More than one million patients opted out of NHS data-sharing in a single month – a huge backlash against plans to consolidate personal records from GP surgeries across England into a centralised database that can be accessed by researchers and commercial companies outside of the health service. Concerns have been raised by privacy activists about NHS Digital’s plans to import the records of over 55 million people in England into a centralised database that can be accessed by researchers and commercial companies outside of the health service.
NHS Digital extended the opt-out deadline from June 23rd to September 1st 2021 in response to the public outcry. This was to give people more time to delete their records. However, figures published exclusively by The Observer have now revealed the sheer number of people who have decided to opt-out ahead of the deadline.
It’s not surprising that more than one million people have voiced their concerns about the scheme. To save the scheme, NHS Digital made several concessions to privacy advocates to help it be saved.
NHS Digital’s September 1 2021 launch date was abandoned, but there has not been an announcement of a new date. This is good news for those concerned about data-grab but have not yet been able to complete the paperwork and send it to their GP. It is unlikely that your medical records will be snatched into any central databases anytime soon.
NHS Digital will conduct a “listening exercise” to allay fears before initiating a public education campaign to raise awareness about the plans in advance of the deadline… whenever that may be.
NHS Digital offered an enormous concession to campaigners, allowing patients to ask for the deletion of their personal data at any time. If you miss the deadline for removing health records already added to the data base, they can still be deleted at a later time.
NHS Digital warned that anyone opting out after the deadline would have their future health information removed from the system. All historical data will still be available for researchers and academic partners as well as commercial partners.
NHS Digital also promised to improve the privacy and security of data storage.
This centralized database will contain sensitive information, such as criminal records, date of birth, and full postcode. NHS Digital stated earlier this year that any information that can be used to identify you from your GP records will be pseudonymized before being uploaded. The code that will allow you to decode the anonymised data is held by NHS Digital.
Privacy campaigners were concerned by this as it is a different approach to the big tech companies like Apple and WhatsApp which don’t store digital keys that can be used to decrypt anonymised data. Apple declined to assist FBI investigators trying to unlock the iPhone of a terrorist suspect.
Tim Cook, Apple CEO, stated that “In today’s digital world, a ‘key’ is an information piece that unlocks data. It is as secure and as safe as the security measures around it.” Anyone can defeat the encryption if they have the right information or know how to get around the code. It would function as a master key in the real world. This master key can open hundreds of millions locks, from banks and restaurants to homes and stores. This would be unacceptable to any reasonable person.”
NHS Digital holds the keys to access the anonymized data. However, it states that it will only ever re-identify data “if there is a legal reason and the law requires it to.” NHS Digital gives an example of how medical records could be unscrambled in order to reveal patient identity.
A spokesperson from NHS Digital stated that patient data was vital for healthcare research and planning. This data is used to create treatments for heart, lung, cancer and long Covid diseases, as well as to plan the recovery of NHS services from Covid. Although medical research and planning are beneficial to all, they can only be as effective as the data on which it is based.
The more data you have, the better it can be used to research new therapies or plan for a sustainable NHS service that meets patients’ needs. It is important for people to make informed decisions about how they share their data. Data will never be shared with organisations without a valid legal basis or legitimate use.
“We have received feedback about the proposals. We will continue to work with patients, clinics, researchers, and charities to inform further safeguards. To reduce bureaucratic burdens on GPs. Step-up communication for GPs.
Publited at Mon, 23 August 2021, 16:39.51 +0000