Within the next few weeks, everyone living in England will see a little white and blue leaflet from the NHS land on their welcome mat.
Under the heading “Better information means better care”, this innocuous piece of paper will outline one of the biggest transformations of the way the NHS handles our confidential data for decades.
From spring this year, every GP surgery in England must begin sending patient information to a central NHS database. The data trawl, which has been given the equally innocuous title care.data, is being hailed as a revolution in the use of information to plan and improve our healthcare – a project which has been personally spearheaded by Health Secretary Jeremy Hunt.
But it has also been condemned as a government-backed intrusion into our privacy on an unprecedented scale. For the first time, information about the private things we discuss with our GP will be – with some exceptions – held in a national database, alongside our NHS number, date of birth, postcode and gender.
Even more worryingly for some campaigners, the data may in future be made available to non-NHS researchers including private health companies – albeit in a “pseudonymised” format.
As it says on the front of the information leaflets, which will be sent to every household in England in January, “you have a choice” about whether to allow your data to leave the GP surgery, but some experts believe that, despite the public information campaign, too many patients are still in the dark about the ramifications of the scheme.
This is partly because the project is very complex, and has been beset by confusion, delays and misinformation. GP surgeries were originally told last summer that data extracts would begin within weeks, and it was their responsibility to tell their patients about it. Amid a widespread outcry that GPs would never be able to inform all their patients in time, the project launch was delayed and the publicity campaign planned.
The organisation at the heart of the project, the Health and Social Care Information Centre (HSCIC), was created in 2013 during the Government’s health reforms as the central hub of a data revolution in the NHS. Described as a body at “arms-length” from government, the HSCIC already collects detailed information about hospital care. But there is a chronic shortage of good information about the health conditions and complaints that GPs see, according to one of the men leading the care.data project.
“There is a desperate need for this kind of intelligence for us to be able to better plan and run the health service,” said Mark Davies, a practising GP and the HSCIC clinical and public assurance director. “I would say that we are running the health service blind-folded without this.
“Just today I had patients coming into to see me who I was referring for suspected cancer, I was speaking to families about the treatment of their relatives for dementia, I’ve just done a visit on someone who was dying at home. All of those conversations were carried out in an environment where we have very poor information not only around what those services are doing but around what the local needs are,” he told The Independent.
However, the second part of Dr Davies’ job title is testament to the level of concern in the NHS, that when patients learn about care.data, they will not see a hugely useful tool for improving healthcare, but a risky information trawl that could pose a major privacy risk.
The information that GPs must send to the HSCIC is identifiable. It will be passed on in the form of clinical codes, which refer to particular health conditions and, in some cases, patient circumstances relevant to health.
Information that GPs record about particularly sensitive conditions and circumstances, such as abortions, sexuality, criminal records and relationship problems, have been “blocked” from the data extracts.
But at the point it reaches HSCIC, data about individual patients appears alongside their unique 10-digit NHS number, their postcode, their gender and their date of birth, making identification relatively easy when cross-referenced to other databases such as the electoral roll.
This information will only be seen by a handful of HSCIC staff and the database has, according to Dr Davies, levels of security that make it a safer place for your information than anywhere else in the NHS. Data in this identifiable form – classed as “red data” – can only be released to third parties in exceptional circumstances, such as a public health emergency, or if the patient has given their consent.
However, data which has had identifiable features “stripped out” will be routinely available to third parties. This so-called “amber data” will at first only be passed on to NHS health commissioners, but in the future, independent researchers, universities and even private health companies could have access to it. NHS England’s chief data officer Geraint Lewis said he had “no ideological problem” with private firms using the data, so long as they did so responsibly.
“The test should be about how it’s going to benefit patient care, rather than making any sweeping ideological statement that we’re not going to allow private companies to access the data,” he told The Independent. “They’d have to demonstrate the same security safeguards as NHS organisations and demonstrate how it would be used for NHS care. The HSCIC never allows data to go to insurers or to be used for marketing purposes.”
Despite the safeguards, many doctors fear that the knowledge that clinical information could end up in a central database will harm patient’s trust in the confidentiality of GP consultations.
There also have been criticisms that patients have not been given a fair chance to opt out. Campaigners have dubbed the publicity campaign “a junk mail drop” and condemned the NHS and HSCIC for not including an opt-out form with the leaflet, which instead instructs patients to directly ask their GP practice to exclude them from the data extract.
At the end of last year, one GP in Oxford even contacted all his patients informing them he would be automatically opting them out of the scheme, asking that they opt-in if they still wanted to be included.
He anonymously told the GP magazine Pulse that his decision, which he understood to be illegal, was made because of his fears that their data would be misused or not be fully anonymous.
Dr Julia Hippisley-Cox, professor of general practice at the University of Nottingham and an expert on data governance in health systems, said that the care.data marked “a massive culture change” for GPs and their patients.
“From the day you start medical school patient confidentiality is drilled into you,” she told The Independent. “The reassurance that GPs give patients is that their information will be kept confidential and only released if patients give permission.
“Part of your relationship with patients is that it is based on trust. I don’t think the general public, when they go to their GP to talk about problems with impotence for instance, will be expecting that information to go a government database who can decide what to do with it.”
Dr Davies said that even if people missed the publicity campaign, it was still possible for them to change their minds and opt out of the scheme, but said he hoped patients would see the benefits of the scheme. “We’re saying to people this is the data we have on you, this is how we’re using it. We are asking them how they feel about that and assuring them they can change their minds about it at any point.”