tag:theconversation.com,2011:/us/topics/nhs-data-8839/articlesNHS data – The Conversation2021-07-27T14:52:37Ztag:theconversation.com,2011:article/1651032021-07-27T14:52:37Z2021-07-27T14:52:37ZNHS plan to share GP patient data postponed – but will new measures address concerns?<p>The UK government <a href="https://digital.nhs.uk/data-and-information/data-collections-and-data-sets/data-collections/general-practice-data-for-planning-and-research/secretary-of-state-letter-to-general-practice">has postponed</a> its controversial GP patient data gathering scheme in response to concerns over privacy. The General Practice Data for Planning and Research (GPDPR) scheme had planned to upload the data of England’s 61 million NHS users, in a “<a href="https://theconversation.com/your-nhs-data-is-completely-anonymous-until-it-isnt-22924">pseudonymised</a>” form, to a central database. That database could then be accessed by institutions to advance health research and planning. </p>
<p>GPDPR was <a href="https://theconversation.com/nhs-data-gathering-government-plans-to-collect-and-share-health-records-are-hugely-concerning-heres-why-162699">heavily criticised</a> for being rushed through without patients being properly informed. The pseudonymised form (with obviously identifiable information removed) in which the patient data would enter the database was also challenged, with researchers pointing out that it <a href="https://www.theguardian.com/technology/2019/jul/23/anonymised-data-never-be-anonymous-enough-study-finds">did not do enough</a> to guarantee patient privacy.</p>
<p>The government has laid out a series of significant improvements to the data-sharing scheme which will now be carried out before its eventual implementation. But while these proposed changes are welcome, the future of health data in the UK, after years of wrangling and U-turns, is yet to be free of controversy.</p>
<hr>
<p>
<em>
<strong>
Read more:
<a href="https://theconversation.com/nhs-data-gathering-government-plans-to-collect-and-share-health-records-are-hugely-concerning-heres-why-162699">NHS data gathering: government plans to collect and share health records are hugely concerning – here's why</a>
</strong>
</em>
</p>
<hr>
<p>The pandemic has called for the productive use of detailed health data, held in the UK by the NHS in a variety of specialised databases. Such data has been used in the <a href="https://www.opensafely.org">OpenSAFELY</a> environment at the University of Oxford, which produced <a href="https://www.nature.com/articles/s41586-020-2521-4">early insights</a> into factors associated with COVID-related deaths without compromising patient privacy.</p>
<p>It’s less clear whether the UK government’s own initiatives were productive, let alone responsible. A comprehensive list of the data sets included in the <a href="https://www.england.nhs.uk/contact-us/privacy-notice/how-we-use-your-information/covid-19-response/nhs-covid-19-data-store/">COVID data store</a>, built by big data company Palantir, was never published. We’re still in the dark about what AI company Faculty and others actually <a href="https://theconversation.com/why-we-need-to-know-more-about-the-uk-governments-covid-19-data-project-and-the-companies-working-on-it-141078">used it for</a>. Meanwhile, <a href="https://www.thebureauinvestigates.com/stories/2021-02-24/revealed-data-giant-given-emergency-covid-contract-had-been-wooing-nhs-for-months">stories abounded</a> about senior NHS and government officials talking to tech companies about the sale of NHS data.</p>
<h2>Previous data-sharing plans</h2>
<p>Then, in spring 2021, the UK government decided to revive a dormant plan. For much of 2013 and 2014, the then-health secretary, Jeremy Hunt, and his team at NHS England had attempted to introduce the “care.data” scheme. This would have gathered GP data from all English GPs, combining it with health databases held by the health service’s IT agency, <a href="https://digital.nhs.uk/">NHS Digital</a>, to create a large data set for a vaguely defined set of purposes. </p>
<p>The plan was thought to be reckless. There was a backlash from GPs and the wider public, with the press raking up stories of past <a href="https://theconversation.com/time-for-some-truth-about-who-is-feeding-off-our-nhs-data-23998">dubious NHS health data sales</a>. This forced the introduction of opt-outs, definite and indefinite postponements, and eventually <a href="https://theconversation.com/care-data-has-been-scrapped-but-your-health-data-could-still-be-shared-62181">the abandonment</a> of care.data in 2016.</p>
<p>This chaos seemed to be repeating itself in 2021, and at a very high speed. The <a href="https://digital.nhs.uk/data-and-information/data-collections-and-data-sets/data-collections/general-practice-data-for-planning-and-research">GPDPR</a> scheme <a href="https://digital.nhs.uk/news-and-events/latest-news/improved-collection-of-gp-data-launched">was announced</a> on May 12 2021, catching GPs and the public by surprise. The advocacy group <a href="https://medconfidential.org/how-to-opt-out/">medConfidential</a> quickly unearthed a way for patients to opt out of the scheme, with <a href="https://www.lhmp.co.uk/news/general-practice-data-for-planning-and-research-gpdpr/">GPs providing information</a> to help them do so. </p>
<figure class="align-center ">
<img alt="A phone showing an opt-out option" src="https://images.theconversation.com/files/413329/original/file-20210727-15-k9x7qv.jpeg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/413329/original/file-20210727-15-k9x7qv.jpeg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=400&fit=crop&dpr=1 600w, https://images.theconversation.com/files/413329/original/file-20210727-15-k9x7qv.jpeg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=400&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/413329/original/file-20210727-15-k9x7qv.jpeg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=400&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/413329/original/file-20210727-15-k9x7qv.jpeg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=503&fit=crop&dpr=1 754w, https://images.theconversation.com/files/413329/original/file-20210727-15-k9x7qv.jpeg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=503&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/413329/original/file-20210727-15-k9x7qv.jpeg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=503&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">Some patients rushed to opt out of the new data-sharing scheme.</span>
<span class="attribution"><a class="source" href="https://www.shutterstock.com/image-photo/consent-withdrawal-form-nhs-digital-website-1980110576">mundissima/Shutterstock</a></span>
</figcaption>
</figure>
<p>The scheme was postponed on June 8 by a few months after objections were raised by <a href="https://www.rcgp.org.uk/-/media/Files/News/rcgp-bma-letter-gpdpr.ashx?la=en">various medical associations</a> and the <a href="https://www.digitalhealth.net/2021/06/calls-to-pause-new-gp-data-collection-service-gather-speed/">MP David Davis</a>. Meanwhile, <a href="https://www.hdruk.ac.uk/news/nhs-digital-gp-dataset-joint-statement-from-the-medical-and-social-research-community/">health researchers</a> expressed their displeasure at privacy concerns preventing data collection that could one day be used to save lives. So far, this was all very 2014.</p>
<p>But at the end of July 2021, we appear to have reached a point where the officials behind the GPDPR scheme are finally listening to critics’ concerns. We may no longer be headed for a repeat of the complete failure of care.data.</p>
<h2>Proposed improvements</h2>
<p>GPDPR has now been postponed again until a collection of serious mitigations are put in place. In my view, as a researcher of health data and cybersecurity, the most important of these is that GP data, once uploaded, will only be made available in TREs (trusted research environments) similar to the OpenSAFELY one mentioned above. This means a move from sharing data in a “safe” way to sharing access to data in a way that is verifiably safe through monitoring and transparency. </p>
<p><div data-react-class="Tweet" data-react-props="{"tweetId":"1417164844369854478"}"></div></p>
<p>Much of the care.data debate concerned the <a href="https://theconversation.com/your-nhs-data-is-completely-anonymous-until-it-isnt-22924">safety</a> and <a href="https://theconversation.com/foi-reveals-cynical-logic-that-compromises-nhs-data-privacy-24750">legal status</a> of “pseudonymised” data. Individual level health data is considered too rich to be safely anonymised, jeopardising patient privacy. Accessing data sets only within TREs mitigates this issue, and also the problem of data sets being shared onward.</p>
<p>TREs also provide a unique opportunity for transparency. All queries executed against the data can be recorded and monitored – OpenSAFELY even publishes them. This will make it easier to guarantee the welcome promise that the GP data will only be used for improving health and care.</p>
<p><a href="https://www.pulsetoday.co.uk/news/technology/gps-will-need-to-risk-assess-mass-patient-data-extraction-says-ico/">It was clear already</a> that both GPs and NHS Digital, will be legally required to produce data protection impact assessments for the scheme. These will now be published well ahead of the data collection, offering a great opportunity for transparency, consultation and scrutiny.</p>
<p>Another mitigation concerns GPDPR opt-outs, which were initially only intended to apply to data not yet uploaded to the new database. This was in contradiction, at least in spirit, with <a href="https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-erasure/">data protection rights</a> on withdrawing consent and requesting data deletion. The option to opt out of the GPDPR scheme has now been extended for at least another year. Finally, the government has promised better communication to the public before the scheme goes ahead.</p>
<h2>An end to the controversy?</h2>
<p>Overall, these new measures provide hope. But some concerns remain. First, many of the concerns expressed about GP data also apply to hospital data, which is currently widely shared in pseudonymised form, including for purposes that many would <a href="https://theysolditanyway.com/">consider commercial</a>. This, and a <a href="https://www.ft.com/content/6f9f6f1f-e2d1-4646-b5ec-7d704e45149e">range of other forms of sharing</a>, make it hard to take the <a href="https://digital.nhs.uk/data-and-information/data-collections-and-data-sets/data-collections/general-practice-data-for-planning-and-research/secretary-of-state-letter-to-general-practice">government’s line</a>, “patient data is not for sale and never will be”, entirely seriously.</p>
<p>If the government was serious about protecting health data, it would ensure that hospital data, genomic data, and other centralised databases were also only available through TREs, and only accessible for the purpose of improving health and care.</p>
<p>More generally, the current UK government continues to put forward a narrative of commercialisation and innovation, <a href="https://www.gov.uk/government/publications/taskforce-on-innovation-growth-and-regulatory-reform-independent-report">demanding de-regulation</a> where necessary. In particular, the government’s promises sit awkwardly with the emphasis on innovation in its <a href="https://www.gov.uk/government/publications/data-saves-lives-reshaping-health-and-social-care-with-data-draft/data-saves-lives-reshaping-health-and-social-care-with-data-draft#helping-developers-and-innovators-to-improve-health-and-care">health data sharing strategy</a>. With these tensions still to be resolved, and a new <a href="https://commonslibrary.parliament.uk/research-briefings/cbp-9232/">health and care bill</a> likely to be rushed through shortly, the future of health data in the UK is still highly uncertain.</p><img src="https://counter.theconversation.com/content/165103/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Eerke Boiten receives funding from various research funding organisations for research projects that are not closely related to the topic of this article. </span></em></p>The latest NHS data sharing scheme looked set to repeat past mistakes – but the latest postponement provides hope.Eerke Boiten, Professor of Cybersecurity, School of Computer Science and Informatics, De Montfort UniversityLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/1206312019-08-08T13:02:10Z2019-08-08T13:02:10ZAI could be our radiologists of the future, amid a healthcare staff crisis<figure><img src="https://images.theconversation.com/files/287367/original/file-20190808-144868-1qy07g9.jpg?ixlib=rb-1.1.0&rect=0%2C0%2C870%2C579&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">There are more radiological scans than ever, but too few radiologists to interpret them.</span> <span class="attribution"><a class="source" href="https://commons.wikimedia.org/wiki/File:Radiologist_interpreting_MRI.jpg">The Medical Futurist</a>, <a class="license" href="http://creativecommons.org/licenses/by/4.0/">CC BY</a></span></figcaption></figure><p>It is <a href="https://www.bbc.co.uk/news/uk-scotland-north-east-orkney-shetland-44616538">almost 40 years since</a> a <a href="http://broughttolife.sciencemuseum.org.uk/broughttolife/objects/display?id=6765&image=1">full-body magnetic resonance imaging machine</a> was used for the first time to scan a patient and generate diagnostic-quality images. The <a href="https://iopscience.iop.org/article/10.1088/0031-9155/25/4/017/meta">scanner and signal processing methods</a> needed to produce an image were devised by a team of medical physicists including John Mallard, Jim Hutchinson, Bill Edelstein and Tom Redpath at the University of Aberdeen, leading to widespread use of the MRI scanner, now a ubiquitous tool in radiology departments across the world. </p>
<p>MRI was a game changer in medical diagnostics because it didn’t require exposure to ionising radiation (such as X-rays), and could generate images on multiple cross-sections of the body with superb definition of soft tissues. This allowed, for example, the direct visualisation of the spinal cord for the first time.</p>
<p>Most people today will have undergone an MRI or know somebody who has. Along with the other tools available to radiologists, MRI has become essential to confirm the extent of disease, identify whether the patient has responded to treatment, and to demonstrate complications and in some cases guide intervention.</p>
<hr>
<p>
<em>
<strong>
Read more:
<a href="https://theconversation.com/obituary-professor-sir-peter-mansfield-whose-invention-of-the-mri-scanner-revolutionised-medicine-72815">Obituary: Professor Sir Peter Mansfield, whose invention of the MRI scanner revolutionised medicine</a>
</strong>
</em>
</p>
<hr>
<p>But radiology has become a victim of its own success, with an exponential rise in the number of imaging examinations requested within increasingly complex healthcare systems that serve an ageing population. Demand outstrips the supply of radiographers and radiologists available to produce these scans in publicly-funded healthcare systems such as the NHS.</p>
