Tag Archives: consent

Wearables: patients will ‘essentially manage their data as they wish’. What will this mean for diagnostics, treatment and research and why should we care? [#NHSWDP 3]

 

Consent to data sharing appears to be a new choice firmly available on the NHS England patient menu if patient ownership of our own records, is clearly acknowledged as ‘the operating principle legally’.

Simon Stevens, had just said in his keynote speech:

“..smartphones; […] the single most important health treatment and diagnostic tool at our disposal over the coming decade and beyond ” Simon Stevens, March 18 2015.

Tim Kelsey, Director Patients and Information, NHS England, then talked about consent in the Q&A:

“We now acknowledge the patient’s ownership of the record […] essentially, it’s always been implied, it’s still not absolutely explicit but it is the operating principle now legally for the NHS.

“So, let’s get back to consent and what it means for clinical professionals, because we are going to move to a place where people will make those decisions as they currently do with wearable devices, and other kinds of mobile, and we need to get to a point where people can plug their wearable device into their medical record, and essentially manage their data as they wish.

“It is essentially, their data.”

How this principle has been applied in the past, is being now, and how it may change matters, as it will affect many other areas.

Our personal health data is the business intelligence of the health industry’s future.

Some parts of that industry will say we don’t share enough data. Or don’t use it in the right way.  For wearables designed as medical devices, it will be vital to do so.

But before some launch into polemics on the rights and wrongs of blanket ‘data sharing’ we should be careful what types of data we mean, and for what purposes it is extracted.It matters when discussing consent and sharing.

We should be clear to separate consent to data sharing for direct treatment from consent for secondary purposes other than care (although Mr Kelsey hinted at a conflation of the two in a later comment). The promised opt-out from sharing for secondary uses is pending legal change. At least that’s what we’ve been told.

Given that patient data from hospital and range of NHS health settings today, are used for secondary purposes without consent – despite the political acknowledgement that patients have an opt out – this sounded a bold new statement, and contrasted with his past stance.

Primary care data extraction for secondary uses, in the care.data programme, was not intended to be consensual. Will it become so?

Its plan so far has an assumed opt-in model, despite professional calls from some, such as at the the BMA ARM to move to an opt-in model, and the acknowledged risk of harm that it will do to patient trust.

The NHS England Privacy Assessment said: ‘The extraction of personal confidential data from providers without consent carries the risk that patients may lose trust in the confidential nature of the health service.’

A year into the launch, Jan 2014, a national communications plan should have solved the need for fair processing, but another year on, March 2015, there is postcode lottery, pilot approach.

If in principle, datasharing is to be decided by consensual active choice,  as it “is the operating principle now legally for the NHS” then why not now, for care.data, and for all?

When will the promised choice be enacted to withhold data from secondary uses and sharing with third parties beyond the HSCIC?

“we are going to move to a place where people will make those decisions as they currently do with wearable devices” [Widening digital participation, at the King’s Fund March 2015]

So when will we see this ‘move’ and what will it mean?

Why plan to continue to extract more data under the ‘old’ assumption principle, if ownership of data is now with the individual?

And who is to make the move first – NHS patients or NHS patriarchy – if patients use wearables before the NHS is geared up to them?

Looking back or forward thinking?

Last year’s programme has become outdated not only in principle, but digital best practice if top down dictatorship is out, and the individual is now to “manage their data as they wish.”

What might happen in the next two years, in the scope of the Five Year Forward Plan or indeed by 2020?

This shift in data creation, sharing and acknowledged ownership may mean epic change for expectations and access.

It will mean that people’s choice around data sharing; from patients and healthy controls, need considered early on in research & projects. Engagement, communication and involvement will be all about trust.

For the ‘worried well’, wearables could ‘provide digital “nudges” that will empower us to live healthier and better lives‘ or perhaps not.

What understanding have we yet, of the big picture of what this may mean and where apps fit into the wider digital NHS application and beyond?

Patients right to choose

The rights to information and decision making responsibility is shifting towards the patient in other applied areas of care.

But what data will patients truly choose to apply and what to share, manipulate or delete? Who will use wearables and who will not, and how will that affect the access to and delivery of care?

What data will citizens choose to share in future and how will it affect the decision making by their clinician, the NHS as an organisation, research, public health, the state, and the individual?

Selective deletion could change a clinical history and clinician’s view.

