Category Archives: comm consent

The illusion that might cheat us: ethical data science vision and practice

This blog post is also available as an audio file on soundcloud.


Anais Nin, wrote in her 1946 diary of the dangers she saw in the growth of technology to expand our potential for connectivity through machines, but diminish our genuine connectedness as people. She could hardly have been more contemporary for today:

“This is the illusion that might cheat us of being in touch deeply with the one breathing next to us. The dangerous time when mechanical voices, radios, telephone, take the place of human intimacies, and the concept of being in touch with millions brings a greater and greater poverty in intimacy and human vision.”
[Extract from volume IV 1944-1947]

Echoes from over 70 years ago, can be heard in the more recent comments of entrepreneur Elon Musk. Both are concerned with simulation, a lack of connection between the perceived, and reality, and the jeopardy this presents for humanity. But both also have a dream. A dream based on the positive potential society has.

How will we use our potential?

Data is the connection we all have between us as humans and what machines and their masters know about us. The values that masters underpin their machine design with, will determine the effect the machines and knowledge they deliver, have on society.

In seeking ever greater personalisation, a wider dragnet of data is putting together ever more detailed pieces of information about an individual person. At the same time data science is becoming ever more impersonal in how we treat people as individuals. We risk losing sight of how we respect and treat the very people whom the work should benefit.

Nin grasped the risk that a wider reach, can mean more superficial depth. Facebook might be a model today for the large circle of friends you might gather, but how few you trust with confidences, with personal knowledge about your own personal life, and the privilege it is when someone chooses to entrust that knowledge to you. Machine data mining increasingly tries to get an understanding of depth, and may also add new layers of meaning through profiling, comparing our characteristics with others in risk stratification.
Data science, research using data, is often talked about as if it is something separate from using information from individual people. Yet it is all about exploiting those confidences.

Today as the reach has grown in what is possible for a few people in institutions to gather about most people in the public, whether in scientific research, or in surveillance of different kinds, we hear experts repeatedly talk of the risk of losing the valuable part, the knowledge, the insights that benefit us as society if we can act upon them.

We might know more, but do we know any better? To use a well known quote from her contemporary, T S Eliot, ‘Where is the wisdom we have lost in knowledge? Where is the knowledge we have lost in information?’

What can humans achieve? We don’t yet know our own limits. What don’t we yet know?  We have future priorities we aren’t yet aware of.

To be able to explore the best of what Nin saw as ‘human vision’ and Musk sees in technology, the benefits we have from our connectivity; our collaboration, shared learning; need to be driven with an element of humility, accepting values that shape  boundaries of what we should do, while constantly evolving with what we could do.

The essence of this applied risk is that technology could harm you, more than it helps you. How do we avoid this and develop instead the best of what human vision makes possible? Can we also exceed our own expectations of today, to advance in moral progress?

Continue reading “The illusion that might cheat us: ethical data science vision and practice” »

Are care.data pilots heading for a breech delivery?

Call the midwife [if you can find one free, the underpaid overworked miracle workers that they are], the care.data ‘pathfinder’ pilots are on their way! [This is under a five minute read, so there should be time to get the hot water on – and make a cup of tea.]

I’d like to be able to say I’m looking forward to a happy new arrival, but I worry care.data is set for a breech birth. Is there still time to have it turned around? I’d like to say yes, but it might need help.

The pause appears to be over as the NHS England board delegated the final approval of directions to their Chair, Sir Malcolm Grant and Chief Executive, Simon Stevens, on Thursday May 28.

Directions from NHS England which will enable the HSCIC to proceed with their pathfinder pilots’ next stage of delivery.

“this is a programme in which we have invested a great deal, of time and thought in its development.” [Sir Malcolm Grant, May 28, 2015, NHS England Board meeting]

And yet. After years of work and planning, and a 16 month pause, as long as it takes for the gestation of a walrus, it appears the directions had flaws. Technical fixes are also needed before the plan could proceed to extract GP care.data and merge it with our hospital data at HSCIC.

And there’s lots of unknowns what this will deliver.**

Groundhog Day?

The public and MPs were surprised in 2014. They may be even more surprised if 2015 sees a repeat of the same again.

We have yet to hear case studies of who received data in the past and would now be no longer eligible. Commercial data intermediaries? Can still get data, the NHS Open Day was told. And they do, as the HSCIC DARS meeting minutes in 2015 confirm.

By the time the pilots launch, the objection must actually work, communications must include an opt out form and must clearly give the programme a name.

I hope that those lessons have been learned, but I fear they have not been. There is still lack of transparency. NHS England’s communications materials and May-Oct 2014 and any 2015 programme board minutes have not been published.

We have been here before.

Back to September 2013: the GPES Advisory Committee, the ICO and Dame Fiona Caldicott, as well as campaigners and individuals could see the issues in the patient leaflet and asked for fixes.The programme went ahead anyway in February 2014 and although foreseen, failed to deliver. [For some, quite literally.]

These voices aren’t critical for fun, they call for fixes to get it right.

I would suggest that all of the issues raised since April 2014, were broadly known in February 2014 before the pause began. From the public listening exercise,  the high level summary captures some issues raised by patients, but doesn’t address their range or depth.

Some of the difficult and unwanted  issues, are still there, still the same and still being ignored, at least in the public domain. [4]

A Healthy New Arrival?