<p>In Scotland, in particular, the <a href="https://www.rcr.ac.uk/system/files/publication/field_publication_files/clinical-radiology-uk-workforce-census-report-2018.pdf">number of consultant radiologists has flat-lined</a> over the past ten years, while the range and complexity of imaging methods grows with each generation of scanners. Radiologists are running in order to stand still, with even the most efficient departments outsourcing some of their workload to external agencies.</p>
<figure class="align-center ">
<img alt="" src="https://images.theconversation.com/files/287368/original/file-20190808-144862-my83g2.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/287368/original/file-20190808-144862-my83g2.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=600&fit=crop&dpr=1 600w, https://images.theconversation.com/files/287368/original/file-20190808-144862-my83g2.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=600&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/287368/original/file-20190808-144862-my83g2.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=600&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/287368/original/file-20190808-144862-my83g2.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=754&fit=crop&dpr=1 754w, https://images.theconversation.com/files/287368/original/file-20190808-144862-my83g2.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=754&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/287368/original/file-20190808-144862-my83g2.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=754&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">Interpreting the extraordinary detail from MRI scans is something that could be automated using AI.</span>
<span class="attribution"><a class="source" href="https://www.flickr.com/photos/mgdtgd/3507973704">mgdtgd</a>, <a class="license" href="http://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA</a></span>
</figcaption>
</figure>
<h2>The potential and problems of AI</h2>
<p>Meanwhile, innovators in industry have seen the potential opportunities that artificial intelligence (AI) might bring to healthcare, particularly radiology and pathology which are based on digital images. Machine learning algorithms fed with large amounts of past diagnoses can generate new rules for classifying scans based on past examples. The approach of applying this technique to diagnostic scans is known as <a href="https://www.ncbi.nlm.nih.gov/pubmed/31080889">radiomics</a>. </p>
<p>A barrier to wider use is the <a href="https://www.ncbi.nlm.nih.gov/pubmed/30962048">lack of secure access to sensitive patient data</a> with which to develop and test AI models. Another is the public’s lack of trust of new methods – even though computerised decision-making in healthcare <a href="https://theconversation.com/ai-can-excel-at-medical-diagnosis-but-the-harder-task-is-to-win-hearts-and-minds-first-63782">dates as far back as the early 1970s</a>. Finally, there is the problem of <a href="https://www.tandfonline.com/doi/full/10.1080/17434440.2019.1610387">evaluating new methods based on real-world data</a>. </p>
<hr>
<p>
<em>
<strong>
Read more:
<a href="https://theconversation.com/ai-can-excel-at-medical-diagnosis-but-the-harder-task-is-to-win-hearts-and-minds-first-63782">AI can excel at medical diagnosis, but the harder task is to win hearts and minds first</a>
</strong>
</em>
</p>
<hr>
<p>We might ask whether we need artificial intelligence in patient care at all. But the power of these new techniques could offer huge opportunities. No matter how skilled, humans are subject to fatigue, boredom and regular interruptions, and these are when errors can occur.</p>
<p>Machines can work without tiring, but their ability to make intuitive decisions or rely on years of experience to recognise when an abnormality poses an urgent risk is unknown. Even without relying on artificial intelligence for complex matters, just using it for mundane tasks such as appointment booking, allocating staff and equipment, prioritising radiologists’ jobs, or incorporating data from health care records would free up clinicians’ time for other tasks.</p>
<h2>A testbed for future healthcare</h2>
<p>In the UK, <a href="https://www.abdn.ac.uk/news/12398/">iCAIRD</a>, the Industrial Centre for Artificial Intelligence Research in Digital Diagnostics, brings together experts from the Universities of Aberdeen, Edinburgh, Glasgow and St Andrews together with the NHS and industry partners such as Canon and Phillips in a £15m centre based in Glasgow.</p>
<p>Launched last year, the project will test how well artificial intelligence algorithms compare to human expertise by providing secure access to anonymised clinical data in areas including breast cancer screening, stroke diagnosis and treatment, chest X-rays from A&E, and cervical and <a href="https://www.nhs.uk/conditions/womb-cancer/">endometrial</a> cancer pathology. Using an established approach for secure access to anonymised images, reports and relevant clinical data, AI researchers will be able to develop and test their methods. iCAIRD will also create a national digital pathology database.</p>
<hr>
<p>
<em>
<strong>
Read more:
<a href="https://theconversation.com/a-brain-scan-to-tell-if-youre-depressed-and-what-treatment-is-needed-75005">A brain scan to tell if you're depressed – and what treatment is needed</a>
</strong>
</em>
</p>
<hr>
<p>Cancer care typically involves multidisciplinary team meetings between clinicians from different specialisms: in the same way, the aim at iCAIRD is that multiple artificial intelligence applications can be integrated to create an AI-based virtual multidisciplinary team meeting, where knowledge from radiology and pathology can direct <a href="https://www.ncbi.nlm.nih.gov/pubmed/31022746">personalised management of cancer patients</a>.</p>
<p>Just as new drugs must be properly evaluated before use, so must new artificial intelligence methods. We are fortunate to be able, through iCAIRD, to evaluate performance of these new algorithms with real-world data. It is clearly crucial to bring the public on this journey of evaluating AI as a potential solution.</p>
<p>Any new way of working is likely to come at a price – whether that is profit for the firms developing AI, just as the pharmaceutical industry profits from new drugs – or at a cost to the public in the loss of absolute patient data privacy. How to balance these and ensure good governance of AI in healthcare should be <a href="https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6521904/">a matter for public debate</a>, and not the role of a single sector, or a handful of companies.</p>
<p>Ultimately the benefits will be maximised if we, as healthcare staff, patients and members of the public, are involved in determining the direction of the journey. The responsibility lies with us all.</p><img src="https://counter.theconversation.com/content/120631/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Alison Murray receives funding from Innovate UK, the European Commission, the Wellcome Trust, the Chief Scientist Office, the Scottish Funding Council (via the Scottish Imaging Network: A Platform of Scientific Excellence) and the University of Aberdeen.</span></em></p>Automated decision making has been around in healthcare since the 1970s, and now radiology is the new frontline where AI is being deployed.Alison Murray, Roland Sutton Professor and Chair of Radiology, University of AberdeenLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/1062102018-12-17T12:13:23Z2018-12-17T12:13:23ZNHS spends millions on emergency admission risk tools – with no evidence of patient benefit<figure><img src="https://images.theconversation.com/files/247051/original/file-20181123-149335-1xhdvz6.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">
</span> <span class="attribution"><a class="source" href="https://www.shutterstock.com/image-photo/doctor-working-health-check-healthcare-medical-530055667?src=D-wf6LfEggJx7Osob_a78w-2-56">Have a nice day photo/Shutterstock</a></span></figcaption></figure><p>Emergency hospital admissions are a huge concern and, worryingly, they are <a href="https://www.nao.org.uk/wp-content/uploads/2018/02/Reducing-emergency-admissions.pdf">on the rise</a>. They are one of the most costly elements of the UK health service, and often result in <a href="https://www.health.org.uk/publications/emergency-hospital-admissions-in-england-which-may-be-avoidable-and-how">poor outcomes</a> for the patients involved, with a chronic shortage of beds, exposure to infections, and delays in discharge from hospital adding to problems.</p>
<p>Thanks to advances in patient data collection and analytics we can predict which people are likely to be admitted in an emergency and try to help them avoid a crisis. Information such as age, diagnoses and past history of hospital visits can be used to calculate a person’s risk of an emergency admission up to one year ahead. More than 30 risk tools are available to primary care staff in the UK for identifying patients for preventative care. However, our <a href="https://qualitysafety.bmj.com/content/early/2018/11/04/bmjqs-2018-007976.full">new research</a> adds to a <a href="https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4838740/">growing evidence base</a> that questions whether these tools actually help reduce emergency admissions.</p>
<p>Since 2013, the NHS has paid UK GP practices <a href="https://digital.nhs.uk/services/general-practice-gp-collections/service-information/avoiding-unplanned-admissions-components-2-and-3">over half a billion pounds</a> to tackle emergency admissions – mainly by identifying high risk patients and managing their care (known as case management). An estimated 95% of UK general practices have participated in such initiatives. But the introduction of GP-led case management was based on the presumption that it would benefit patients and reduce admissions, and not on evidence of its effectiveness. </p>
<figure class="align-center ">
<img alt="" src="https://images.theconversation.com/files/247052/original/file-20181123-149323-fr6w8y.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/247052/original/file-20181123-149323-fr6w8y.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=400&fit=crop&dpr=1 600w, https://images.theconversation.com/files/247052/original/file-20181123-149323-fr6w8y.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=400&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/247052/original/file-20181123-149323-fr6w8y.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=400&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/247052/original/file-20181123-149323-fr6w8y.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=503&fit=crop&dpr=1 754w, https://images.theconversation.com/files/247052/original/file-20181123-149323-fr6w8y.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=503&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/247052/original/file-20181123-149323-fr6w8y.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=503&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">In consultation.</span>
<span class="attribution"><a class="source" href="https://www.shutterstock.com/image-photo/young-female-doctor-talking-senior-couple-280364534?src=zod1n39f1ILpPeSNRtgylw-1-47">Monkey business images/Shutterstock</a></span>
</figcaption>
</figure>
<p>For <a href="https://qualitysafety.bmj.com/content/early/2018/11/04/bmjqs-2018-007976.full">our recently published research</a>, we used the introduction of an emergency admission risk tool in Wales to study what difference it made to patient care. The PRISM tool was developed for NHS Wales and rolled out across 32 general practices as part of a randomised trial. Its rollout overlapped with the introduction of payments to practices to support case management work. Surprisingly, we found that across the 230,000 people who were patients at these practices, emergency admissions and use of other services didn’t fall, they rose slightly – and there was little evidence of patients benefiting from the tool.</p>
<p>Through interviews, we found that GPs were willing to use PRISM, but were concerned over a lack of community services to support patients that had been identified. Typically they used the tool to deliver the contractual work on case management, but much of this work was staff meetings and paperwork rather than direct patient care. This feedback ties in with criticisms of the contractual work as <a href="http://www.pulsetoday.co.uk/news/gp-topics/gp-contract-2017/18/scrapping-the-unplanned-admissions-des-is-a-significant-achievement/20033816.article">bureaucratic</a>, adding to the work of already stretched GPs. As workload has been cited as a major factor in reports that <a href="https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4608111/">82% of GPs</a> expect to leave the profession or reduce hours within five years, any innovation which places new demands on the profession should be considered with care.</p>
<p>Although the largest study in this area to date, ours is not the only one to cast doubt on the value of GP-led case management for high-risk patients. An evaluation in Manchester <a href="https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4838740/">had similar findings</a>. It has been suggested that an emphasis on those with the highest risk scores <a href="https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3821539/">is not appropriate</a>, as there may be little which can be done to keep these people safe and well at home. Instead, there may be more potential for impact with those at lower risk. And, as leading health services professor Martin Roland said, when considering our research, perhaps the emphasis on reducing admissions and cost savings is wrong - it should be <a href="https://discover.dc.nihr.ac.uk/content/signal-000557/introducing-a-primary-care-risk-prediction-tool-did-not-reduce-emergency-admissions">focused on improving care</a>.</p>
<p>There is another message here too, about the challenges of ensuring that health policy is based on the best research evidence. While our study was taking place, NHS England brought in three years of annual payments for case management of those at risk of admission. Would they have committed these costs if our results were known in advance? Perhaps not. But the time it takes to design, gain funding, and then deliver robust research (seven years in the case of our study) is at odds with a desire to address immediate health challenges. </p>
<p>Emergency admissions remain an immediate challenge. In the last year alone they <a href="https://www.gov.uk/government/speeches/prevention-is-better-than-cure-matt-hancocks-speech-to-ianphi">increased by 6.6%</a>. The <a href="https://www.england.nhs.uk/gp/gpfv/investment/gp-contract/">latest GP contract in England</a> includes the use of similar data tools to identify and proactively manage people with frailty in primary care. Unfortunately, the approach again lacks the kind of robust evidence we need to determine if it is likely to be successful. We hope it is, but let’s not rely on hope alone, and instead continue to strive for research to inform evidence-based care.</p><img src="https://counter.theconversation.com/content/106210/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>This study was funded by the National Institute for Health Research (NIHR) Health Services Delivery Research Programme (project number 09/1801/1054).