Selective accuracy in terms of false measurements [think diabetes], or in medication, could kill people quickly.

How are apps to be regulated? Will only NHS ‘approved’ apps be licensed for use in the NHS and made available to choose from and what happens to patients’ data who use a non-approved app?

How will any of their data be accessed and applied in primary care?

Knowledge is used to make choices and inform decisions. Individuals make choices about their own lives, clinicians make decisions for and with their patients in their service provision, organisations make choices about their business model which may include where to profit.

Our personal health data is the business intelligence of the health industry’s future.

Who holds the balance of power in that future delivery model for healthcare in England, is going to be an ongoing debate of epic proportions but it will likely change in drips rather than a flood.

It has already begun. Lobbyists and companies who want access to data are apparently asking for significant changes to be made in the access to micro data held at the ONS. EU laws are changing.

The players who hold data, will hold knowledge, will hold power.

If the NHS were a monopoly board game, data intermediaries would be some of the wealthiest sites, but the value they create from publicly funded NHS data, should belong in the community chest.

If consent is to be with the individual for all purposes other than direct care, then all data sharing bodies and users had best set their expectations accordingly. Patients will need to make wise decisions, for themselves and in the public interest.

Projects for research and sharing must design trust and security into plans from the start or risk failure through lack of participants.

It’s enormously exciting.  I suspect some apps will be rather well hyped and deflate quickly if not effective. Others might be truly useful. Others may kill us.

As twitter might say, what a time to be alive.

Digital opportunities for engaging citizens as far as apps and data sharing goes, is not only not about how the NHS will engage citizens, but how citizens will engage with what NHS offering.

Consent it seems will one day be king.
Will there or won’t there be a wearables revolution?
Will we be offered or choose digital ‘wellness tools’ or medically approved apps? Will we trust them for diagnostics and treatment? Or will few become more than a fad for the worried well?
Control for the individual over their own data and choice to make their own decisions of what to store, share or deny may rule in practice, as well as theory.
That practice will need to differentiate between purposes for direct clinical care and secondary uses as it does today, and be supported and protected in legislation, protecting patient trust.
“We are going to move to a place where people will make those decisions as they currently do with wearable devices, and other kinds of mobile, and we need to get to a point where people can plug their wearable device into their medical record, and essentially manage their data as they wish.”
However as ‘choice’ was the buzzword for NHS care in recent years – conflated with increasing the use of private providers – will consent be abused to mean a shift of responsibility from the state to the individual, with caveats for how it could affect care?
With that shift in responsibility for decision making, as with personalized budgets, will we also see a shift in responsibility for payment choices from state to citizen?
Will our lifestyle choices in one area exclude choice in another?
Could app data of unhealthy purchases from the supermarket or refusal to share our health data, one day be seen as refusal of care and a reason to decline it? Mr Kelsey hinted at this last question in the meeting.
Add a population stratified by risk groups into the mix, and we have lots of legitimate questions to ask on the future vision of the NHS.
He went on to say:
“we have got some very significant challenges to explore in our minds, and we need to do, quite urgently from a legal and ethical perspective, around the advent of machine learning, and …artificial intelligence capable of handling data at a scale which we don’t currently do […] .
“I happen to be the person responsible in the NHS for the 100K genomes programme[…]. We are on the edge of a new kind of medicine, where we can also look at the interaction of all your molecules, as they bounce around your DNA. […]
“The point is, the principle is, it’s the patient’s data and they must make decisions about who uses it and what they mash it up with.”
How well that is managed will determine who citizens will choose to engage and share data with, inside and outside our future NHS.
Simon Stevens earlier at the event, had acknowledged a fundamental power shift he sees as necessary:
“This has got to be central about what the redesign of care looks like, with a fundamental power shift actually, in the way in which services are produced and co-produced.”

That could affect everyone in the NHS, with or without a wearables revolution.

These are challenges the public is not yet discussing and we’re already late to the party.

We’re all invited. What will you be wearing?