How is the approach better now and what happens next to proceed?

“It seems a shame,” the Walrus said, “To play them such a trick, After we’ve brought them out so far, And made them trot so quick!” [Lewis Carroll]

When asked by a board member: What is it we seek to learn from the pathfinder approach that will guide us in the decision later if this will become a national approach? it wasn’t very clear. [full detail end of post]

First they must pass the tests asked of them by Dame Fiona [her criteria and 27 questions from before Christmas.] At least that was what the verbal background given at the board meeting explained.

If the pilots should be a dip in the water of how national rollouts will proceed, then they need to test not just for today, but at least for the known future of changing content scope and expanding users – who will pay for the communication materials’ costs each time?

If policy keeps pressing forward, will it not make these complications worse under pressure? There may be external pressure ahead as potential changes to EU data protection are expected this year as well, for which the pilot must be prepared and design in advance for the expectations of best practice.

Pushing out the pathfinder directions, before knowing the answers to these practical things and patient questions open for over 16 months, is surely backwards. A breech birth, with predictable complications.

If in Sir Malcolm Grant’s words:

“we would only do this  if we believed it was absolutely critical in the interests of patients.” [Malcom Grant, May 28, 2015, NHS England Board meeting]

then I’d like to see the critical interest of patients put first. Address the full range of patient questions from the ‘listening pause’.

In the rush to just fix the best of a bad job, we’ve not even asked are we even doing the right thing? Is the system designed to best support doctor patient needs especially with the integration “blurring the lines” that Simon Stevens seems set on.

If  focus is on the success of the programme and not the patient, consider this: there’s a real risk too many opt out due to these unknowns. And lack of real choice on how their data gets used. It could be done better to reduce that risk.

What’s the percentage of opt out that the programme deems a success to make it worthwhile?

In March 2014, at a London event, a GP told me all her patients who were opting out were the newspaper reading informed, white, middle class. She was worried that the data that would be included, would be misleading and unrepresentative of her practice in CCG decision making.

medConfidential has written a current status for pathfinder areas that make great sense to focus first on fixing care.data’s big post-election question the opt out that hasn’t been put into effect. Of course in February 2014 we had to choose between two opt outs -so how will that work for pathfinders?

In the public interest we need collectively to see this done well. Another mis-delivery will be fatal. “No artificial timelines?”

Right now, my expectations are that the result won’t be as cute as a baby walrus.

******

Notes from the NHS England Board Meeting, May 28, 2015:

TK said:  “These directions [1] relate only to the pathfinder programme and specify for the HSCIC what data we want to be extracted in the event that Dame Fiona, this board and the Secretary of State have given their approval for the extraction to proceed.

“We will be testing in this process a public opt out, a citizen’s right to opt out, which means that, and to be absolutely clear if someone does exercise their right to opt out, no clinical data will be extracted from their general practice,  just to make that point absolutely clearly.

“We have limited access to the data, should it be extracted at the end of the pathfinder phase, in the pathfinder context to just four organisations: NHS England, Public Health England, the HSCIC and CQC.”

“Those four organisations will only be able to access it for analytic purposes in a safe, a secure environment developed by the Information Centre [HSCIC], so there will be no third party hosting of the data that flows from the extraction.

“In the event that Dame Fiona, this board, the Secretary of State, the board of the Information Centre, are persuaded that there is merit in the data analysis that proceeds from the extraction, and that we’ve achieved an appropriate standard of what’s called fair processing, essentially have explained to people their rights, it may well be that we proceed to a programme of national rollout, in that case this board will have to agree a separate set of directions.”

“This is not signing off anything other than a process to test communications, and for a conditional approval on extracting data subject to the conditions I’ve just described.”

CD said: “This is new territory, precedent, this is something we have to get right, not only for the pathfinders but generically as well.”

“One of the consequences of having a pathfinder approach, is as Tim was describing, is that directions will change in the future. So if we are going to have a truly fair process , one of the things we have to get right, is that for the pathfinders, people understand that the set of data that is extracted and who can use it in the pathfinders, will both be a subset of, the data that is extracted and who can use it in the future. If we are going to be true to this fair process, we have to make sure in the pathfinders that we do that.

“For example, at the advisory group last week, is that in the communication going forward we have to make sure that we flag the fact there will be further directions, and they will be changed, that we are overt in saying, subject to what Fiona Caldicott decides, that process itself will be transparent.”

Questions from Board members:
Q: What is it we seek to learn from the pathfinder approach that will guide us in the decision later if this will become a national approach?
What are the top three objectives we seek to achieve?

TK: So, Dame Fiona has set a series of standards she expects the pathfinders to demonstrate, in supporting GPs to be able to discharge this rather complex communication responsibility, that they have under the law  in any case.

“On another level how we can demonstrate that people have adequately understood their right to opt out [..]

“and how do we make sure that populations who are relatively hard to reach, although listed with GPs, are also made aware of their opportunity to opt out.

Perhaps it may help if I forward this to the board, It is in the public domain. But I will forward the letter to the board.”

“So that lays out quite a number of specific tangible objectives that we then have to evaluate in light of the pathfinder experience. “

Chair: “this is a programme in which we have invested a great deal, of time and thought in its development, we would only do this  if we believed it was absolutely critical in the interests of patients, it was something that would give us the information the intelligence that we need to more finely attune our commissioning practice, but also to get real time intelligence about how patients lives are lived, how treatments work and how we can better provide for their care.