The views expressed are those of the author(s) and not necessarily those of the NHS, the NIHR or the Department of Health and Social Care.</span></em></p><p class="fine-print"><em><span>Alison Porter receives funding from National Institute for Health Research and Health and Care Research Wales. </span></em></p><p class="fine-print"><em><span>This study was funded by the National Institute for Health Research (NIHR) Health Services Research Delivery Programme (project number 09/1801/1054). The views expressed are those of the author(s) and not necessarily those of the NHS, the NIHR or the Department of Health and Social Care.</span></em></p>Case management systems used by GPs are supposed to help those at risk.Mark Kingston, Senior Research Officer, Swansea UniversityAlison Porter, Associate Professor in Health Services Research, Swansea UniversityBridie Evans, Research Officer, Swansea UniversityLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/824532017-11-06T12:34:18Z2017-11-06T12:34:18ZThe problems that occur when health data is not used<figure><img src="https://images.theconversation.com/files/193325/original/file-20171105-1046-wj9efl.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">
</span> <span class="attribution"><a class="source" href="https://www.shutterstock.com/image-photo/doctor-watching-medical-record-patient-417944593?src=-jXOmmFtoVwF--W_J55qfw-1-2">Pressmaster/Shutterstock</a></span></figcaption></figure><p>Health data is more than just statistics or numbers. It can be collected, used and shared in lots of different ways. But ignoring certain medical data has the potential to change the way you are treated, how your care is provided and what happens to you as a result.</p>
<p>When you visit a doctor or hospital, the questions you’re asked, and treatment you’re given are all taken down in medical records. These are confidential, but when anonymised this information holds immeasurable potential for public benefit, so long as it is used safely and effectively. All of this information combined ultimately forms the evidence for new clinical guidelines, drug development and government health policy.</p>
<p>However, because it could have such a big impact, the data needs to be relevant, accurate, comprehensive and timely. But despite the best will in the world, and <a href="http://www.farrinstitute.org/public-engagement-involvement/datasaveslives">various high-profile campaigns</a> to promote data use, important data often lies unused.</p>
<p>We have recently completed <a href="http://www.sciencedirect.com/science/article/pii/S1386505616302039">an international study</a> looking at clinical records, research, and regulatory frameworks, to find out why such useful data is often not used, and to explore the implications of this for citizens and society. </p>
<p>We found that there are many reasons for the non-use of health data, and that it is strongly implicated in the deaths of many thousands of people and the potential waste of billions of pounds.</p>
<h2>Medical records</h2>
<p>The UK’s NHS is held in universal high-regard, but it’s common knowledge that hospitals, doctors’ surgeries and other health services are overstretched. We found that this includes IT systems too: their availability varied considerably between each location, often with a continuing reliance solely on paper records. There were limitations on data completeness and availability, and a lack of data sharing between departments too. This has knock-on effects for clinical audits and research relying on the records – to the disadvantage of patient well-being. At the patient level, this may mean tests need to be repeated and treatments delayed. It can also impact the ability of clinician to make an accurate diagnosis. </p>
<p>Although the majority of errors are corrected in good time or have little ill effect, it has been estimated that <a href="http://www.bmj.com/content/353/bmj.i2139">40,000 to 80,000 deaths</a> a year in the US alone are due to misdiagnosis. There will be other reasons, but the non-use of clinical data is highly likely to be a major contributing factor. The high demand on staff to uphold standards of care as a priority, along with other service constraints and budget limitations, means problems persist in relation to clinical data collection and use.</p>
<figure class="align-center ">
<img alt="" src="https://images.theconversation.com/files/193326/original/file-20171105-1032-1ik6sl0.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/193326/original/file-20171105-1032-1ik6sl0.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=400&fit=crop&dpr=1 600w, https://images.theconversation.com/files/193326/original/file-20171105-1032-1ik6sl0.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=400&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/193326/original/file-20171105-1032-1ik6sl0.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=400&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/193326/original/file-20171105-1032-1ik6sl0.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=503&fit=crop&dpr=1 754w, https://images.theconversation.com/files/193326/original/file-20171105-1032-1ik6sl0.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=503&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/193326/original/file-20171105-1032-1ik6sl0.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=503&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">Untitled design.</span>
<span class="attribution"><a class="source" href="https://www.shutterstock.com/image-photo/petri-dish-chemical-powder-medical-records-692316082?src=pZfBdppsL3nrAVkA8v6Ftw-1-5">ViChizh/Shutterstock</a></span>
</figcaption>
</figure>
<h2>Research</h2>
<p>We also found that research carried out by pharmaceutical companies and universities was subject to various types of data non-use. Sometimes data were withheld intentionally, but in the majority of cases research is conducted with integrity and problems are inadvertent. </p>
<p>Pharmaceutical companies <a href="http://www.bmj.com/content/349/bmj.g4670">have been known to</a> delay, or selectively use, clinical trial data for market advantage to the detriment of individuals and healthcare budgets. And even within academia the pressure to perform can influence work carried out and subsequently published. Furthermore, peer-reviewed journals <a href="http://example.com/">strongly favour publishing positive results</a>, making it harder to share valid but negative or inconclusive findings. Altogether, this leads to publication bias. </p>
<p>In <a href="https://www.economist.com/blogs/babbage/2012/11/qa-ben-goldacre">his 2012 book</a>, science writer Ben Goldacre stated that over 100,000 people died in the 1980s due to the inappropriate use of one particular heart drug. Sadly, there had been a small, previous study that indicated a likely problem, but it hadn’t been published at the time. Now there are initiatives like <a href="http://www.alltrials.net/">the AllTrials campaign</a> which strive to promote the proper reporting of clinical trials. Even so, it has been estimated that <a href="http://www.bmj.com/content/352/bmj.i637">less than 50% of findings</a> are reported within two years of study completion. Clearly, more needs to be done here and across the spectrum of research studies to ensure data are used in a timely way. </p>
<h2>Regulations</h2>
<p>Our research also found that problems in using data arise due to regulations for the proper use of data about people. These exist to safeguard patients, the public and professionals. Sometimes, however, these regulations may be implemented in an over-cautious manner, and/or there may be lengthy processes to follow before the data can be used. This may be due to unclear responsibilities or the fear of making a serious mistake. </p>
<p>Sometimes relying on the need for individual consent can limit studies about groups that are difficult to reach, as well as problems such as substance misuse, and any issues seen as sensitive. In the US, for example, people’s records with information on substance misuse have been withheld from research datasets because of privacy concerns. Without being able to access data on this difficult problem, research that would help individuals and their families may be delayed or abandoned. The problem of substance misuse is associated with over <a href="http://www.nejm.org/doi/10.1056/NEJMp1501362">60,000 deaths a year in the US</a> alone, vast costs to society and untold emotional damage.</p>
<h2>What this means</h2>
<p>The implications of data non-use are massive, but none of these problems stand in isolation. It is fully appreciated that there are often very good reasons that health data cannot be used to its best advantage, but there are also many areas where improvements can be made. Clearly, every step in data collection and use is crucial if we are to avoid harm due to non-use.</p>
<p>It can been argued that data non-use is a greater risk to well-being than data misuse. The non-use of data is a global problem and one that can be difficult to quantify. As individuals, we have a role to play in supporting the safe use of data and taking part where we are able.</p><img src="https://counter.theconversation.com/content/82453/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Kerina Jones does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>Non-use of data may be an even bigger problem that its misuse.Kerina Jones, Associate Professor of Health Informatics, Swansea UniversityLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/773332017-09-26T17:07:13Z2017-09-26T17:07:13ZAt last, young people’s voices are being heard about the future of the NHS<figure><img src="https://images.theconversation.com/files/187357/original/file-20170925-17421-1j1c1um.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Making their mark: the NHS England Youth Forum.</span> <span class="attribution"><span class="source">University of Hertfordshire</span>, <span class="license">Author provided</span></span></figcaption></figure><blockquote>
<p>For me, [being part of the NHS forum] was like being introduced to a whole new world. I wasn’t aware that young people could be offered opportunities like that, to actually talk to key decision makers and get people from really important organisations wanting to come and talk to us … It’s helped me with my communication skills … it’s taught me how to speak properly and confidently.</p>
</blockquote>
<p>This was Georgia talking about her involvement in the NHS England Youth Forum (NHSEYF) in 2016. It aims to improve health services for young people and to give them a voice on health issues that matter most to them.</p>
<p>A team from the University of Hertfordshire carried out <a href="http://researchprofiles.herts.ac.uk/portal/files/10549906/An_examination_of_the_work_of_the_National_Health_Service_NHS_England_Youth_Forum_11.10.16_both_logos.pdf">an examination</a> of the work of this forum. We found that the young people were highly motivated and committed to being involved in decision-making about NHS services. They found contributing to society through this forum a valuable opportunity and welcomed having their voices heard.</p>
<p>What emerged from our interviews was how much commitment there is among young people about the future of the NHS. Here’s Josh: </p>
<blockquote>
<p>It’s a major concern for me about the NHS … and I want to improve it,
I want to give back … After being elected as young mayor in our local
area … we get lots of opportunities about how we can contribute back
to society and one of them was the NHS Youth Forum … I saw it and I
thought what a brilliant opportunity that would be to kind of get my voice
heard, obviously as a service user but also as someone who represents
young people locally. It was a brilliant opportunity.</p>
</blockquote>
<p>Georgia, who we have heard from before, had another more personal reason for being committed to having a say in the running of the NHS:</p>
<blockquote>
<p>The reasons behind why I wanted to join were more personal … I was
quite passionate about mental health because my [relative] suffers from schizophrenia.</p>
</blockquote>
<p>It is important to listen to young people about services that directly affect them. In the UK, the idea of youth forums is now well recognised. There are more than 620 youth councils and forums in existence aiming to give young people the opportunity to be involved in decision-making in their local communities. One example is the <a href="http://www.high-trees.org/our-services/children-young-people-families-services/youth-forum/">High Trees Community Development Trust</a> which focuses on social issues that affect young people and provides training and support so that they can feel confident to participate in the decision-making process.</p>
<h2>What is the NHS England Youth Forum?</h2>
<p>The NHSEYF was established in 2014 to allow young people to participate in decision-making about the NHS. The aim was to <a href="http://www.byc.org.uk/wp-content/uploads/2016/09/NHS-Youth-Forum-Tip-Brochure-FINAL.pdf">give young people the opportunity</a> to have a voice and “to contribute to improving and developing services for young people”. </p>
<p>There are 25 members of the NHSEYF ranging between the ages of 11 and 25. Publicity snowballed with the introduction of <a href="http://www.england.nhs.uk/tag/nhs-youth-forum/">their own website</a>, <a href="http://www.facebook.com/NHSEnglandYF">Facebook page</a> and <a href="https://twitter.com/nhsyouthforum?lang=en">Twitter feed</a>.