********
[Previous: part one here #NHSWDP 1  – From the event “Digital Participation and Health Literacy: Opportunities for engaging citizens” held at the King’s Fund, London, March 18, 2015]

[Previous: part two #NHSWDP 2: Smartphones: the single most important health treatment & diagnostic tool at our disposal]

********

Apple ResearchKit: http://techcrunch.com/2015/03/09/apple-introduces-researchkit-turning-iphones-into-medical-diagnostic-devices/#lZOCiR:UwOp
Digital nudges – the Tyranny of the Should by Maneesha Juneja http://maneeshjuneja.com/blog/2015/3/2/the-tyranny-of-the-should

You may use these HTML tags and attributes: <blockquote cite="">

smartphones: the single most important health treatment & diagnostic tool at our disposal [#NHSWDP 2]

After Simon Stevens big statement on smartphones at the #NHSWDP event, I’d asked what sort of assessment had the NHS done on how wearables’ data would affect research.

#digitalinclusion is clearly less about a narrow focus on apps than applied skills and online access.

But I came away wondering how apps will work in practice, affect research and our care in the NHS in the UK, and much more.

What about their practical applications and management?

NHS England announced a raft of regulated apps for mental health this week, though it’s not the first approved.  

This one doesn’t appear to have worked too well.

The question needs an answer before many more are launched: how will these be catalogued, indexed and stored ? Will it be just a simple webpage? I’m sure we can do better to make this page user friendly and intuitive.

This British NHS military mental health app is on iTunes. Will iTunes carry a complete NHS approved library and if so, where are the others?

We don’t have a robust regulation model for digital technology, it was said at a recent WHF event, and while medical apps are sold as wellness or fitness or just for fun, patients could be at risk.

In fact, I’m convinced that while medical apps are being used by consumers as medical devices, for example as tests, or tools which make recommendations, and they are not thoroughly regulated, we *are* at risk.

If Simon Stevens sees smartphones as: “going to be the single most important health treatment and diagnostic tool at our disposal over the coming decade and beyond,” then we’d best demand the tools that work on them, work safely. [speech in full]

And if his statement on their importance is true, then when will our care providers be geared up to accepting extracts of data held on a personal device into the local health record at a provider – how will interoperability, testing and security work?

And who’s paying for them? those on the library right now, have price tags. The public should be getting lots of answers to lots of questions.

“Over the coming decade”  has already started.

What about Research?: I know the Apple ResearchKit had a big reaction, and I’m sure there’s plenty of work already done on expectations of how data sharing in wearables affect research participation. (I just haven’t read it yet, but am interested to do so,  feel free to point any my way).

I was interested in the last line in this article: “ResearchKit is a valiant effort by Apple, and if its a hit with scientists, it could make mass medical research easier than ever.”

How do we define ‘easier’? Has Apple hit on a mainstream research app? How is ‘mass medical research’ in public health for example, done today and how may it change?

Will more people be able to participate in remote trials?

Will more people choose to share their well-being data and share ‘control’ phenotype data more in depth than in the past?

Are some groups under- or not-at-all represented?

How will we separate control of datasharing for direct care and for other secondary uses like research?

Quality: Will all data be good data or do we risk research projects drowning in a data tsunami of quantity not quality? Or will apps be able to target very specific trial data better than before?

How: One size will not fit all. How will data stored in wearables affect research in the UK? Will those effects differ between the UK and the US, and will app designs need different approaches due to the NHS long history and take into account single standards and be open? How will research take historical data into account if apps are all ‘now’? How will research based on that data be peer reviewed?

Where: And as we seek to close the digital divide here at home, what gulf may be opening up in the research done in public health, the hard to reach, and even between ‘the west’ and ‘developing’ countries?

In the UK will the digital postcode lottery affect care? Even with a wish for wifi in every part of the NHS estate, the digital differences are vast. Take a look at Salford – whose digital plans are worlds apart from my own Trust which has barely got rid of Lloyd George folders on trolleys.

Who: Or will in fact the divide not be by geography, but by accessibility based on wealth?  While NHS England talks about digital exclusion, you would hope they would be doing all they can to reduce it. However, the mental health apps announced just this week each have a price tag if ‘not available’ to you on the NHS.

Why: on what basis will decisions be made on who gets them prescribed and who pays for the,  where apps are to be made available for which area of diagnosis or treatment, or at all if the instructions are “to find out if it’s available in your area email xxx or call 020 xxx. Or you could ask your GP or healthcare professional.”

The highest intensity users of the NHS provision, are unlikely to be the greatest users of growing digital trends.

Rather the “worried well” would seem the ideal group who will be encouraged to stay away from professionals, self-care with self-paid support from high street pharmacies. How much could or will this measurably benefit the NHS, the individual and make lives better? As increasingly the population is risk stratified and grouped into manageable portions, will some be denied care based on data?