“I don’t think this is any longer a matter of huge controversy, but how do we sensitively attune ourselves to patient confidentiality.”

“I propose that […] you will approve in principle the directions before you and also delegate to the Chief Executive and to myself to do final approval on behalf of the board, once we have taken into account the comments from medConfidential and any other issues, but the substance will remain unchanged.”

******

[4] request for the release of June 2014 Open House feedback still to be published in the hope that the range and depth of public questions can be addressed.

care.data comms letter

******
“The time has come,” the walrus said, “to talk of many things.”
[From ‘The Walrus* and the Carpenter’ in Through the Looking-Glass by Lewis Carroll]

*A walrus has a gestation period of about 16 months.
The same amount of time which the pause in the care.data programme has taken to give birth to the pathfinder sites.

references:
[1] NHS England Directions to HSCIC: May 28 2015 – http://www.england.nhs.uk/wp-content/uploads/2015/05/item6-board-280515.pdf
[2] Notes from care.data advisory group meeting on 27th February 2015
[3] Patient questions: http://jenpersson.com/pathfinder/
[4] Letter from NHS England in response to request from September, and November 2014 to request that public questions be released and addressed

care.data – Riding the Change Curve

I’ve been inspired by many people this week.

Shakespeare who is long dead. Another, less famous, we celebrated at her funeral after only a few weeks of living with diagnosed endocrine cancer. She would have turned 76 this week.

The change curve

How do we deal with change?

Anyone familiar with the theory of grief, or more happily (as I am from my previous professional life) the similar theory for managing change, knows the stages along the curve we need to go through, to reach a new status quo after a process of adjustment.

After the initial shock and denial, there may be anger, frustration and fear before any acceptance or new optimism is possible.

Individuals follow the curve at their own pace. Some may not go through each stage. Others may simply be too upset, disagree early, give up with or repel the change, and never reach a comfortable position or commitment to a new status quo.

Whether it is grief or a business change, the natural initial response is emotional, and starts with loss. Loss of a person, of position, of something we cannot control. It can take a great deal of support, time and good communication to go through the journey.

(And yes, there’s a comms lesson for care.data in here.)

Before we begin on a change we need to understand the point from where we are starting. And crucially, to understand that Change is about people, not technology or business process.

The change curve starts with shock

From many people’s perspective, the concept of care.data, has been a shock.

For those working on the project, or at NHS England, that is probably hard to understand. ‘Why on earth all the fuss?’, they may ask. It’s easier to understand, if you realise the majority of the public had no idea at all, our health data was used for anything other than our direct care and some planning. Much less may have been winging its way on the cloud across the Atlantic. It feels like data theft.

It’s easy for those in a technology project to see ‘coded’ health records simply as data.

‘Coded’ is however like saying we speak the ‘French language’. Computers ‘only speak’ code, so telling the public it is coded is either trying naively to make it sound safer than as if ‘plain language’ was sent from the GP system to the central system, or it is misleading.

In the same way, if you say ‘opt out’ the system records  ‘9Nu4’ on your record. In addition, there will be a label to go with it, so if GPs run a report to find everyone who has opted out, they can. It’s not hard to understand that MOTDOB is mother’s date of birth. There is a full public dictionary of these codes.

NHS England and the project team, should also not forget that this is not just ‘data’.

To us, this is our irrevocable health and social imprint. Signposts to who we are, have been and perhaps, will be.

It’s personal and private. And as yet, we may have only shared those facts with our GP. Only our GP and not yet our partners, or parents. And then we find out global Health Intelligence companies might have our sexuality or pregnancy history, conditions we may not have told anyone but the GP. Data intermediaries may have complete picture of prescribed medicines, drawing on information from 100,000 suppliers, and on insights from billions of annual healthcare transactions. “mountains of data from pharmacies, insurance claims, medical records, partners and other sources, 17 petabytes of data spread across 5,000 databases.” We want data used by the right people for the right reasons, and know where it goes and why.

HSCIC is giving it away almost for free.

To them it may be only data. To us it’s intimate.

But for the three of us in this marriage, it’s information which has been used and shared with these third parties, and as far as we can see, only one of us really benefits from the deal. Identifiable or not, is only part of the story. It’s our biography we did not give you permission to read or tell.

The initial shock, fears, anxiety and general disgust that our personal details are sold (sorry) given away on a cost recovery basis charging to cover processing and delivering the service, should therefore be more understandable if you realise it was a complete surprise.

(The surprise may or may not be quite as great as the exploding whale posted via Wired at the end of this post. Go on, you know you want to.)

Change is the only constant. How can we progress?

The Change Curve based on the Kübler-Ross Grief model

 

So, what happens now? How can the public move forward, to get to a position of trust and acceptance, that this is what is already happening with our hospital data (HES), and planned to happen with the majority of our GP stored data in future (whether we like the idea or not)?

In order to move us along the curve, NHS England have a large task ahead. In fact, a series of tasks ahead, which are not going to happen overnight. How are change and communications working together?