Following the establishment of the NHSEYF, a number of other local forums for children and young people have developed within local hospitals and other areas across the UK including <a href="http://www.gosh.nhs.uk/teenagers/teengosh-community/young-peoples-forum">England</a>, <a href="http://www.nhsgrampian.co.uk/nhsgrampian/InvolvingYou.jsp?pContentID=8975&p_applic=CCC&p_service=Content.show&">Scotland</a>, <a href="http://www.caerphilly.gov.uk/News/News-Bulletin/June-2017/Caerphilly%E2%80%99s-Youth-Forum-makes-great-progress-with">Wales</a> and <a href="https://www.niyf.org/ukyp-ukirc/">Northern Ireland</a>.</p>
<h2>Getting involved</h2>
<p>We found that NHSEYF members were involved in an extensive range of activities and commitments at local level – including hospital committee membership, local youth forum events and seminars as well as high-profile national events such as the <a href="http://www.nhssurveys.org/surveys/769">National Children’s Inpatient Survey</a>, national conferences and attendance at the <a href="https://www.england.nhs.uk/participation/get-involved/how/nhs-citizen/">NHS Citizen’s Assembly</a>.</p>
<p>Attending these events raised the profile of children and young people’s needs and allowed the NHSEYF’s members to be active in consultancy-type roles. Our interviews with participants provided clear evidence that the young people were highly motivated and committed to the giving of their own time to ensure the youth voice was heard and represented.</p>
<p>The young people play a pivotal role within NHS England and their knowledge of their home community enabled them to network with professionals and peers within local and national government arenas in order to influence and get involved in decisions about children and young people’s care needs. Evidence from the data collected suggests that the personal growth and development of the young people involved is also likely to have influenced the success of the NHSEYF.</p>
<h2>Measuring impact</h2>
<p>Our evaluation of the NHSEYF clearly demonstrates the impact of the voice of young people. The Youth Forum Wheel (below) was developed to highlight key areas of importance, as a model that can be applied elsewhere. </p>
<figure class="align-center ">
<img alt="" src="https://images.theconversation.com/files/182963/original/file-20170822-22283-s7pnzw.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/182963/original/file-20170822-22283-s7pnzw.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=574&fit=crop&dpr=1 600w, https://images.theconversation.com/files/182963/original/file-20170822-22283-s7pnzw.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=574&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/182963/original/file-20170822-22283-s7pnzw.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=574&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/182963/original/file-20170822-22283-s7pnzw.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=721&fit=crop&dpr=1 754w, https://images.theconversation.com/files/182963/original/file-20170822-22283-s7pnzw.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=721&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/182963/original/file-20170822-22283-s7pnzw.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=721&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">The YFW is offered as a model that has the potential to underpin the development of other youth forums, both within and outside of a health context.</span>
<span class="attribution"><span class="source">University of Hertfordshire</span>, <span class="license">Author provided</span></span>
</figcaption>
</figure>
<p>It’s important that central and local government measures improvement outcomes for people’s health and/or lifestyles by listening to their views directly rather than focusing on statistics or figures. There is also a recent growing emphasis on services actively involving children, young people and parents and/or carers in the commissioning, development and evaluation of services. </p>
<p>There is a need for ongoing research and funding to ensure that this youth forum model is widely recognised and extended. At the heart of this is recognising the commitment, motivation and enthusiasm shown by these young people in positively influencing service provision for children and young people. As one of our interview subjects concluded:</p>
<blockquote>
<p>I think the most key point is showing adults that young people want to have their voices heard … yes the NHS England Youth Forum has done its job because health professionals were coming to speak to us and saying: ‘Oh, how do we engage with people?’</p>
</blockquote>
<p>It is about time we listened to the young people who will determine the future health of the country and take their views seriously. The NHS England Youth Forum aims to do just that.</p>
<hr>
<p><em>Youth Forum members’ names have been changed in line with the ethics requirements of the project.</em></p><img src="https://counter.theconversation.com/content/77333/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Lisa Whiting receives funding from NHS England.</span></em></p><p class="fine-print"><em><span>Gary Meager receives funding from NHS England</span></em></p><p class="fine-print"><em><span>Julia Petty is affiliated with the Neonatal Nurses Association UK</span></em></p><p class="fine-print"><em><span>Sheila Roberts receives funding from NHS England</span></em></p>Youth forums are valuable in giving young people a say about health provision in their communities.Lisa Whiting, Principal Lecturer and Professional Lead, Children's Nursing, University of HertfordshireGary Meager, Lecturer in Children's Nursing, University of Hertfordshire & Children's Community Rapid Response Nurse Practitioner, University of HertfordshireJulia Petty, Senior Lecturer in Children's Nursing, University of HertfordshireSheila Roberts, Senior lecturer, Children's Nursing, University of Hertfordshire, University of HertfordshireLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/734722017-06-12T10:02:33Z2017-06-12T10:02:33ZThe benefits that a digital healthcare system could bring aren’t out of reach<figure><img src="https://images.theconversation.com/files/173128/original/file-20170609-20835-1ujsa63.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Bringing technology into the healthcare system is overdue, and should be revolutionary.</span> <span class="attribution"><a class="source" href="https://www.flickr.com/photos/neccorp/14466922893/in/photostream/">neccorp</a>, <a class="license" href="http://creativecommons.org/licenses/by/4.0/">CC BY</a></span></figcaption></figure><p>Imagine a day where you don’t have to wait weeks to see your GP, followed by a further wait for medical test results and then still more waiting before being seen by a specialist. We know that changing demographic trends, an ageing population and rising rates of chronic illnesses are creating huge demand for health care and social care services. Given the sophistication of 21st-century technology, how could our health care system be changed to better cope with the population it serves? </p>
<p>An <a href="https://www.england.nhs.uk/digitaltechnology/info-revolution/">efficient healthcare system of the future</a> should empower medical practitioners and patients. It should be able to detect early warning signs that may indicate illness or behaviour that is likely to lead to poor health. For example, reduced physical activity, missed medication or appointments, social isolation, trips and falls at home. Systems could be designed to contact and alert clinicians or carers without further human intervention.</p>
<p>While a meeting with a GP for most people these days is fleeting and lasts only a few minutes, even that short time could be more meaningful. Armed with data gathered from sensors in your home, your wearable devices and mobile phone, the doctor could, with the push of a button, run advanced data analytics designed to make sense of this information about lifestyle, physical activities, social habits, adherence to medication regimes or sleep patterns and their health implications. The decisions they make would then be based on far more data than would otherwise be available – all within the limited time available for consultation. More informed decisions that involve the patient could lead to a better outcome for all.</p>
<p>To get to this position, a digital health system would have to be designed by medical practitioners and engineers working closely together to understand the complex healthcare challenges and their potential engineering solutions. There have been considerable advances in wearable sensors in recent years – and the arrival of the 5G wireless spectrum will provide the capacity for new sensor platforms and devices to capture and share data autonomously between devices and doctors. </p>
<p>For example, researchers from Swansea University <a href="http://www.swansea.ac.uk/media-centre/latest-research/swanseauniversitysmartbandagetobetrialledwithin12months.php">are planning trials</a> of smart, 3D-printed bandages that will use 5G wireless data and nano-sized sensors to transmit information about a patient’s wounds, location and activity. Similar innovations could pave the way for better patient monitoring and engagement, especially in remote or deprived areas. </p>
<h2>Better use of data</h2>
<p>Digital healthcare must be designed to exploit recent advances in computing technology. Smartphones could become advanced tools in the hands of thousands of patients and practitioners. Equipped with the right software, they could provide easily to use, out-of-the-box solutions to major medical challenges – preventing the over-prescription of medication, promoting patient self-care, introducing positive lifestyle changes and warning of the early signs of health problems. </p>
<p>In 2016, <a href="http://www.mobihealthnews.com/content/thirty-six-connected-health-apps-and-devices-fda-cleared-2016">36 devices and medical apps</a> received clearance from the US Food and Drug Administration. These include apps to help people with heart conditions, to help diagnose and treat ADHD in children, apps to help patients manage Type 2 diabetes, and smartphone-based ultrasound scanners and mobile blood glucose monitors. </p>
<p>Researchers from New York University’s Langone Medical Center and SRI International recently developed a new smartphone app that uses machine learning to <a href="https://www.technologyreview.com/s/603200/voice-analysis-tech-could-diagnose-disease/">identify vocal patterns</a> that might signal post-traumatic stress disorder, or even heart disease. Such developments could provide hospital clinicians with new tools to make better diagnoses.</p>
<p>Digital healthcare must make better use of big data analytics and the ability of machine learning algorithms to mine that data and make sense of it, drawing out connections and patterns that are difficult if not impossible to see except at enormous scale. Through analysing the data of many thousands, or hundreds of thousands of individuals, digital healthcare systems will identify emerging social changes and lifestyle trends in their communities. Being forewarned of patterns of change will give health authorities time to respond. New technologies could also provide significant savings in healthcare costs through identifying inefficient and wasteful practices. </p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/NZxCYlIUneg?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
</figure>
<h2>Understanding the challenge</h2>
<p>Many digital healthcare developments are already underway – for example, in West Yorkshire the work of the <a href="http://www.dhez.org">Digital Health Enterprise Zone</a> and Digital Catapult Centre Yorkshire. These organisations held a data innovation challenge focusing on type 2 diabetes, in which entrants were encouraged to explore a number of publicly available datasets, leading to the discovery of <a href="https://www.digitalcatapultcentre.org.uk/diabetes-innovation-challenge-meet-winner/">new ways to use data that offers better insights into the disease</a>. In another example, the Bradford Bright Ideas event held in collaboration with regional NHS Clinical Commissioning Groups, Medipex, DHEZ and Digital Catapult Centre Yorkshire, invited companies to submit bids to address the key healthcare challenges facing the region. The winner from 25 submissions was <a href="http://www.bradfordcityccg.nhs.uk/news/bradford-bright-ideas--winner-announced">myCOPD</a>, an app to help patients manage chronic obstructive pulmonary disease, reducing unplanned A&E visits and helping reduce unnecessary referrals. </p>
<p>These are limited examples, but to develop digital technologies for a nationwide healthcare system is no easy task. It will require considerable cooperation between the NHS, software developers, researchers, companies and other public bodies. Substantially different working cultures must be brought together and, most importantly, there are many privacy issues related to the handling of patients’ data that will prove tricky in the absence of internationally agreed privacy rules and governance frameworks. Intellectual property may also be a hurdle through clashes with existing patents or copyrights. Tackling these issues could be a lengthy process, but the rewards will be worth it.</p><img src="https://counter.theconversation.com/content/73472/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Rami Qahwaji is Professor of Visual Computing at the University of Bradford, the Academic Director of the Digital Catapult Centre Yorkshire and member of the Steering Committee for the Digital Health Enterprize Zone (Academic)</span></em></p>There are many obstacles to bringing the power of 21st-century technology to the NHS. But that shouldn’t stop us trying.Rami Qahwaji, Professor of Visual Computing, University of BradfordLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/589012016-05-05T13:00:15Z2016-05-05T13:00:15ZGoogle is now involved with healthcare data – is that a good thing?<figure><img src="https://images.theconversation.com/files/121378/original/image-20160505-29090-1qwo0s2.jpg?ixlib=rb-1.1.0&rect=0%2C748%2C4167%2C2950&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Your data is as important as who gets to see it.</span> <span class="attribution"><span class="source">phipatbig/shutterstock.com</span></span></figcaption></figure><p>Google has some of the most powerful computers and smartest algorithms in the world, has hired some of the best brains in computing, and through its purchase of British firm Deepmind has acquired AI expertise that recently <a href="https://theconversation.com/googles-go-triumph-is-a-milestone-for-artificial-intelligence-research-53762">saw an AI beat a human grandmaster at the game of go</a>. Why then would we not want to apply this to potentially solving medical problems – something Google’s <a href="https://theconversation.com/googles-larry-page-wants-to-save-100-000-lives-but-big-data-isnt-a-cure-all-28529">grandiose, even hyperbolic statements</a> suggest the company wishes to?</p>