Or will the app providers be encouraged to promote their own products, make profits, benefit the UK plc regardless of actual cost and measurable benefits to patients?

In 2013, IMS Health reported that more than 43,000 health-related apps were available for download from the Apple iTunes app store. Of those, the IMS Institute found that only 16,275 apps are directly related to patient health and treatment, and there was much to be done to move health apps from novelty to mainstream.

Reactionary or Realistic – and where’s the Risks Assessment before NHS England launches even more approved apps?

At the same time as being exciting,  with this tempting smörgåsbord of shiny new apps comes a set of new risks which cannot responsibly be ignored. In patient safety, cyber security, and on what and who will be left out.

Given that basic data cannot in some places be shared between GP and hospital due for direct care to local lack of tech and the goal is another five years away, how real is the hype of the enormous impact of wearables going to be for the majority or at scale?

On digital participation projects: “Some of the work that has already been done by the Tinder Foundation, you take some of the examples here, with the Sikh community in  Leicester around diabetes, and parenting in other parts of the country, you can see that this is an agenda which can potentially get real quite quickly and can have quite a big impact.”
(Simon Stevens)

These statements, while each on different aspects of digital inclusion, by Simon Stevens on smartphones, and scale, and on consent by Tim Kelsey, are fundamentally bound together.

What will wearables mean for diagnostics, treatment and research in the NHS? For those who have and those who have not?

How will sharing data be managed for direct care and for other purposes?

What control will the patriarchy of the NHS reasonably expect to have over patients choice of app by any provider? Do most patients know at all, what effect their choice may have for their NHS care?

How will funding be divided into digital and non-digital, and be fair?

How will we maintain the principles and practice of a ‘free at the point of access’ digital service available to all in the NHS?

Will there really be a wearables revolution? Or has the NHS leadership just jumped on a bandwagon as yet without any direction?

****

[Next: part three  – on consent – #NHSWDP 3: Wearables: patients will ‘essentially manage their data as they wish’. What will this mean for diagnostics, treatment and research and why should we care?] 

[Previous: part one – #NHSWDP 1: Thoughts on Digital Participation and Health Literacy: Opportunities for engaging citizens in the NHS – including Simon Stevens full keynote speech]

Thoughts on Digital Participation and Health Literacy: Opportunities for engaging citizens in the NHS [#NHSWDP 1]

“..smartphones […] the single most important health treatment and diagnostic tool at our disposal over the coming decade and beyond “

That’s what Simon Stevens said at a meeting on “digital participation and health literacy: opportunities for engaging citizens” in the National Health Service this week, at the King’s Fund in London.

It seemed a passing comment, but its enormity from the Chief Executive of the commissioning body for the NHS, made me catch my breath.

Other than inspiration from the brilliance of Helen Milner, Chief Executive of the Tinder Foundation – the only speaker who touched on the importance of language around digital participation – what did I take away from the meeting?

The full text of Simon Steven’s speech is below at the end of this post, but he didn’t elaborate further on this comment.

Where to start?

The first thing I took away to think about, was the impact of the statement. 

“the single most important health treatment and diagnostic tool at our disposal over the coming decade and beyond “

So I thought about that more in a separate post, part two.

The second, was on consent.

This tied into the statement by Tim Kelsey, Director of Patients and Information at NHS England. It seems that the era when consent will be king is fast approaching, and I thought about this more in part three.

The third key learning I had of the day, which almost everyone I met voiced to me was, that the “best bit of these events is the learnings outside the sessions, from each other. From other people you meet.”

That included Roger who we met via video. And GP Dr Ollie Hart. All the tweeps I’ve now met in real life, and as Roz said, didn’t disappoint. People with experience and expertise in their fields. All motivated to make things better and make things work, around digital, for people.

Really important when thinking about ‘digital’ it doesn’t necessarily mean remote or reduce the people-time involved.

Change happens through people. Not necessarily seen as ‘clients’ or ‘consumers’ or even ‘customers’. How human interaction is supported by or may be replaced by digital contact fascinates me.

My fourth learning? was about how to think about data collection and use in a personalised digital world.

Something which will be useful in my new lay role on the ADRN approvals panel (which I’m delighted to take on and pretty excited about).

Data collection is undergoing a slow but long term sea change, in content, access, expectations, security & use.