As there’s no detailed ‘care.data progress’ public communications easy to see on the top level of NHS websites I can only see other info as it comes out through online search alerts. And since it’s my, my children’s and all of us as citizens, whose data that is being discussed here, I think we should be interested and want to find out and question the ongoing status. The GP FAQs have gone or are hard to find, and the patient FAQs are still inaccurate IMO. This page should be top level leading, not six unsearchable clicks down.

From the latest update in the care.data advisory group meeting notes, with much more concrete progress to see, it is good to see that communications features often, and note ‘a comprehensive engagement plan is already underway.’

That plan will be interesting to see mapped out as time goes on, but I do wonder whether it is the right time to be looking at engagement, when so much for the care.data programme remains to be clarified or is undecided?

Questions remain how less raw data can be given away, further legislation, the ‘one strike and out’  how to deal with data breaches, views on enabling small and medium enterprises (SMEs) data access, GP staff opt out understanding, public op out understanding, clarifying the narrative of risks and safeguards. Some steps to be reviewed not until ‘over the summer’. And that’s only a summary of a summary, I am sure only a glimpse of the foam on the top of the wave of what is being done under the surface.

An engagement plan can’t have gaps. Communications is not one-way, that’s PR. So we can only hope there is a real engagement underway of listening which will result in action, but not in ‘transmit mode’. Engagement needs to be concrete to work from day one. We don’t need a sticky plaster and pat on the head, we need fixes and facts to back them up.

Communications and Change

Why can comms not start now and be added to as we go along, you may ask? Whilst it can, and indeed most communications plans need some flexibility, a good Communications Plan needs to ride leashed tightly to the Change Management Plan.  And given that different individuals are each somewhere different on the change curve, at any given point in time, you need to be able to address questions that any of them may have, simultaneously, regardless of whether they have just heard the news, or are almost finished their change journey. For GPs, their staff, other medical professionals, citizens and patients.

Riding the wave of the change curve, some are nearly back on the beach, when others haven’t yet entered the water. Some have got out and will not be persuaded back. Others may.

Therefore until many of the open issues are resolved, until governance and legislation is clear, unless it is focused on listening and resulting action, most communications can only be wasted PR rhetoric. Perhaps there are great plans. But Houston, we don’t have a communications problem. Honestly. As far as I can see.

There is no communications issue, there are issues which need communication.

Why? Because folks who opted out already will not be sold on the benefits. They will only be convinced by a clear picture of known and well governed, legislated, mitigated risks AND benefits. Then they can weigh up a decision. (Assuming indeed, the Secretary of State is a man of his word and maintains the patients’ right to object, which is not a legislative right.)

“The law is a statutory enactment which requires the disclosure of the data, which means the data becomes exempt from the main parts of the DPA.” (ICO)

For the population not reached yet, however, there is a requirement to at least give fair processing, even if you can debate the fineries, all common sense says make the same mistake twice, and you’re sunk.

The trickiest part in the communications, is to address different segments of the population who are at different points in the curve, at the same time. Some of whom are hard to reach.

I am sure there are many people working behind the scenes to bring about this managed change. Let’s not forget, this programme was intended first to launch a year ago. Professionals are working on this, it’s not new. But Dear God, please don’t launch more communications along the same lines as before. September saw GP materials go out with no training and no measure of how well practices had understood the materials. A misleading poster and misdelivered leaflet for patients created more confusion. Which all went out before proper governance, legislation and technical solutions were in place to make it all work well. The advisory group minutes and Mr.Kelsey’s letter indicate there is much work to be done in these areas still. Yet engagement activities are planned May-July.

To look at basics, I think these three things for starters, need resolved before you can talk about risk mediation:

1. a) Purposes of what data is taken and b) who accesses data:  the care.data addendum which sought wider purposes and third party access by think-tanks and information intermediaries is still to resurface, after being returned by the GPES IAG in February for amendment. Which means final data users remain somewhat undefined. And we’re still pending the complete audit of past and current data recipients through the audit overseen by Sir Nick Partridge. [NB: since done in June < see post]

2. Amber is not Green – data protection: Why is potentially identifiable data and what really quite clearly, will be identifiable when so many companies sole purpose is to take a wide range of data sources and mash them together,  given no data protection in law and no clear choice over its use in HES release?

It may for release from HSCIC be treated more carefully than green data only in so far as it is not publicly published on a website,and goes to committee review, but it may be provided to a wide range of commercial companies who then create information from it which they release.

The raw data’s nature can be sensitive to us and it’s certainly personal, so that we would expect it to be kept confidential, and yet it is  shared and may be combined with recipient’s other data sets are at individual patient level?  It feels like a great big whale in the room – it’s not green, we can’t protect it, but if we close our eyes it might go away.

It’s not conducive to trust, when it feels like a con. Just call me Ishmael.

3. Individual data control – opt out and rights: Point 2 leads to a huge potential iceberg ahead which still needs resolved. The UK and upcoming new EU protection laws and their, the ICO and the HSCIC definition of anonymous and pseudonymous data. We must understand how they are to apply and are not only legal, but feel just and fair to us as citizens. It should be looking ahead to meet the coming law now, shaping not avoiding best practices.

What rights does the individual have? How will GPs resolve their conflict of protecting patient confidentiality and complying with the new law requiring them to release it? Some GPs don’t think it’s a good idea.

There will be some citizens who want no data stored centrally at all and even want their HES back out. What will they say to someone who point blank does not want any of their medical record outside their practitioners’ control?