<p>The New Scientist recently <a href="https://www.newscientist.com/article/2086454-revealed-google-ai-has-access-to-huge-haul-of-nhs-patient-data/">revealed</a> a <a href="https://drive.google.com/file/d/0BwQ4esYYFC04NFVTRW12TTFFRFE/view">data sharing agreement</a> between the Royal Free London NHS trust and Google Deepmind. The trust released incorrect statements (<a href="https://www.royalfree.nhs.uk/news-media/news/google-deepmind-qa/">since corrected</a>) claiming Deepmind would not receive any patient-identifiable data (it will), leading to irrelevant confusion about what data encryption and anonymisation can and cannot achieve.</p>
<p>As people have very strong feelings about third-party access to medical records, all of this has caused a bit of a scandal. But is this an overreaction, following <a href="https://theconversation.com/patients-will-resist-medical-record-sharing-if-nhs-bosses-ignore-their-privacy-fears-46147">previous health data debacles</a>? Or does this represent a new and worrying development in the sharing of medical records? </p>
<p><div data-react-class="Tweet" data-react-props="{"tweetId":"727890484044115968"}"></div></p>
<h2>Data analytics</h2>
<p>That the NHS outsources its data analysis requirements is nothing new. The NHS data centre <a href="http://www.hscic.gov.uk/">HSCIC</a> publishes regular data sharing reports, and <a href="http://www.hscic.gov.uk/media/20065/Data-Releases-Register-Oct---Dec-2015/xls/Copy_of_ReleaseRegister20151001_20151231_V03.xlsx">its latest report</a> details releases to companies such as CSL-UK, Northgate, McKinsey, and Dr Foster. These firms will sell the processed data back to the NHS.</p>
<p>Actually, while most NHS data sharing with companies is for so-called secondary purposes that lie outside the provision of direct clinical care, the deal with Google is classed as for direct care. Doctors get <a href="http://arstechnica.co.uk/business/2016/02/googles-deepmind-ai-group-working-with-nhs-to-develop-patient-care-software/">an app called Streams</a> which uses a patient’s live medical data and their historical record to determine their risk of acute kidney injury. </p>
<p>So it makes perfect sense for the app to access personally identifiable data of the patient being treated, and on that basis the claim that “<a href="http://www.dailymail.co.uk/news/article-3571433/Google-s-artificial-intelligence-access-private-medical-records-1-6million-NHS-patients-five-years-agreed-data-sharing-deal.html">Google has access to 1.6m patients’ data</a>” should not be cause for concern. Especially as Google accesses the data mostly indirectly, through an unnamed third party with certified information security standards, circumventing issues around potential abuse of the data by Google.</p>
<h2>Not so clear</h2>
<p>But another stated purpose of the deal is “real time clinical analytics, detection, diagnosis and decision support”, presumably with the intention of building an online platform for “medical-data-analysis-as-a-service”. Anything “as-a-service” normally implies the processing is done in the cloud, although the agreement with Google says little about that. Cloud processing means sensitive personal data will be sent to a Google server at some point.</p>
<p>The inclusion of five years of all patients’ historic data is justified to “aid service evaluation and audit of the new product”. But it’s hard to see how this is different from just using the data to improve the kidney injury algorithm in the first place. Deepmind’s <a href="https://deepmind.com/health">claim that “Streams does not use AI”</a> is downright bizarre in relation to the amount of data they claim to need, as this amount of data is usually used to feed machine learning algorithms that can then make better decisions because of it. Access to this trove of historic patient data will almost certainly come from Google itself.</p>
<p>Otherwise, the agreement with Google professes to be fully compliant with the Data Protection Act, standard medical data principles, and NHS procedures. Data transfer is secure (and encrypted), staff have been trained to respect confidentiality, and the data cannot be used for other purposes than those listed.</p>
<p>One principle mentioned is the <a href="https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/251750/9731-2901141-TSO-Caldicott-Government_Response_ACCESSIBLE.PDF">Caldicott principle</a> of using the minimum data required. But here this appears to be interpreted as: in order to treat one patient using Streams, we need five years’ medical data of 1.6m patients. This is seeing clinical care through a mass surveillance lens – we need all the data on everyone, just in case they require treatment. Conveniently, for clinical treatment matters NHS information governance allows the use of “implied consent” rather than any direct involvement from the subjects themselves.</p>
<h2>Black box surveillance</h2>
<p>The question is, of course, whether we trust Google to stick to these policies. The agreement allows for auditing by the NHS trust, and this may be enough of a deterrent against more direct and blatant abuses.</p>
<p>However, Google deals with personal data constantly: our search histories probably feed back on Google search rankings via some profiling process. Our Gmail emails are scanned for marketing purposes. If we stop Google from recording our location histories for our own use, do they still survive in the Google databases as some “anonymous” person’s location history? There is a lot here that Google is not telling us.</p>
<p>Improving the kidney injury algorithm or developing an analytics platform using medical data will generate more data. Service evaluation of the new product will generate more data. Some of that data will live in the shady world of people profiles, anonymised users, and aggregated user characteristics. It will be data that is somewhat personal but not personal enough for our crude data protection laws to be able to protect it. </p>
<p>In this world of <a href="http://www.hup.harvard.edu/catalog.php?isbn=9780674368279">black box surveillance</a>, Google is probably the world’s biggest player. As long as it offers so little transparency in how it uses and processes data, we have to be wary of it to some degree – and perhaps in this context specifically.</p><img src="https://counter.theconversation.com/content/58901/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Eerke Boiten receives funding from the UK government for the Kent Academic Centre of Excellence in Cyber Security Research, as well as from the EU for an Innovative Training Network in Cyber Security.</span></em></p>There are advantages, too.Eerke Boiten, Senior Lecturer, School of Computing and Director of Academic Centre of Excellence in Cyber Security Research, University of KentLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/461472015-08-19T05:34:05Z2015-08-19T05:34:05ZPatients will resist medical record sharing if NHS bosses ignore their privacy fears<figure><img src="https://images.theconversation.com/files/92278/original/image-20150818-12421-ceynqs.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Who's peeping at your files?</span> <span class="attribution"><span class="source">files by Harry Huber/shutterstock.com</span></span></figcaption></figure><p>Can it really be that giving pharmacists access to their customers’ prescription information, even those pharmacists based in a supermarket, is viewed as a problem? After all, when done so using their professional credentials and code of conduct, with your explicit permission to do so, it seems an example of sensible data sharing.</p>
<p>But in England in 2015, this <a href="http://www.hscic.gov.uk/article/6476/Summary-Care-Record-rolled-out-to-community-pharmacists">exact scenario</a> has been reported as “<a href="http://www.dailymail.co.uk/news/article-3191732/Now-Tesco-access-medical-records-Chemists-supermarket-pharmacies-allowed-access-data-attempt-boost-care-standards.html">Now Tesco has access to your medical records</a>”, with the implication the medical data will be used for marketing purposes. This looks like a serious overreaction – even though there are <a href="https://medconfidential.org/2015/will-high-street-pharmacists-use-the-summary-care-record-to-sell-you-things/">justified concerns</a> about the introduction of this scheme and its operational processes.</p>
<p>One particular centralised NHS patient database is called the <a href="http://systems.hscic.gov.uk/scr">Summary Care Record</a>, from which this particular use of medical data is drawn. There are some <a href="http://www.summarycarerecord.info/">uncertainties</a> on what data is included now and in the future, and on what consent patients have given. But these are not nearly as substantial as the many problems that already surround the – entirely different – <a href="https://theconversation.com/nhs-care-data-still-leaks-like-a-sinking-ship-but-ministers-set-sail-regardless-43977">care.data database</a>. </p>
<p>And that is the problem: the painful, two year saga over care.data has <a href="https://theconversation.com/lack-of-trust-not-privacy-underpins-fears-about-care-data-22971">significantly eroded public trust in NHS England</a> and in the government’s capacity to treat people’s medical records responsibly and competently. Not nearly enough has been done to regain that trust before embarking on other ill-defined schemes. </p>
<h2>No lessons learned</h2>
<p>On the contrary, only this June the government sought to access <a href="http://www.theguardian.com/society/2015/jul/21/pm-plans-patient-data-grab-proposals-seven-day-nhs">GP appointment data</a> including sensitive details, bypassing GPs and patients and instead going directly to the medical systems suppliers. The backlash on this move was effective and a U-turn rapidly followed, but it confirmed what many already suspected about the government’s cavalier attitude to medical confidentiality.</p>
<p>NHS England, meanwhile, has been running a year-long propaganda campaign for <a href="http://www.england.nhs.uk/ourwork/tsd/care-data/">care.data</a>. The Department of Health’s latest quango, the <a href="https://www.gov.uk/government/organisations/national-information-board">National Information Board</a>, has just finished <a href="https://www.gov.uk/government/news/have-your-say-on-the-nib-roadmaps-at-our-regional-events">a series of public meetings</a>, in which they have also been commenting on the care.data fiasco. A “failure to communicate the benefits” is apparently still the <a href="http://jenpersson.com/trust-caredata-benefits/">explanation</a> – no progress there then.</p>
<figure class="align-center ">
<img alt="" src="https://images.theconversation.com/files/92280/original/image-20150818-12433-hzz472.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/92280/original/image-20150818-12433-hzz472.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=400&fit=crop&dpr=1 600w, https://images.theconversation.com/files/92280/original/image-20150818-12433-hzz472.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=400&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/92280/original/image-20150818-12433-hzz472.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=400&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/92280/original/image-20150818-12433-hzz472.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=503&fit=crop&dpr=1 754w, https://images.theconversation.com/files/92280/original/image-20150818-12433-hzz472.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=503&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/92280/original/image-20150818-12433-hzz472.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=503&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">The brand isn’t enough to make patients trust the NHS.</span>
<span class="attribution"><a class="source" href="https://www.flickr.com/photos/comedynose/3797160719">comedynose</a>, <a class="license" href="http://creativecommons.org/licenses/by/4.0/">CC BY</a></span>
</figcaption>
</figure>
<h2>Competence and good intentions</h2>
<p><a href="http://jenpersson.com/public-trust-datasharing-nib-caredata-change/">Rebuilding trust</a> is not easy, and it never happens fast. The public needs to be convinced of both competence and honourable intentions within NHS authorities and the government. </p>
<p>So far, both are lacking. The fiasco of the NHS National Programme for IT, finally <a href="http://www.cl.cam.ac.uk/%7Erja14/Papers/npfit-mpp-2014-case-history.pdf">abandoned in 2011</a> at a cost of billions, still resonates in the people’s minds. Major data breaches are still too frequent, including of <a href="https://www.uclahealth.org/news/ucla-health-victim-of-a-criminal-cyber-attack">medical data</a>, and thus security worries have only added to the existing doubts in this area. </p>
<p>The <a href="https://www.gov.uk/government/publications/review-of-data-releases-made-by-the-nhs-information-centre">Partridge report</a> in 2014 on NHS data sharing identified weak procedures and sloppy practices, concluding that “it is not clear if data has been released for appropriate purposes in all cases”. Following the scandal in 2014 where <a href="http://www.telegraph.co.uk/news/health/news/10906390/Millions-of-NHS-records-sold-to-insurance-firms.html">medical data was sold to insurance firms</a>, tighter definitions of “appropriate purposes” had been expected. Instead, by limiting such use to “<a href="https://medconfidential.org/2014/press-release-care-bill-government-rejects-statutory-caldicott-guardian-for-england/">the promotion of health</a>” in the <a href="http://www.legislation.gov.uk/ukpga/2014/23/contents/enacted">2014 Care Act</a>, the government has made only the most vague constraints on data sharing. In terms of convincing the public of their respect for privacy, this was a missed opportunity. </p>
<p>Reports from the Health and Social Care Information Centre, which manages access to NHS data for third parties, show <a href="http://www.hscic.gov.uk/dataregister">data continuing to flow to commercial customers</a> such as data brokers and analytics companies. It’s unclear how this satisfies the principle that there should be “<a href="https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/200146/Confidentiality_-_NHS_Code_of_Practice.pdf">no surprises</a>” for patients in how their medical data is dealt with. </p>
<h2>Rebuilding trust with patients</h2>
<figure class="align-right ">
<img alt="" src="https://images.theconversation.com/files/92291/original/image-20150818-12443-xovazy.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=237&fit=clip" srcset="https://images.theconversation.com/files/92291/original/image-20150818-12443-xovazy.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=390&fit=crop&dpr=1 600w, https://images.theconversation.com/files/92291/original/image-20150818-12443-xovazy.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=390&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/92291/original/image-20150818-12443-xovazy.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=390&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/92291/original/image-20150818-12443-xovazy.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=490&fit=crop&dpr=1 754w, https://images.theconversation.com/files/92291/original/image-20150818-12443-xovazy.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=490&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/92291/original/image-20150818-12443-xovazy.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=490&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">Fiona Caldicott, appointed patients’ National Data Guardian in November 2014.</span>