Where, for who, and from whom data is collected varies enormously. It’s going to vary even more in future if some will have free access to apps, to wifi, and others be digitally excluded.

For now, the overall effect is perhaps only ripples on the surface (like interruptions to long-term research projects due to HSCIC data stops after care.data outcry) but research direction, and currents of thought may shift fundamentally if how we collect data changes radically for even small pockets of society, or the ‘worried well’.

My fifth learning, was less a learning and more the triggering of lots of questions on wearables about which I want to learn more.

#digitalinclusion is clearly less about a narrow focus on apps than applied skills and online access.

But I came away wondering how apps will affect research and the NHS in the UK, and much more.

[Next: part two #NHSWDP 2: Smartphones: the single most important health treatment & diagnostic tool at our disposal – on wearables]

[And: part three #NHSWDP 3: Wearables & Consent: patients will ‘essentially manage their data as they wish’. What will this mean for diagnostics, treatment and research and why should we care?]

*****

Full text of the speech given by Simon Stevens, Keynote speaker:

“The reality is we all can see that we’ve got to change […] as part of that we have got to have more integrated services, between primary and specialist services, between physical and mental health services, and between health and social care services.

“And the guiding principle of that integration has got to be care that is personal, and coordinated around individuals, with leadership of communities and patient groups.

“There is no way that can happen without a strong, technological underpinning using the information revolution which is sweeping just about every other part of the economy.

“We are not unusual in this country in having a health sector which has been a little slower, in some respects, than many other parts of national life to take full advantage of that.

“We are not unusual, because that is the experience of health services in every industrialised country.

“We obviously have a huge opportunity, and have a comparative advantage in the way that the NHS is organised, to put that right.

“We know that 8 out of 10 adults are now online, we know that two thirds of people in this country have got smartphones which is going to be the single most important health treatment and diagnostic tool at our disposal over the coming decade and beyond.

“But we know we have got 6.4m people who are not.

“And so when you of course then get serious about who are those six and a half million people, many of them are our highest users of services with the greatest needs.

“So this is not an optional extra. This has got to be central about what the redesign of care looks like, with a fundamental power shift actually, in the way in which services are produced and co-produced.

“This agenda goes to the heart of what we’ve got to get right, not just on inequalities but around co-production of services and the welcome steps that have been taken by the organisations involved, I think that the point is obviously we have now got to scale this in a much more fundamental fashion, but when you look at the impact of what has already been achieved, and some of the work that has already been done by the Tinder Foundation, you take some of the examples here, with the Sikh community in  Leicester around diabetes, and parenting in other parts of the country, you can see that this is an agenda which can potentially get real quite quickly and can have quite a big impact.

“The early evaluation anyway indicates that about half of people involved say they are leading healthier lives on the back of it, 48% in healthy eating, a third do more physical activity, 72% say they have saved money or time.

“Given that we are often talking about resource poor, time poor communities, that is hugely impactful as well.

“So my role here today, I think is simply to underline the weight that we place on this, as NHS England nationally, to thank all of you for the engagement that you have been having with us, and to learn from the discussion we are about to have as what you see where you see key priorities and what you need from us.”

[March 18, 2015 at the event “Digital Participation and Health Literacy: Opportunities for engaging citizens” held at the King’s Fund, London]

 

A care.data Christmas carol

“Marley was dead: to begin with. There is no doubt whatever about that.” [A Christmas Carol, Charles Dickens, 1843]

“Is care.data dead?” I was asked after our children’s nativity today, “what happened to that GP record sharing project?”  The local priest, you may think of all people, wondered what had become of the news stories we had discussed at Easter.

Not dead, I assured him, though it was suggested recently that the Caldicott led Independent Information Governance Oversight Panel (IIGOP) report [1], would be the final nail in the coffin of the past approach [2], and would spell doom ahead in any care.data future were the programme not to follow its recommendations.

I told him the story of the care.data year.

So, are you sitting comfortably? For Christmas is a time of storytelling. At its heart, the story of a birth, which has been handed down through generations.

But here, I borrow from the most famous of all English Christmas stories, a Christmas Carol, by Charles Dickens from 1843. Let us begin.

“Come in!” exclaimed the Ghost. “Come in! and know me better, man!”