So, are we about to see a repeat of the same communications catastrophe – launching engagement, before we know what exactly what it is we’re talking about? Surely not. But looking at the calendar…

As an outsider, I just wonder how can effective engagement begin, when questions may be asked which cannot be answered?

Workshops to separate truth from myth, risk going down as well as Ahab in Melville’s story, if you have people who are upset, and you have nothing to offer them but unsupported ‘reassurance’. I’d like to see a webpage or presentation of those myths, because I don’t feel I’ve seen many myself. If anything, issues have been debunked by careful wording rather than straight talking.

Change and Trust

Change can’t be done to us without huge resistance. Change has to happen with us, if we are to trust and adopt it. If collectively we get stuck in anger and fear, we’ll not get to acceptance. And it actually has the potential, suggested Ben Goldacre, if not already done, to leave a negative wake on wider research & society.

There has to be trust in the change, that it is for widely acknowledged ‘right’ reasons.

There has to be trust that the terms of the change are defined and stable. Words such as currently, and initially, have little place in the definition of future agreements.

There has to be trust that what we will lose, is in proportion and outweighed by what we’ll gain from the new.

When we read global stories of how healthcare data is misused, and we can’t see who has access to our own data on any real-time rolling basis, it leaves open the fear that data can be given inappropriately, without check and balance, for months. The recently released register is one good thing to come from the debacle so far, and the further audits are ongoing, expected towards mid-May, but any future register is only going to be publicly accurate 4 times a year. It’s better than nothing, but surely not hard to update in real time.

Until the history is entirely transparent, it is a challenge to see how concerns about past use and lack of past governance, and the lack of trust those errors created will be possible to fix. The sensitivity of our raw data is likely only to increase as scope is broadened in future, and the scale of the requests is expected to increase as the era of Health Intelligence takes off and becomes ever more profitable for those third parties. 

Trust will need to increase if anything proportionately, as this scale and sensitivity increases. So any communications of future releases and their governance needs to be sustained. It’s not an afterthought of ‘what we’ve done’. It’s the key to being allowed to carry on doing it.

Change Managers need to understand an individual’s own story, values and what makes them tick, to have an expectation of what the change impact (possibly negative) will be for individuals or groups and what’s in it for them (the positive) and any wider impacts, for example considering the Public Interest. And all leaders, need to have available from the start, the information which will answer the questions for people in each of these groups, at every stage of the curve.

Decisions in the public interest, may be subjective. Jeremy Hunt has said that we,

will “get through” the heated public debate this scheme has caused regarding patient privacy and the potential for the data to be re-identified.”

I’d like to hope we get more than ‘through it.’

To say that, underestimates the task ahead.

It’s not a tunnel or a final destination, but a process.

And the longer the data is shared over our lifetimes, the more likely it will be re-identified with all the other passive and other Big Data which is shared in our future. So there’s no patch, pop up and coast to the beach. I can only think this is a one time chance, and the leadership comments seem to underestimate it.

It must be done correctly now, to set up a framework which will be robust enough for the future size and complexity of the future Big Data vision.

Legislation to build a solid Future foundation

There are still many unknowns it reads from the meetings, from opt out, to wide ranging governance issues, to securing watertight legislation.  The scale and sensitivity of the data and how it has been handled in the past, shows how the current model is not fit for purpose.

This week there is still crucial legislation being considered which will help to fundamentally cement or fail public trust.

Trust not only in how our data will be governed, but in common sense in our governing bodies. The legislation addresses:

  • Retaining control and management of confidential information
  • Putting the independent Information Governance Oversight panel on a statutory footing
  • Independent oversight over certain directions  and the accreditation scheme
etaining control and management of confidential information – See more at: http://www.allysonpollock.com/?p=1820#sthash.No8G7kcT.dpuf
retaining control and management of confidential information – See more at: http://www.allysonpollock.com/?p=1820#sthash.No8G7kcT.dpuf

I’m no legal beagle, but it appears to make excellent sense and the detailed wording (via Prof. Alison Pollock’s page)  is very straightforward.

I hope it is clear that patient choice and public interest complement one another in these proposals. Just as Dr. Mark Taylor, Chair of CAG, outlined in an excellent essay,

“the current law of data protection, with its opposed concepts of ‘privacy’ and ‘public interest’, does not do enough to recognise the dependencies or promote the synergies between these concepts.”

If the Lords support Life Sciences’ interests, as many in the chamber do, they will need to support the proposals in order to ensure the public remain opted in to care.data.

Without these governance amendments, many more will opt out I am certain from talking to people on the street, and the value of the population-wide database will be undermined. So, the theory on paper next week, will have a crucial role in the practical outcome of the care.data implementation and its lifetime value.

No one said, change is easy

Importantly, in any theory one does well to remember the practical reality. Each response is unique to an individual. No one model will fit all. Each person commences the journey of a changing situation, from a different starting point. We each begin the process from a different level of baseline knowledge. We each have our own ways of dealing with loss, and experience different levels of anger or fear. There are early and late adopters.

Some things are difficult, but have to be gone through. For me, Tuesday was a day of looking back at wonderful memories.

We also sometimes need to accept what cannot be changed. When the time comes, I support the idea that we can live with a disease and dignity, not just the label that we are ‘dying’.