<span class="attribution"><a class="source" href="https://assets.digital.cabinet-office.gov.uk/government/uploads/system/uploads/image_data/file/33021/s300_Fiona_960x640.jpg">Crown Copyright</a></span>
</figcaption>
</figure>
<p>While the appointment of Lady Fiona Caldicott as the <a href="https://www.gov.uk/government/news/national-data-guardian-appointed-to-safeguard-patients-healthcare-information">national data guardian</a> should have been a major step forward, even this has been undermined by the postponement of the legal basis for her role, and the fact that the <a href="https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/389219/IIGOP_care.data.pdf">52 questions</a> she’d demanded answers from the government regarding care.data in 2014 <a href="https://theconversation.com/nhs-care-data-still-leaks-like-a-sinking-ship-but-ministers-set-sail-regardless-43977">remain unanswered</a>.</p>
<p>Ultimately, what NHS England and the UK government should do is to face privacy and security risks head-on. Newspaper headlines and the public’s response reveal that these are not just the concerns of fringe privacy campaigners, worries that stand in the way of great health research and public service efficiencies. People are rightly concerned about where their medical data goes, and it’s about time the government and NHS authorities shouldered the responsibility of listening and doing something about it.</p><img src="https://counter.theconversation.com/content/46147/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Eerke Boiten receives funding from EPSRC for the CryptoForma Network of Excellence on Cryptography and Formal Methods, and the Kent Academic Centre of Excellence in Cyber Security Research. He participated as an external reviewer in the 2015 Nuffield Bioethics report on Biological and Health Data.</span></em></p>Repeated data panics have left the public in a state of anger and confusion. How does NHS England fix the problem?Eerke Boiten, Senior Lecturer, School of Computing and Director of Academic Centre of Excellence in Cyber Security Research, University of KentLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/439772015-06-30T05:16:51Z2015-06-30T05:16:51ZNHS care.data still leaks like a sinking ship, but ministers set sail regardless<figure><img src="https://images.theconversation.com/files/86740/original/image-20150629-9099-1mhow2q.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">'We're not sinking, we're just naturally low in the water.'</span> <span class="attribution"><span class="source">boat by Roberto Castillo/shutterstock.com</span></span></figcaption></figure><p>NHS chiefs are pressing ahead with an IT programme that will share identifiable patient records and GP data for uses including medical research, despite it being red-flagged as “unachievable” by a watchdog.</p>
<p>The NHS England <a href="http://www.england.nhs.uk/ourwork/tsd/care-data/">care.data</a> programme is among the major projects given the worst rating by the Cabinet Office’s <a href="https://www.gov.uk/government/policies/major-project-management">Major Projects Authority review</a>, alongside other NHS projects including the Health and Social Care Network (HSCIC) and NHS Choices. The project to build an essential component of this was found by the National Audit Office to be incomplete and represented <a href="http://www.nao.org.uk/report/general-practice-extraction-service-investigation">a “loss of public funds”</a>.</p>
<p>The care.data programme was put on hold in February 2014 following a torrent of criticism which prompted a <a href="http://www.parliament.uk/business/committees/committees-a-z/commons-select/health-committee/inquiries/parliament-2010/cdd-2014/">House of Commons select committee</a> inquiry. Concerns included <a href="https://theconversation.com/outdated-laws-put-your-health-data-in-jeopardy-22465">security and informed consent</a>, the <a href="https://theconversation.com/time-for-some-truth-about-who-is-feeding-off-our-nhs-data-23998">sale of data to commercial companies</a> including insurers and “information intermediaries”, false claims that <a href="https://theconversation.com/your-nhs-data-is-completely-anonymous-until-it-isnt-22924">anonymity could be guaranteed</a> and a complete lack of clarity on the <a href="https://theconversation.com/nhs-must-think-like-google-to-make-data-project-work-27093">scope and purpose</a> of the project. </p>
<p>In fact the programme resembles a textbook example of the failures and problems that have bedevilled many government IT infrastructure projects. It was flagged red in the <a href="https://www.gov.uk/government/publications/major-projects-authority-annual-report-2014">previous review</a> and even now – years after the project began – the report remarks that the business case is still “in the progress of being developed”. </p>
<p>The NAO <a href="https://www.whatdotheyknow.com/request/nao_report_and_ilm_to_hscic">paid an interim visit in 2013</a> to monitor problems with the GP data extraction system (GPES), which manages the provision of data to NHS and third parties. This week their final report stated that GPES was significantly delayed, unlikely to ever provide the NHS-wide service planned, and led to costs more than tripling.</p>
<p>However, ministers are pressing ahead with care.data anyway. Communications with patients from <a href="https://medconfidential.org/2015/press-release-care-data-restart-announced/">Blackburn with Derwen</a>, the first care commissioning group to be selected for a trial, recently announced that care.data would be starting “at the end of June”. Further delays are likely given what we now know about the readiness of the software. Three more areas are due to join this year, with the rest of England to follow after a satisfactory evaluation.</p>
<h2>Re-arranging deckchairs</h2>
<p>The care.data project’s imminent start might suggest that its many problems have been addressed – unfortunately not. Much has happened, very little of substance has changed, and most problems remain. The programme’s leader, Tim Kelsey, still thinks it was <a href="http://www.digitalhealth.net/news/EHI/10103/hscic-confident-in-care.data/">all just a communication problem</a>, and that the benefits have been undersold.</p>
<p>One of the more visible changes is the creation of the <a href="https://www.gov.uk/government/organisations/national-information-board">National Information Board</a> (NIB) within the Department of Health, focused on applying the benefits of data and information technology to the NHS. The somewhat overreaching sound to its name suggests that perhaps health minister Jeremy Hunt and Kelsey, chair of the NIB and the care.data Programme Board, and the NHS England’s national director of patients and information, know something we don’t about the <a href="http://www.telegraph.co.uk/news/11009405/Revealed-Ministers-blueprint-to-share-private-data.html">government’s data sharing agenda</a>. Yet the NIB <a href="https://www.gov.uk/government/publications/implementing-personalised-health-and-care-2020">data plans for the next five years</a> barely acknowledge the many failures of the programme’s original plan.</p>
<figure class="align-center ">
<img alt="" src="https://images.theconversation.com/files/86737/original/image-20150629-9072-1j6b2iw.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/86737/original/image-20150629-9072-1j6b2iw.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=400&fit=crop&dpr=1 600w, https://images.theconversation.com/files/86737/original/image-20150629-9072-1j6b2iw.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=400&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/86737/original/image-20150629-9072-1j6b2iw.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=400&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/86737/original/image-20150629-9072-1j6b2iw.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=503&fit=crop&dpr=1 754w, https://images.theconversation.com/files/86737/original/image-20150629-9072-1j6b2iw.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=503&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/86737/original/image-20150629-9072-1j6b2iw.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=503&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">Medical data might be safer strung on a lanyard than in a database.</span>
<span class="attribution"><a class="source" href="https://www.flickr.com/photos/comedynose/3797160719">comedynose</a>, <a class="license" href="http://creativecommons.org/licenses/by/4.0/">CC BY</a></span>
</figcaption>
</figure>
<h2>Transparency and oversight</h2>
<p>The most promising step forward was the <a href="https://www.gov.uk/government/news/national-data-guardian-appointed-to-safeguard-patients-healthcare-information">appointment of Dame Fiona Caldicott as the national data guardian</a> in November 2014. Highly respected in the field of medical data ethics, her report in December <a href="https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/389219/IIGOP_care.data.pdf">raised 52 questions on care.data that needing answering</a>. </p>
<p>We don’t know if they’ve been answered satisfactorily, because answers were drafted for a programme board meeting earlier this year and have not been made public – nor even shared with the <a href="http://www.england.nhs.uk/wp-content/uploads/2015/05/care-data-advsry-grp-notes-2702151.pdf">care.data Advisory Group</a>. This complete failure of transparency (never mind <a href="http://www.england.nhs.uk/wp-content/uploads/2015/02/propsl-transpncy-pub-cd-papers.pdf">its promise to share papers and minutes</a>) is one reason to hold little confidence in care.data or those running it.</p>
<h2>Consent and information</h2>
<p>The lack of informed consent for patients about what would be done with their data was the main reason given for putting the programme on hold. But this still hasn’t been fixed.</p>
<p>Some 700,000 people thought they had opted out of any sharing of their data for any non-clinical purposes. But the <a href="http://www.hscic.gov.uk/">Health and Social Care Information Centre</a>, which provides data and statistics on the NHS and under whose remit care.data falls, <a href="http://data.parliament.uk/writtenevidence/committeeevidence.svc/evidencedocument/health-committee/handling-of-nhs-patient-data/written/17671.pdf">told parliament that</a> these people would therefore miss out on some preventative, clinical screenings – contrary to assurances. And while this opt-out was <a href="https://youtu.be/Udpaajqg3nE?t=14m20s">promised by Hunt in 2013</a>, the NAO report tells us the parts of the GPES software dealing with opt-outs have yet to undergo any testing. It’s not only the implementation that lags far behind the promises: as things stand, the opt-out also still lacks any legal basis.</p>
<p>The same lack of legal basis applies to Caldicott’s role as national data guardian (now <a href="https://app.box.com/s/ou6341f35q4d4b61mok4/1/3866033883/32281022925/1">expected to begin in 2016 by NIB</a>), the promised sanctions for abuse or misuse of health data, and the legal safeguards on data sharing <a href="http://www.england.nhs.uk/wp-content/uploads/2015/01/care-data-presentation.pdf">promised following the 2014 public consultation</a>.</p>
<h2>Security and privacy</h2>
<p>It looked as if, following the response to the <a href="https://www.gov.uk/government/publications/review-of-data-releases-made-by-the-nhs-information-centre">Partridge Report</a> of HSCIC data sharing, the approach to privacy and security issues relating to sharing with commercial organisations would improve. In practice, however, medical data is still shared with analytics firms, intermediaries and data brokers like Experian. Even proposals to restrict third parties’ access to data to secure data facilities (similar to those for <a href="http://www.ons.gov.uk/ons/about-ons/business-transparency/freedom-of-information/what-can-i-request/virtual-microdata-laboratory--vml-/index.html">census data</a>), which would alleviate many privacy concerns about misuse of highly sensitive individual-level personal data, are being <a href="http://www.hscic.gov.uk/media/16499/Update-to-the-GPES-IAG-on-the-caredata-programme/pdf/Update_to_the_GPES_IAG_on_care.data.pdf">watered down</a>.</p>
<p>The debate on responsible use of medical data has evolved over the last few years, leading to the <a href="http://nuffieldbioethics.org/project/biological-health-data/">Nuffield Bioethics report on the use of healthcare data</a>. Yet despite all the greater understanding we’ve gained, those cheerleading for large-scale commercial exploitation, including Kelsey and minister for life sciences <a href="http://www.conservativehome.com/platform/2015/01/george-freeman-mp-how-technology-will-transform-care-and-debate-about-our-nhs.html">George Freeman</a>, haven’t changed their tune in the slightest. For example, they still advocate sharing genome data <a href="https://theconversation.com/sequencing-your-genome-is-becoming-an-affordable-reality-but-at-what-personal-cost-36720">without acknowledging the privacy risks</a>. </p>
<p>It’s the complete absence of any political will to divert the ship from this dangerous course that’s perhaps the biggest worry of all. Organisations well-versed in the issues such as medConfidential have suggested <a href="https://medconfidential.org/information/towards-every-flow/">constructive solutions</a> to salvage something from the care.data debacle; it seems no one in the Department of Health or NHS England is listening.</p><img src="https://counter.theconversation.com/content/43977/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Eerke Boiten receives funding from EPSRC for the CryptoForma Network of Excellence on Cryptography and Formal Methods, and the Kent Academic Centre of Excellence in Cyber Security Research. He participated as an external reviewer in the 2015 Nuffield Bioethics report on Biological and Health Data, and is in a consortium bidding for EU Horizon 2020 funding in the eHealth area.</span></em></p>Declared ‘unachievable’ by a treasury watchdog, the zombie care.data scheme is back and still full of holes.Eerke Boiten, Senior Lecturer, School of Computing and Director of Academic Centre of Excellence in Cyber Security Research, University of KentLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/291732014-07-16T10:33:14Z2014-07-16T10:33:14ZSnooping on irregular migrants breaches their human rights – and puts us all at risk<p>Recent <a href="http://www.theguardian.com/uk-news/2014/jul/13/home-office-nhs-records-illegal-immigrants">reports</a> have indicated that the Home Office has enjoyed access to the NHS records of more than 6,900 people since 2010, and used information from them for ramped-up efforts to track down illegal migrants. </p>
<p>While data protection laws protect medical records from most types of scrutiny, a largely overlooked exemption has allowed the government to directly access patients’ non-clinical records. No court order is required for this access.</p>