The ghost of care.data past rattled its chains and brought no joy in 2014, haunting the current programme with news of past data sharing practices.  At the start of the year, much was made of the 25 years of past use of our health records with third parties about which the public had never been told nor asked for permission, we were told there had never been breaches [3], and there was surprise expressed by NHS England leadership at why care.data, the plan to extract GP records now in addition, should have struck such a nerve in the public. Then they actually ran an audit that told the full story.

Various reports have since tried to vanquish those ghosts which have haunted the rollout of care.data in the past year. Sir Nick Partridge in May led the Review of Data Releases by the NHS IC which looked back at health data sharing of the existing HSCIC held data, and in November, he examined the progress up to the present.[4]  The extent of third party releases including actuarial firms, organisations in the US and China, and commercial re-use was a complete surprise to the public and, his report appeared to suggest to many like him in management as well.

The IIGOP Report published last week on the care.data Programme Board looks to the future. It sets out a thorough set of specific recommendations, questions and tests to meet before it could be reasonable to proceed to a data extraction in the care.data pilot.

The first independent report on care.data, prepared and released under the oversight of the new Data Guardian, Dame Fiona Caldicott, it also captures many sensible and practical questions raised by patients at events all year.

In some ways, whilst sad to see what so many have said was needed has only come to be addressed by an independent body rather than NHS England, recognising the current weaknesses can only be seen as positive to bring about changes. It may have a hope of restoring public and professional trust.

What next steps will come from this for a care.data relaunch by NHS England, and when in future, remain to be seen. [Updates may be here, or here or sometimes here].

Perhaps if the current course of actions is averted, we may not ‘see a vacant seat’ if it all falls apart in 2015 after all.

The CCGs have been given a huge responsibility which is not of their making, if NHS England continues to pilot under CCG-steered rollouts.[5]

One would hope that given the right amount of time needed to manage this change process, and  with the right supporting skills and tools for the practicalities, the care.data programme will take a changed form in the year ahead. It may yet be saved.

But it does seem often that timing is of the essence, and we move from one artificial deadline to the next. The public and GPs wait without the security and confidence of a realistic schedule.  Waiting we wonder if we will reach the next chime due, or the next ghost to haunt the programme will arrive and cause new fright.

It’s no cure all, but it appears the IIGOP has given the programme the gift of one last wonderful opportunity to get this right. It’s requirements are sizeable and will take time to execute sensibly. The report illuminates a future path for progress and shows what must be altered today, to avoid the future it predicts otherwise.

The outcome of care.data rests in the hands of the DH and NHS England. Dependent on the public and professions seeing change.

As Scrooge learns:

“But if the courses be departed from, the ends will change.” [A Christmas Carol, Charles Dickens, 1843]

Ignore the wisdom of the ghosts at your peril. For a changed future outcome,  the actions of the present must change first.

So, humour me awhile, and let’s consider some of the bigger themes in the care.data Christmas carol that CCGs may wish to consider as it deals with preparing for pathfinder pilots…

Chapter 1. “This boy is Ignorance. This girl is Want. Beware them both, and all of their degree, but most of all beware this boy, for on his brow I see that written which is Doom, unless the writing be erased…” [A Christmas Carol, Charles Dickens, 1843]”

What information is getting through from listening events? [6]

There should be no excuse for poverty in the world today, and whilst in my bigger picture wish list, to deal with want would come first, in my care.data Christmas carol list, it is ignorance which cannot be tolerated.

There is no excuse for ignorance, for lack of information, or wondering what questions needed answers to date at the care.data programme board of NHS England.

“How do we explain care.data vs SCR”, “Can you tell me exactly who will access my data?”, “If future purposes change and I want the opportunity to withdraw & opt out, how will I get told?”

The IIGOP report states clearly the current gaps in knowledge and what must be done to fill them, for various parties.

Together with two other major reports this year on health data sharing and care.data: Partridge, and the November 2014 APPG report [7], professional bodies have provided plenty of information and asked plenty of questions which no one now can ignore.

Misplaced statements that there have been no breaches do nothing for public confidence, when later reports show that is ignorant or inaccurate. Big Brother Watch published its report into NHS Data Breaches in November. It found that data security is an ongoing problem, and that over the last four years patient confidentiality had been breached at least 7,255 times.[8]

Facts and answers now need to address the IIGOP report in depth, and meet patients’ past questions, to lay to rest some of the issues which have haunted the programme in the press; unexpected commercial uses, and re-use of data through commercial data licenses, for example.

