The UK government’s opposition Labour Party has backed calls for a delay to NHS Digital’s controversial slurp of data held by family doctors as new guidance from the Information Commissioner’s Office sheds light on the legality of the process.
The extraction of GP data, under the auspices of the General Practice Data for Planning and Research programme (GPDPR), is set to go ahead on 1 July with patients able to opt out until 23 June. The use of historic medical data by academics and private-sector market research firms would be irreversible should the plan go ahead, with a public awareness campaign limited to a few tweets and posts on the NHS Digital website, prompting calls for a delay from the British Medical Association, the BCS, and others.
In a letter to Sarah Wilkinson, CEO of NHS Digital, shadow public health minister Alex Norris said he supported the “principle of improved data sharing which is an important step towards planning and research improvements”. However he highlighted a “lack of communication with patients,” adding, “Without consultation and clear communication with patients, trust in this process is undermined.”
“Given the confusion and lack of transparency around this process, I believe that it is vital to delay the introduction of the GPDPR data collection until a public consultation and information campaign has taken place,” the letter said.
In its limited communication with the public, NHS Digital has said that names and addresses would not be shared, except for postcode, protected in a “unique coded form.”
Meanwhile, the initial press release for the programme mentioned “broader general-purpose collection which will enable faster access to pseudonymised patient data for planners and researchers”.
In this context, the clarity of new draft guidance [PDF] from the Information Commissioner’s Office comes into play as it defines the legal use of pseudonymisation as a form of “processing of personal data”.
“Personal data which have undergone pseudonymisation, which could be attributed to a natural person by the use of additional information should be considered to be information on an identifiable natural person,” the guidance says.
Phil Booth, coordinator for campaign group medConfidential, said the guidance made clear that pseudonymised and de-identified data were the same thing and that both were forms of personal data. Because the pseudonymisation is itself a form of data processing, individuals should be given the chance to opt out in a way that is fair and transparent.
NHS Digital has advised GP system suppliers on the tool to be used for the pseudonymisation process. According to Booth, it also reserves the ability to “revert pseudonyms to NHS Number, full postcode and date of birth, which they may clearly have to do when trying to link an individual’s full GP medical history to that same individual’s own hospital data.”
He said the approach taken by NHS Digital in offering a six-week deadline for patients to opt out, without widespread publicity, or full information, such as a legally required Data Protection Impact Assessment, could be challenged as data protection law requires all processing of NHS patients’ health information to be fair and transparent.
Privacy campagner group Foxglove said at the end of last week they are preparing challenges.
NHS Digital has been contacted for a statement.
According to the NHS Digital website, the legal basis for GPDPR is that there is “substantial public interest, for the purposes of NHS Digital exercising its statutory functions… It is substantially in the public interest to process patient data for planning and research purposes to improve health and care services for everyone. This is permitted under paragraph 6 of Schedule 1 of the Data Protection Act 2018 (DPA).” ®