<p>The use (or abuse) of this legal loophole in the keeping of medical records is not just a breach of privacy; it seriously undermines efforts to safeguard migrants’ human rights. And while the immigration authorities have a legitimate obligation to enforce immigration laws, violating human rights is not the way to go about it. On the contrary, it will only drive migrants underground – and put us all at risk at the same time</p>
<h2>Living without fear</h2>
<p>Last year, <a href="http://oppenheimer.mcgill.ca/Francois-Crepeau">Francois Crepeau</a>, the <a href="http://www.ohchr.org/EN/Issues/Migration/SRMigrants/Pages/SRMigrantsIndex.aspx">United Nations Special Rapporteur on the Human Rights of Migrants</a>, presented a <a href="http://daccess-dds-ny.un.org/doc/UNDOC/GEN/G13/134/80/PDF/G1313480.pdf?OpenElement">report on Europe</a> to the <a href="http://www.un.org/apps/news/story.asp?NewsID=45020&Cr=migrants&Cr1=#.UacKj8qVpv8">UN Human Rights Council</a>. In it, he called upon states, at the very least, to build firewalls. These would allow irregular migrants to access healthcare, police and other services without fear that their information could be shared with the immigration authorities, and their immigration status exposed.</p>
<p>Firewalls are not just important for the rights individuals exposed to the Home Office; they also have a potentially major role in protecting the wider public.</p>
<p>Irregular migrants who are victims of or witnesses to a crime must be able to call upon and assist the police without fear of repercussion. Without a firewall between the police and the Home Office, serious criminals who prey on vulnerable irregular migrants are less likely to be arrested or prosecuted. That is true of opportune criminals who do not know that the victims’ immigration status, but also of criminals who prey on such people knowing that they are unlikely to call the police. </p>
<p>A firewall would also ensure that irregular migrants are able to access social services without fear of repercussion. This is vital for the <a href="https://theconversati7on.com/explainer-how-does-the-uk-rank-on-child-well-being-24180">safety of children</a>, the well-being of individuals with disabilities, and the protection of other vulnerable family members.</p>
<p>And as for the current example of healthcare, firewalls would allow irregular migrants to access healthcare providers without fear of their status being revealed. This is crucial not only for their own sakes, but also for ensuring that the general population is protected from the spread of diseases, both through vaccination of all children and the containment of infectious diseases such as tuberculosis, swine flu, and other potential epidemics.</p>
<h2>Urgent need</h2>
<p>Firewalls ensure that a state’s power to expel irregular migrants ought not to interfere with migrants’ ability to access services which are their right. If migrants’ human rights are to be protected, they ought to be able to interact with public administrations without fear of being denounced, arrested, detained and deported.</p>
<p>Many service providers, among them schools and labour inspectors or tribunals (to name a couple), are already prohibited from providing data to immigration authorities. But the recent reports about the use of medical data demonstrate that the UK urgently needs to formally separate its security and human rights concerns.</p>
<p>Human rights, like Ronseal, are exactly what they say on the tin: all people hold them by virtue of being human. Crossing a border in contravention of a law does not dehumanise a person. </p>
<p>Individuals in the UK, be they citizens or migrants, have the right to access <a href="http://www.migrantsrights.org.uk/files/Access-to-Health-Care.pdf">healthcare services</a>, adequate housing and <a href="http://just-fair.co.uk/hub/single/going_hungry_the_human_right_to_food_in_the_uk/">food</a>, to be free from enforced <a href="http://www.abouthumanrights.co.uk/freedom-from-slavery-forced-labour.html">slavery</a>, to enjoy minimum standards of <a href="http://www.adviceguide.org.uk/england/work_e/work_rights_at_work_e/basic_rights_at_work.htm">working conditions</a>, and to have access to <a href="https://www.liberty-human-rights.org.uk/human-rights/justice-and-fair-trials">justice</a> – among many other rights. </p>
<p>The UK, which is and always has been a leader within the modern human rights movement, has an obligation to uphold the rights of all individuals within its territory, regardless of their immigration status. That is the nature and foundation of international human rights law.</p>
<h2>Backwards step</h2>
<p>By using medical records for immigration control purposes, the Home Office is taking a backwards step on protecting and promoting the rights of all people. Irregular migrants will obviously realise that healthcare data is open to scrutiny by the immigration authorities; they will be more reluctant to access healthcare and other services. That will lead to violations of their rights across a range of areas and serious knock-on effects for all of us. </p>
<p>Some British citizens, of course, are hardly concerned with the rights of irregular migrants – despite their being human beings, and therefore legal and moral holders of those rights. But even these hawkish people ought to worry that hindering migrants from safely and privately accessing public services will only endanger the wider population.</p>
<p>The only sensible solution, and the only truly moral one, is to close this gaping legal loophole. Firm and effective firewalls must be put up where they are still sorely lacking; if this is not done, we will all pay for it in the end.</p><img src="https://counter.theconversation.com/content/29173/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Rosa Freedman receives funding from the British Academy and the Society of Legal Scholars</span></em></p>Recent reports have indicated that the Home Office has enjoyed access to the NHS records of more than 6,900 people since 2010, and used information from them for ramped-up efforts to track down illegal…Rosa Freedman, Lecturer in Law, University of BirminghamLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/270932014-06-02T04:58:10Z2014-06-02T04:58:10ZNHS must think like Google to make data project work<figure><img src="https://images.theconversation.com/files/49800/original/mst54h95-1401374902.jpg?ixlib=rb-1.1.0&rect=1%2C0%2C917%2C661&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Remember this look?</span> <span class="attribution"><a class="source" href="https://www.flickr.com/photos/mathowie/7931864/sizes/o/">matheo</a>, <a class="license" href="http://creativecommons.org/licenses/by-nc-sa/4.0/">CC BY-NC-SA</a></span></figcaption></figure><p>As the UK government wrangles with the sticky problem of how to make health records useful for research without compromising privacy, it might look to how Google has evolved for inspiration.</p>
<p>Google was once little more than a database. But with time, it has had to morph into something much more complex as a result of various pressures. This is exactly what <a href="http://www.nhs.uk/NHSEngland/thenhs/records/healthrecords/Pages/care-data.aspx">care.data</a> needs to do now.</p>
<h2>Evolution of a giant</h2>
<p>Google’s search engine has become a way for people to access sensitive and personal information – and as a consequence it has become more than just a resource: it has had to evolve to address the legal and ethical consequences of its potential. This is what is sorely lacking with the proposed overarching medical database in the UK, care.data.</p>
<p>Google gained market dominance as a search engine in 2001, providing a simple service. It didn’t know who you were (you couldn’t even log in) or what you had searched for previously. It just seemed to be finding more search results than previous market leader Altavista, and it presented them in a useful order.</p>
<p>In software engineering, an interface is a simplified view of software which concentrates on what values are put in and what outputs they produce. The essence of the Google interface consists of only three operations: entering a search term, navigating through the outcomes and following a link. </p>
<p>Behind the screens is a large database of information about web pages, which changes over time as Google spots changes in the web. It keeps full control of all copies of this, not least because it is too big to share and contains clever ideas that the company would rather keep under wraps. </p>
<p>Originally, the results of a search query would not depend on your previous Google interactions. Now they do, with Google aiming to build up a precise image of you, what you are searching for, and why. It also allows the company to fine tune what it serves you. The care.data project lacks this kind of sophistication: data is viewed as just a resource.</p>
<h2>From a database to a controlled interface</h2>
<p>A basic database is not controlled or monitored, and the results of queries are not dependent on past queries or other external information. The database and interface are almost inseparable, forming just a data resource.</p>
<p>This is a perfectly sensible approach when it contains no sensitive information, and it is not expected to support a more abstract, higher level, functionality beyond answering queries.</p>
<p>This is precisely how Google has changed since its early days. The old Google was just a service to find out which web pages contain a certain bit of text. Nowadays, Google is a way of finding out about topics and from the legal perspective it is an entry point to sensitive information. It has had to modify its service, in particular its control of the interface, as a result.</p>
<p>Some information, such as illegal pornography or copyrighted material, exist in the database because they are on the web but cannot be allowed show up in search results. Personal information is proving more of a headache. Google faces questions about whether it should remove personal information about people from search results if they ask it to. </p>
<p>There has been widespread speculation that implementing this <a href="https://theconversation.com/right-to-be-forgotten-ruling-highlights-global-reach-of-eu-law-26674">right to be forgotten</a> is a logistical impossibility, but given the variety of existing mechanisms already available and the scale of copyright-related filtering that already happens, this may not be so hard for Google after all.</p>
<h2>Health databases</h2>
<p>Unfortunately, the public debate about a unified treatment of <a href="https://theconversation.com/outdated-laws-put-your-health-data-in-jeopardy-22465">healthcare data</a> has so far failed to move beyond the basic database perspective. The tone was set by David Cameron <a href="http://www.bbc.co.uk/news/uk-16026827">in 2011</a>, when he announced his intention to exploit the mountains of data produced by the NHS.</p>
<p>But a barrage of negative publicity ensued. The sensitive nature of medical data was <a href="https://theconversation.com/your-nhs-data-is-completely-anonymous-until-it-isnt-22924">waved away with the reassurance that all the information would be anonymous</a>. Questions still remain about <a href="https://theconversation.com/time-for-some-truth-about-who-is-feeding-off-our-nhs-data-23998">who gets access to the data</a> and <a href="https://medconfidential.org/2013/care-data-the-creep-begins/">what the overall purpose would be</a>.</p>
<p>The narrative on anonymity may now finally have been <a href="http://theodi.org/lunchtime-lectures/friday-lunchtime-lecture-why-anonymity-fails">fatally undermined</a>. Researchers had long ago <a href="http://strata.oreilly.com/2012/09/assessing-the-real-risks-of-re-identifying-patient-data.html">established</a> that the usefulness of these databases lies in their rich and longitudinal character. Long and detailed stories about people’s health and treatments give deeper insight and a better chance of explanation for their medical histories - but, by much the same process, also into who that person is.</p>
<p>One of the biggest problems is that Health & Social Care Information Centre (HSCIC), the arm’s-length government organisation in charge of care.data, habitually treats medical information as a <a href="http://www.lightbluetouchpaper.org/2014/04/04/latest-health-privacy-scandal/">commodity to be shared freely</a>.</p>
<p>Insurance and pharmaceutical companies have had extensive access to the hospital data it holds. There is an industry of data analytics companies that sell NHS data back to the NHS in a digested or more accessible form. Kingsley Manning, Chair of HSCIC, had to admit in parliament last month that he could not even say <a href="https://medconfidential.org/2014/can-we-know-who-all-the-end-users-of-our-data-are/">who the end users of the data were</a>.</p>
<p>So far, care.data has been presented as yet another database resource for HSCIC to share in full or in part. Given how sensitive the data is, and how sensitive the public is to the kinds of uses made of this, this is insecure and unethical.</p>
<p>Privacy and security risks need to be managed rather than ignored. In other words, the interface needs to be controlled.</p>
<h2>A controlled interface</h2>
<p>In the <a href="http://www.england.nhs.uk/ourwork/tsd/ad-grp/">care.data advisory group</a> established recently, there has been discussion of a <a href="http://www.england.nhs.uk/wp-content/uploads/2014/04/cd-stakeholder-lett.pdf">“fume cupboard” model</a> for access to care.data. This would put in practice some of the lessons from Google’s history.</p>
<p>HSCIC would not share the database, but give others controlled and monitored access to the interface. Established security mechanisms such as <a href="http://csrc.nist.gov/groups/SNS/rbac/faq.html">Role Based Access Control</a> could play a part in ensuring that queries match a defined purpose or policy for each type of user. Existing <a href="http://www.cs.kent.ac.uk/people/rpg/cb492/saaf/">mechanisms, including automated ones, for detecting insider attacks could monitor and dynamically change access policies</a>. </p>
<p>This would put a wealth of modern security engineering technology at the disposal of the protection of one of the most valuable data sets ever established. Better late than never.</p>