Adequate time must be given to the CCGs, GPs and patients to be fully informed of the programme and the choice(s) on offer. This is not an IT rollout, but a series of process changes, which need human understanding and acceptance. “What’s in it for me?” versus “What risks may harm me?” need thinking time to be fairly presented and the patient choice collected.

To avoid potential doom whether it be significant opt out or failure to meet fair processing leaving GPs at risk [9], to adequately communicate through effective education, will take effort.

Chapter 2. “Every one of them wore chains like Marley’s Ghost; some few (they might be guilty governments) were linked together; none were free.” [A Christmas Carol, Charles Dickens, 1843]

Understand the links of who, why and what, of data sharing: 

The decision making, the process steps, how patients are told of changes in the programme today and will be in future, how the public perceives their data is exploited, are all linked together by very simply: who stores and uses the data, and for what purposes.

For the programme, it would be wise to understand the importance of the interaction of these parts of the process. Linked appropriately together, and working well, trust will keep the system together.  It fails, and no matter how good the technology is, without trust, the system will fail to deliver its expectations. If too many may opt out, or opt out disproportionately in certain population segments it would harm data quality.

When at the HSCIC data sharing discussion in July it was clear some data recipients were yet to grasp this interdependency, and the effect their attitudes to data use have on each other.

If one [class of] data recipient in future receives or uses data inappropriately, it will harm public faith in all users.

For patients, to have true transparency I believe care.data should be explaining exactly how the data linkage system [10] works, and all the other silos of data it already holds. The personal demographics service, stores a whole set of personal data of which the public maybe unaware, and yet may find used to link data collected from all sorts of parts of health and social care. If NHS data sharing is to be explained, do it all. To avoid doing this, will merely store up a future risk of yet more surprises for patients and damage trust further.

Chapter 3: “I have seen your nobler aspirations fall off one by one, until the master-passion, Gain, engrosses you. [A Christmas Carol, Charles Dickens, 1843]

Commercial use of data will be detrimental to public confidence.

By looking ahead to see what the ghost of care.data future might bring, the forecast doom of the present course, may yet be avoided.

As patients told NHS England at the Open House event [11], we’re fed up with commercial data mining, and the same was reflected by a representative group of citizens in various polls this year.[12]

How is the non-NHS data world changing? What of the upcoming EU data legislation?  How does commercial data industry itself perceive legislation in the UK?

In the 2013 Experian keynote address the Nectar Head of Customer Marketing noted, “legislation has not kept up to speed with where we are going’ [16:57] [13]

Perhaps it is opportune to reflect on one of the oldest Biblical themes at Christmas, choose which master you serve.

Back at NHS England and the IC, discussions in April 2013 seek to ‘create a vibrant market of data intermediaries , for example.

Which purposes should this serve? The health of the nation, or the wealth of the nation? Can one justly serve both equally?

“You fear the world too much,” she answered, gently. “All your other hopes have merged into the hope of being beyond the chance of its sordid reproach. I have seen your nobler aspirations fall off one by one, until the master-passion, Gain, engrosses you.” [A Christmas Carol, Charles Dickens, 1843]

It would appear to patients that by  mixing commercial purposes in with legitimate health, and health research purposes,  the data commissioning system has created its own downfall.[14]

The purposes whilst amended in the Care Act 2014, are so broad as to leave too much commercial use open under ‘purposes of health’. How would that rule out pharmaceutical marketing for example?

For many patients, use outside their own healthcare and its provision and planning is a real hot chestnut.

If patients are in disagreement over commercial uses for example, they have no choice but to opt out of research uses as well. This multi-option choice, or the removal of commercial use needs addressed.

If research wants more data, we would do well to define and restrict commercial use in legislation, much more specifically.

Chapter 4 : “You wish to be anonymous?” [a Christmas Carol, 1843]

There has been much disagreement and misunderstanding of how data will be used, anonymous or what non-identifiable really means.

Media reporting at the start of the year frequently focused on the collection of care.data as ‘anonymous data.’  Bah, humbug! that is factually incorrect.

CCGs need to make sure that their own staff understanding is correct, as well as passing on information if they are to be intermediaries on behalf of NHS England. At CCG meetings I attended, many staff confused care.data with direct care/SCR.

The default position if patients do nothing is the sharing of date of birth, full postcode, gender and ethnicity, and the NHS number is a unique identifier. Plus all the other codes and conditions.