My final inspiration of the week, Kate Granger articulated this, so much better than I could, last week:

“I cannot imagine a human society free from cancer, no matter how much money we invest. As a cancer patient who will die in the relatively near future, I believe rather that instead of reaching for the traditional battle language, [life] is about living as well as possible, coping, acceptance, gentle positivity, setting short-term, achievable goals, and drawing on support from those closest to you.”

 

care.data requires courage from all the parties involved, because everyone is going through a certain process of change and compromise. Even those who planned the now delayed launch, need to recognise a need for change and why we’ve got to put a solid, not rushed foundation in now, and be in it for the long haul to get it right.

With lasting legislative powers, we public can better entrust our faith and data to the system, not just today, but into the future. With a proper independent Governance and oversight process we can hand you our trust for safekeeping with our records in good faith. We can only trust these proposed changes make not just waves, but make real progress.

If nothing really substantial changes in the pause, and we don’t see increased measures to create trust, all that will happen is a build up of frustration and pressure of all the people who can’t move forward from the initial anger and confusion. They will opt out. And there’s a risk public opinion will burst under pressure. No one will want to support health record sharing for any purposes, even bona fide good research, and there will be an explosion of opt outs. Projects will be abandoned, like a dead, washed up whale. (Which you really don’t want to happen. Really. It’s not pretty viewing, don’t say I didn’t warn you. But it’s kind of fascinating too and all the number crunching too.)

This can be avoided.

But plus ça change, plus c’est la même chose. Two months into the pause, are we seeing changes taking effect, or more of the same talk?

I look forward to better information on how and where our data has gone in the past. I think only after that will it be possible to get the history aired and resolved for improved future procedures once we have the complete audit picture, including that under Sir Nicholas Partridge, due towards the end of this month.

The further governance and independent oversight issues will be best resolved in legislation, which would help them be free of political change and create a framework worthy of the big data vision for the future.

In Summary

I hope the Change Management is as carefully thought out as communications and engagement is based on substantive steps before it.

These steps simply, start with:

1. a) Tighten and define clearly the purposes of what data is taken and b) who accesses data. Now and for future change.

2. Amber is not Green – data protection: Tighten what is potentially identifiable data and what really quite clearly, will be identifiable when so many companies sole purpose is to take a wide range of data sources and mash them together.

3. Individual data control – opt out, and legal rights. Will opt out get a statutory footing rather than Mr.Hunt’s word? Will we design now, for change in the UK and upcoming new EU protection laws?

Tighten the processes, define more of the facts, so you know what you’re communicating.  Let people ask questions, and let us have sufficient time to go through the curve.

A rushed rollout, will create more people who block the change, opt out, and never return.

I realise much of this post addresses how I feel, and the feelings I have picked up from care.data events, from others discussing it on the street and school playground. Emotions have a role to play in this discussion, but better facts will go a long way to making objective informed decisions. And crucially, our decision making must be allowed to be objective and free from emotional coercion.

I’m cautiously optimistic and look forward to seeing public materials to get the GP profession and public on board and riding the care.data change curve each at their own pace. There is clearly a tonne of work to be done. It’s not going to be glassy, by any stretch of the imagination, but perhaps we need a few rough times to remind us what matters most to us, and why.

It makes us engage.

The question is, in the coming weeks and months, is NHS England prepared for genuine change and engagement with the public, not just PR?

No Security Blanket – why consent packages fail our children – care.data and more

As a mother, I want to know that my children’s personal data, when it is collected by any organisation, will be kept safe and used in ways I would expect. I see it as my responsibility safeguarding my children today, to also think of their future.

We should seek to protect the fundamentals in the Universal Declaration of human rights for all:

Everyone in the community should find the free and full development of his personality is possible. Everyone has the right to work, to free choice of employment.

In effect, these basic human rights seek to prevent discrimination and interference.

But it feels as though the world around us in England has gone mad. Risking stigma, discrimination, giving our kids’ personal information quite freely away and with it, their future autonomy.

Here’s five recent case studies and why they fail our young people.

The Department of Education’s National Pupil Database & Personal Demographics Service

What About Youth is reportedly using contact details directly from the Personal Demographic Service (PDS) data stored at HSCIC and the schools’ database, the Department of Education’s National Pupil Database, and giving them to IPSOS Mori, the poll research organisation to carry out the What About Youth? study on behalf of the Health and Social Care Information Centre, funded by the Department of Health. To contact our 14-16yr olds directly.

“Your contact details were taken from NHS Registration data, held by the Health and Social Care Information Centre and the Department of Education’s National Pupil Database, which contains details of every pupil in England. The NHS Registration data has been used as it is a reliable source of details such as name, address, date of birth and NHS Number. It does not include any medical data so we don’t know anything about any illnesses or conditions you have had or received treatment for.

We have received approval to use your contact details only for this study. We won’t be using them for any other purpose, nor will we share them with anyone else. “

I don’t know that any parent would find that an expected use of their personal contact details to be contacted by the third party directly.

How is the questionnaire coded I wonder, whilst “the answers will not have the child’s name and address on, so no-one who sees them will know whose they are,” the “aim of the study is to make it easier for doctors, nurses and local authorities to help young people.” So it would appear Local Authority is going to be coded at least. And your individual postcode. And child’s age and gender and ethnicity and more.