<p><em>An extended version of this article is available <a href="http://blogs.kent.ac.uk/eerke/2014/05/29/notjustadatabase/">on the author’s blog</a>.</em></p><img src="https://counter.theconversation.com/content/27093/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Eerke Boiten is a senior lecturer in the School of Computing at the University of Kent, and Director of the University's interdisciplinary Centre for Cyber Security Research. He receives funding from EPSRC for the CryptoForma Network of Excellence on Cryptography and Formal Methods. He is a member of BCS and board member of its specialist group on Formal Aspects of Computer Science. He is also a director (governor) of The John of Gaunt School, a Community Academy.</span></em></p>As the UK government wrangles with the sticky problem of how to make health records useful for research without compromising privacy, it might look to how Google has evolved for inspiration. Google was…Eerke Boiten, Senior Lecturer, School of Computing and Director of Interdisciplinary Cyber Security Centre, University of KentLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/247502014-03-25T16:08:11Z2014-03-25T16:08:11ZFoI reveals cynical logic that compromises NHS data privacy<figure><img src="https://images.theconversation.com/files/44704/original/vpkxyrkx-1395755118.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Tim Kelsey doesn't want you to worry about your data.</span> <span class="attribution"><a class="source" href="http://www.flickr.com/photos/policyexchange/8246157327/sizes/l">Policy Exchange</a>, <a class="license" href="http://creativecommons.org/licenses/by/4.0/">CC BY</a></span></figcaption></figure><p>It’s crunch time for the UK government’s <a href="https://theconversation.com/outdated-laws-put-your-health-data-in-jeopardy-22465">controversial</a> care.data scheme, which has been postponed for the second time. A <a href="http://www.ehi.co.uk/news/EHI/9303/care.data-advisory-group-announced">new advisory panel</a> is starting work this week to try to work out how to get this project off the ground in the face of a significant backlash.</p>
<p>But information that has come to light via the Freedom of Information Act suggests that NHS officials could be seeking to avoid requiring compliance with data protection legislation, and they would be doing this for rather cynical reasons. </p>
<p>Tim Kelsey, the NHS director for patients and information <a href="http://ehi.co.uk/news/EHI/9299/kelsey-admits-care.data-use-unclear">has finally admitted</a> that, to go ahead, care.data must do more than simply more effectively <a href="http://www.england.nhs.uk/wp-content/uploads/2014/01/cd-leaflet-01-14.pdf">informing patients</a> <a href="https://theconversation.com/time-for-some-truth-about-who-is-feeding-off-our-nhs-data-23998">about how their data will be used</a>.</p>
<p>The word “anonymised” has been bandied about by politicians for some time as they try to argue that the sharing of patient records with a variety of third party organisations does not threaten privacy. But this term is open to multiple interpretations and is <a href="http://www.bbc.co.uk/news/health-25919399">frequently</a> <a href="http://www.independent.co.uk/life-style/health-and-families/health-news/doctors-raise-fears-over-sharing-nhs-patient-records-9133807.html">used inappropriately</a>.</p>
<p>These mixed messages, in combination with uncertainty about how anonymity relates to “pseudonymisation” are serving to help the cynical efforts of NHS officials to keep sensitive medical data away from data protection legislation. Their business model appears to rely on this.</p>
<h2>Data protection compliance</h2>
<p>Some of the official statements about the extent to which pseudonymised care.data information is anonymous have been peculiar, to say the least. In particular, Tim Kelsey <a href="http://www.bbc.co.uk/news/uk-england-devon-26030479">stated</a> “No one who uses this data will know who you are”. It is <a href="https://theconversation.com/your-nhs-data-is-completely-anonymous-until-it-isnt-22924">clear that no such promise can be made</a>.</p>
<p>Phil Booth of <a href="http://medconfidential.org/">MedConfidential</a> recently received a <a href="https://www.whatdotheyknow.com/request/review_of_pseudonymisation_at_so#incoming-496410">response to a Freedom of Information request on the Health and Social Care Information Centre’s review of pseudonymisation</a>. Interview summaries contained in this show that multiple HSCIC experts are acutely aware of a serious risk of identifying patients from pseudonymised data.</p>
<p>And a deeper look at the FoI response reveals why this debate is so important. HSCIC believes that sharing of care.data will be exempt from the <a href="http://www.legislation.gov.uk/ukpga/1998/29/contents">Data Protection Act</a> as long as pseudonymisation is applied. An <a href="https://www.whatdotheyknow.com/request/199078/response/497125/attach/2/NIC%20252419%20H7K8Q%20Final%20FOI%20Response.pdf">FoI response</a> just received by <a href="http://www.care-data.info/">Dr Neil Bhatia</a> confirms this even more explicitly. This conclusion cannot be derived from the Information Commissioner Office’s <a href="http://ico.org.uk/for_organisations/data_protection/topic_guides/%7E/media/documents/library/Data_Protection/Practical_application/anonymisation-codev2.pdf">guidelines on anonymisation</a>, which take a more sophisticated line.</p>
<p>Kelsey and his NHS spin doctors cannot afford to lose this argument on behalf of the HSCIC. If pseudonymised care.data information is truly anonymous, no-one who holds or receives such data incurs any obligation towards the data subjects. They will therefore be free to process the data in any way they like and take automated decisions on the basis of that processing that affect patients.</p>
<p>That would not be the case if the information were covered by the DPA. Handling the data would be constrained and require patient consent and information – and thus be much more expensive through the imposed administrative burden. That makes this a fight worth having from their perspective.</p>
<p>HSCIC needs to share care.data with its “customers”. HSCIC’s own corporate <a href="https://dl.dropboxusercontent.com/u/66953350/3b%20%28i%29%20Corporate%20Risk%20and%20Issues%20Register.pdf">risk register</a> strongly implies that it needs to keep income coming in to survive so it’s little wonder that HSCIC staff cynically <a href="http://www.hscic.gov.uk/article/4164/Sustaining-Public-Trust-in-Health-Data">view public opinion as a distraction</a>. Many of the interviews in Booth’s FoI response show little regard for patient consent.</p>
<p>The case that <a href="https://theconversation.com/your-nhs-data-is-completely-anonymous-until-it-isnt-22924">pseudonymised care.data is re-identifiable</a> has been made several times. <a href="http://www.timeshighereducation.co.uk/comment/letters/safeguarding-patient-data/2012114.article">Cambridge researcher Ross Anderson and other experts</a> have made it, as has <a href="https://twitter.com/bengoldacre/statuses/438333432683581440">Doctor and journalist Ben Goldacre</a>. HSCIC experts know it. Probably even Tim Kelsey does. I’ve personally raised the issue on Twitter, directing some of my comments at Kelsey. He has since blocked me.</p>
<p>And the battle is about to get bigger. According to Booth’s FoI response, some HSCIC experts fear that the upcoming European Data Protection Directive will increase protection for pseudonymised data. It will also increase fines for breaches to 2% or even 5% of the offending company’s turnover.</p>
<p>In light of this, attempts by the UK government to delay this directive may take on a new meaning. David Cameron wants the UK to be a <a href="http://www.bbc.co.uk/news/uk-16026827">world leader in the exploitation of health data</a>. Let’s hope he has a little more respect for patient privacy than HSCIC.</p><img src="https://counter.theconversation.com/content/24750/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Eerke Boiten is a senior lecturer in the School of Computing at the University of Kent, and Director of the University's interdisciplinary Centre for Cyber Security Research. He receives funding from EPSRC for the CryptoForma Network of Excellence on Cryptography and Formal Methods. </span></em></p>It’s crunch time for the UK government’s controversial care.data scheme, which has been postponed for the second time. A new advisory panel is starting work this week to try to work out how to get this…Eerke Boiten, Senior Lecturer, School of Computing and Director of Interdisciplinary Cyber Security Centre, University of KentLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/224642014-02-05T14:48:54Z2014-02-05T14:48:54ZWhat the NHS can learn from the smartphone on data consent<figure><img src="https://images.theconversation.com/files/40323/original/qrwp9z4q-1391190132.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Instant access to health data is becoming the norm so we are wise to the implications.</span> <span class="attribution"><span class="source">IntelFreePress</span></span></figcaption></figure><p>In the run up to the introduction of the NHS <a href="http://www.england.nhs.uk/wp-content/uploads/2014/01/cd-gp-faqs.pdf">care.data programme</a>, there is an urgent need for a debate about what we, and our healthcare providers, mean by the term “consent”.</p>
<p>So far, the plans for care.data are ringing alarm bells, and for good reason. But we are becoming more and more comfortable with handling our own data when we use technology such as smart wristbands and apps that track our diets. If the NHS took heed of how this field is handling the difficult issue of personal privacy, it might have more success winning over a wary public.</p>
<h2>What is consent?</h2>
<p>Neither the aggregation, nor sharing of the data in the NHS database will require the explicit consent of the patients concerned. While it is claimed that data will be <a href="http://www.hscic.gov.uk/article/2741/New-Anonymisation-Standard-for-the-publication-of-health-and-social-care-data-becomes-effective-on-30-April-2013">anonymised</a>, the records can include data which could, if certain precautions are not taken, be used to <a href="https://theconversation.com/outdated-laws-put-your-health-data-in-jeopardy-22465">re-identify individuals</a>.</p>
<p>All patients are automatically included in the system, with the option of “opting-out” by writing to their GP. Such basic privacy control presents patients with an all-or-nothing choice regarding how their health records are shared. There is currently no way for patients to express preferences about which parts of their record they would like to share, specific purposes for which they may or may not be used, and what should be allowed to happen with findings derived from them.</p>
<p>The rollout of this system raises the urgent need for a public debate on the issues of privacy of medical information. Certainly, such information has the potential to help improve health services and identify problem areas, as well as being useful for research. But it also raises fears that sensitive data will be leaked, abused, or used in ways which are contrary to patients’ wishes.</p>
<p>Since patients will not be informed if, when and with whom their data is shared, deciding not to opt-out equates to a high degree of trust in the authorities responsible for releasing this information. By using an automatic opt-in approach, this trust is assumed unless otherwise stated. But a recent Wellcome Trust <a href="http://www.wellcome.ac.uk/stellent/groups/corporatesite/@msh_grants/documents/web_document/wtp053205.pdf">survey</a> revealed that the public does not trust institutions enough to support that assumption.</p>
<p>Even if all patients were educated about the care.data system, and aware of both their implied consent and the possibility of opting-out, the project is still playing fast and lose with the term “consent”. Does the word retain any meaning when the scope and number of actions being consented to is so open, and when there is no way for the consenting party to easily remain informed as to what they have consented to?</p>
<h2>Health data in your hand</h2>
<p>But beyond traditional healthcare systems, people are beginning to collate, manage and make use of their own healthcare information. Mobile devices such as smartphones and wearable computers, and the plethora of applications running on them, means that people are collecting and manipulating their data like never before. They are keeping track of their heart rate, their weight, and even their sleep patterns. They are storing information about their excercise regime and even sharing it <a href="https://theconversation.com/scoff-now-but-youre-probably-getting-a-smartwatch-17960">online</a>.</p>
<p>This personalised e-health movement also faces issues of privacy and security but the patient or user remains the undisputed owner of their data and is naturally at the centre of all decisions about access and usage. In this domain, a number of technologies are under investigation that could lead to a healthier balance between patient privacy and end-user utility of health information.</p>
<p>The <a href="http://www.trump-india-uk.org/">TRUMP UK-India project</a> is a good example of trying out mobile technology to help people in rural areas manage their own health in a way that feels secure. Patients suffering from chronic illnesses, such as diabetes and depression, use smartphones to monitor their condition, which could involve the collection of data such as location and activity, mood or diet diaries and blood pressure readings. GPs and care providers can then access this data and use it to make decisions about the patient’s care.</p>
<p>Part of this project involves helping patients and GPs to define rich, machine-readable policies, which reflect their privacy preferences. These policies are essentially fine-grained statements of conditional consent, and allow third party access to be automatically restricted to cases which respect patients’ wishes. It shows that it is possible to at least look into making detailed consent part of the system, something which the NHS might want to think about for care.data, even at this advanced stage.</p>
<p>This is nothing, of course, if patients cannot verify that their wishes are being respected. Care.data might make patients less uncomfortable if they could be provided a degree of transparency about what has been done with their data. Technology can be used to capture the provenance of data, detailed machine and human-readable audit trails which allow patients to trace the history of their data, from doctor’s surgery to research laboratory.</p>
<p>A wide-reaching database such as care.data requires a more refined approach to patient consent management and involvement than what we are seeing in the NHS. Together, provenance and policies provide a means to manage rich and dynamic patient consent, while building confidence that their wishes are being respected.</p>
<p>Scaling the kinds of technology seen in the TRUMP project to massive use will be extremely challenging. However, they will hopefully allow future systems to effectively balance the potential benefits for data users with the complex and dynamic privacy and ethical preferences of patients.</p><img src="https://counter.theconversation.com/content/22464/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Chris Burnett conducts research supported by an award made by the RCUK "Bridging the Urban Rural Divide" programme, award reference: EP/J00068X/1.
</span></em></p><p class="fine-print"><em><span>Edoardo Pignotti conducts research supported by the award made by the RCUK Digital Economy programme to the dot.rural Digital Economy Hub; award reference: EP/G066051/1.</span></em></p>In the run up to the introduction of the NHS care.data programme, there is an urgent need for a debate about what we, and our healthcare providers, mean by the term “consent”. So far, the plans for care.data…Chris Burnett, Research Fellow, University of AberdeenEdoardo Pignotti, Research Fellow, University of AberdeenLicensed as Creative Commons – attribution, no derivatives.