that in a career spanning 40 years, he has ‘never come across a single case’ where a patient has been identified.
‘Patients need to be aware that NHS Digital does not allow commercial companies to use their data unless there is a very good reason,’ he adds.
‘I won’t be opting out because I know the real value of the data.’
At least charge properly for data
If the controversial scheme is to go ahead, shouldn’t the NHS at least make a profit from our data — which can then be ploughed back into improving services?
NHS Digital insists that, as a publicly funded body, it can operate only on a cost-recovery basis. This means users pay only an admin fee.
So a single batch of data — which could cover thousands of patients — could be picked up for £930 — a tiny amount for a multi-million-pound pharmaceutical giant.
Dr Bhatia and other campaigners want NHS Digital to put the database plan on ice. ‘This is a blatant data grab — and it’s going to leave a very sour taste.’