If the child (14-16yr olds) agrees to being re-contacted, I would want to know as a parent exactly how, when and for what. But parents are encouraged not to influence the child completing the form, so we may never know. The survey asks about all sorts of insecurities, not all of which I believe every 14 year old will have yet considered. Is it right that the State should intrude with these topics into my child’s private time and thoughts? The content deserves scrutiny from parents before the children are involved. At least, not done in school, we get a letter and know about it at home.

But how can the project ethically ask my child to give their consent to share intimate details not only about themselves but about our whole household and potentially agree to future contact, whilst expressly asking me not to be involved in the decision?

I wonder how pupils will feel whose parents suggest they would prefer their child does not complete it?

Surely if the Department of Education’s National Pupil Database is obligatory it should not assume OK to give out personal contact details to anyone? Some families choose to be ex-directory. Does the cross-purposes use of the Personal Demographics Service make that now impossible?

Should our children and parents, who trust that their personal details are used for registering for the basic rights of health and education, not be allowed to trust those contact details are held in confidence, rather than shared with third parties?

What is the government thinking about, as it manages our young people’s data privacy?

The National Citizen Service and Health Data stored at the Health and Information Centre

While I was looking more closely at the DAAG (HSCIC) minutes this week as related to care.data, I looked at the approval for consent advice and request for future data linkage with the National Citizen Service (NCS) project, open to all 16 and 17-year-olds in England. The request checked that the consent was appropriate for future sharing of Mental health and Hospital Records with the Cabinet Office.

While I was at it, I took a look a close look at the NCS sign up process. At the bottom of the online register in small print was the required check box to proceed:

I agree to my personal data being stored, shared and used by the NCS Trust and other organisations to inform me of NCS and graduate opportunities and to support the delivery of NCS and its graduate programme. I agree to the NCS Terms & Conditions and Privacy Policy.

Then you need to click down twice, to the T&C and Privacy Policy.
From the Terms&Conditions we need to take another step:

Information about you : We will never pass any details you provide to us on to anyone other than those specified in our privacy policy.

You also need to go to the separate Privacy Policy. which turns out stating there is virtually nothing private about managing your personal data after you enquire at all – but is in fact a  ‘Data Sharing Policy’:

 “By submitting the Expression of Interest form you agree to your personal data being stored, shared and used by the NCS Trust (the data controller) and the following organisations: NCS contractors and their sub-contractors, government bodies, strategic partners of NCS, fraud detection organisations, organisations supporting the delivery of NCS or other organisations (including any organisation running or supporting all or part of NCS in the future).”

You must agree or cannot proceed with the application.

Where does the consent to link to a child’s medical Mental Health and Hospital records get asked I wonder? Does it get expressly asked later in the project or on paper because it does not get asked online in the Young Person nor the Adult/Guardian’s sign up. Is this the consent process the DAAG approved? Is it just meant to be included in the blanket “government bodies”? Perhaps the wording is still to be amended?

Sign the child (and your own ‘Guardian’ details) up for NCS and there is no choice but to accept that data sharing agreement. You must accept it to sign up for the programme but there is an open ended who, when and for what in the blanket consent …”supporting all or part of NCS in the future.” The NCS sign-up and consent doesn’t explicitly mention sharing data with named sub-contractors anywhere either.

The charities involved may do great work. But why Serco? Is this the organisation that we would wish to be managing our young people’s personal data? Think I agree with Navca on this one. By signing away rights …”in the future,” we have no idea WHO will own the data  later.

Should our children who need this NCS programme most, not be allowed to particpate unless their personal and potentially medical details go to all these unknown future places?

UCAS and student applications – further education

When I read recently in the Guardian about Ucas selling student records of our under 18s applying to university I was equally surprised.

At a time when teen deaths from alcohol consumption often mixed with energy drinks appear regularly in the news, it is highly irresponsible to me as a parent, to know that a commercial company promoted new energy drinks by sending cans to 17,500 selected students in order to create a “social media buzz”. I know from my own experience, university is often the place we are first exposed to a regular bar life. And so does business.

This goes far beyond the scope of what our teens signing up should expect their data to be used for. Who will decide what products and what uses of data will be acceptable in future?

I am fed up of these blanket consent approaches which deny a service unless we also sign away the knowledge of our personal habits and preferences for others to commercially exploit.

This mixing of purposes in which data privacy is to one’s disadvantage, is an abuse of trust. And it is the importance of trust and exploiting mixed purposes, which for me, has been so starkly highlighted in the management of our medical records.

Dental Service – the NHS Business Service Authority


When I signed the form to pay for my recent dental treatment I read the small print. The Dental Admin Assistant shared my surprise to find that the data processing takes place outside the UK, and requires data sharing with processors in ‘India or Sri Lanka.” WHO WILL USE IT WHERE and FOR WHAT PURPOSES? I am required to sign the form to agree to pay for my treatment. It gives permission to share with Dept of Work and Pensions, HM Revenue and Customs, local authorities and CCGS (then PCTs). But why should the one signature to bind them all, mean sending my personal confidential data abroad, outwith EU data laws even?

Is there fair processing on this form, does it indicate properly for what purposes the wide ranging bodies will be given access? Surely they don’t all need it for “fraud prevention and to ensure correctness” about my dental check up?

If the government bodies are all working together and can share data at will under these blanket assumptions, without our explicit consent or knowledge, then a great number of people will be rightly concerned. I am concerned by powers this Memorandum gives NHS Protect and the Border Agency from 2011 and I am a legitimate resident. ” To provide a centre of excellence for NHS anti-crime work by applying a strategic, coordinated and intelligence led approach.”  I only went for a scale-and-polish!

This default to wide sharing seems to be increasingly seen as the norm. Surely it should be assumed that the minimum data should be shared with the minimum necessary recipients? Current policies seem to have confused a drive for Open Data with giving away our privacy.

How could it be done differently?

If I sign a form to pay for my dental treatment, surely it should be only that. If you want other permissions, ask in other check boxes. I believe our NHS should be managing our NHS data within our borders, but that is a separate debate.

This blanket consent approach excludes the service unless you are happy to give open ended access to your personal data to Government and its contractors.

Should I not be allowed to have NHS dental treatment, for which I pay on completion, unless my personal details go to all these other places?

Let’s consider an alternative. Enable the ability to say yes to paying for my treatment, without sharing fully identifiable data with other government bodies or sending it abroad.

It is one thing to share truly anonymised data. And quite another to extract identifiable personal details for at minimum ten years or longer. Time limit the consent.

If the 14-16yr old on the What About Youth questionnaire agrees to ‘future contact’ they presumably are agreeing to  having identifiable data and contact data kept with their answers, to enable that future contact.

If children agree to the NCS blanket sign up, they are signed up for an unspecified time. These sign ups remove our children’s autonomy later in life, and they can never get it back.

Right now, I wouldn’t let my children’s personal data anywhere near any of these systems if I wanted to retain any future control of it at all. But do I have a choice? My children are in school, and that will mean in the Department of Education’s National Pupil Database. And they will have NHS records. I see some subject access requests ahead.

Given past historical purposes of the ONSET project at the Home Office, Contact Point and DWP I would want to keep my kids’ data free from all of these.

Some may ask, why does it matter?

Because this joining up of services is interweaving systems whose aim is on the one hand compassion and care, with those on the other which are punitive and controlling. Their aims are not aligned. And inevitably it is the systems which shout loudest, under any government of the day, whose opinion tips the balance of purpose and decision making. And recent claims of micro managing in Health show, top down control usually wins.

Because I believe the earlier we label our children the harder it is for them to become anything more.  Inevitably labels shape expectations. Not only for the individual but those who interact with them. It is only the very best educators and social care staff or police or medics who manage to put those aside and see the individual in each episode of contact. The future intent for care.data is integration of data sharing between medical contact, social care and education, under local authorities, health and wellbeing boards and more. How far would the impact of one wrong label spread in a child’s lifetime, in different places?

Because our children should enter adulthood with as few restrictions placed upon their development and self-determination as possible. Even, I would argue, those children who need the contact with all those organisations. I could argue, all the more so, precisely because they have those extra needs and contact. They may need excellent care and transition between youth and adult services. They need it facilitated first and foremost by qualified individuals who are trusted to do the job they trained for and have a vocational passion to complete. Yes the staff need data, but proportionate to the individual need, for the time period it is needed. We need to protect the extra vulnerable in many extra ways.

And we also need to protect the fundamentals in the Universal Declaration of human rights for all. Everyone in the community should find the free and full development of his personality is possible. Everyone has the right to work, to free choice of employment. In effect, these basic human rights seek to prevent discrimination and interference.

Our young people don’t care about the risks of personal data sharing?

Our young people are more savvy than we give them credit for. In a world of shared selfies and social media, it can be wrongly assumed that they are careless with their own privacy. This  Electronic Patient Records work run by the Academy of Engineering in 2010, with support from the Wellcome Trust, came out with a report and seven key questions p.39 which are very pertinent today. The young people identified themselves the risks of prejudice and discrimination. The concerns they raise are no different from concerned adults. Our young people are switched on to the risks of personal data sharing.

When it comes to our children’s data, organisations should be going the extra mile to be transparent. I believe they should carefully consider how the public will perceive anything that looks hidden. Consents should be all up front on the top layer of sign up forms. One consent per sentence. If you want to contact my children, ask me first. And if you offer a public service, would you consider first not piggy-backing a commitment to sharing with other bodies or commercial companies on to the consent package?

Why these blanket consents fail our children

These blanket consents are ubiquitous in modern data sharing, from the obvious supermarket sign ups, to which even David Cameron does not consent, to the totally surprising in education and health. Yet he happily signed us up under a blanket assumed opt in to be ‘willing research patients.’ This mixing of purposes under one blanket consent, in which looking after your data privacy is to one’s disadvantage, or criticised as selfish, is an abuse of trust. And an abuse of our children’s future freedoms. They fail to give proper governance of who will own the data once shared. They fail to give proper information of what it may be used for. And they fail to clearly limit the time period for which the consent is given, and after which data will be destroyed.

Not only trust, but the needs of genuine purposes in the public interest are undermined by mixing all these purposes into one consent. Worse still, assuming yes for all these conflated uses unless you opt out.

If there had been singular purpose, care.data would have been easier to understand and less likely to have failed to win our support.

I for one, am fed up with blanket consent. We can do it differently. We can do better for our children.

 

{cartoon: From Al.com via Scott Stantis 2007}