It is still unclear how the data which has already been extracted without consent or fair processing, can be controlled by patients who may not wish to share identifiable data from their hospital visits, mental or community health.

bbc_notdentifiable

If patients can’t control data already held at HSCIC, why will they want to share more additional data, from primary care?

Learning from looking back on 2014

My own looking back on my care.data journey in 2014 is here.

medConfidential has a rather good summary of the year here. [15]

“Spirit,” said Scrooge submissively, “conduct me where you will. I went forth last night on compulsion, and I learnt a lesson which is working now. To-night, if you have aught to teach me, let me profit by it.” [A Christmas Carol, Charles Dickens, 1843]

From past lessons learned in 2014, one would hope the future rollout will profit from them and take the time, and use the tools it needs, to get to a brighter future.

Looking ahead: news for 2015 came at the end of the year.

Sir Partridge in the Telegraph, November 27 he said:

“We must make sure there are no surprises for the public about how their information is being used, that they have a choice in this and that we are honest about the balance of risk. Every single one of us has a part to play in making sure we get this right…

“The HSCIC is still improving its practices. It is also endeavouring to increase its transparency.”

The November 2014 APPG report said, what everyone appears to agree on:

“the public had been inadequately consulted in the early stages of the Care.data programme and that it was therefore correct to halt the programme to allow further public consultation.” [APPG report]

It goes on to say, “Organisations providing health or social care services must succeed in both respects [examining the Public Interest] if they are not to fail the people that they exist to serve,” and with that in mind a Public Benefits Plan should be drawn up, to support public transparency.

Public transparency would be improved by publishing the public’s questions from multiple listening events at which attendees were promised answers and follow up. The conversations did not always ask easy questions, but all the more reason to address them publicly for all; it will make the programme better.

So, if the care.data programme learns from that which has haunted care.data in the past year, and NHS England now grapples with all the questions and criteria of the IIGOP report, and increases its public transparency, stakeholders can look to the future with a renewed hope. But only if there is change made to the present course of actions.

“Scrooge was at first inclined to be surprised that the Spirit should attach importance to conversations apparently so trivial; feeling assured that they must have some hidden purpose.” [A Christmas Carol]

 What must surely happen now, is to use the IIGOP report as a basis of lessons learned. To see gaps in knowledge, and to build processes and procedures which set up the future. Some of these must be at national level, such as ‘How patients will be informed of future scope change’ so CCGs will need answers from NHS England even if pilots should be ‘co-produced’.
Quite frankly, only muppets would not want to wait and do all this in all the appropriate time needed. The coming General Election is perhaps seen as a key reason to artificially rush it through. But at what cost? Who is the programme for, party politics or the public good?

“What do you think of the show so far?”

Clearly the National Data Guardian and IIGOP, the APPG and others making many wise recommendations, find the approach so far lacking. To carry on as is, will bring predictable doom. But by using the IIGOP report insights, there is the hope that the outcomes of the current path may yet be avoided.

Which version of the care.data future will the NHS England Patients and Information Directorate choose to follow, and invite the CCGs to join them on, writing the next chapter of the care.data story in 2015?

“No space of regret can make amends for one life’s opportunity misused.” [A Christmas Carol, Charles Dickens, 1843]

***

Let’s hope 2015 is a good year, that the wish list of questions finds answers, and let’s hope there are no more care.data surprises.

Thank you for all the kind blog comments and questions I’ve received over the last year. I hope it helps keep patients’ voice heard. For all those or their representatives I have met and spoken with in the last year who have no voice at the table; the homeless, the travellers, the women and children in refuges, those concerned with public stigma, we must continue to challenge so their datasharing is, in the words of others; safe, consensual and transparent.

“I HAVE endeavoured in this Ghostly little book, to raise the Ghost of an Idea, which shall not put my readers out of humour with themselves, with each other, with the season, or with me. May it haunt their houses pleasantly, and no one wish to lay it.
Their faithful Friend and Servant,
C. D.

Now; let’s get back to the present today:

“What’s to-day, my fine fellow?” said Scrooge.

“To-day!” replied the boy. “Why, Christmas Day.”

“Merry Christmas,  and so, as Tiny Tim observed, God bless Us, Every One!”

  [A Christmas Carol, Charles Dickens, 1843]

***

Image from a Muppets Christmas Carol, 1992

References:

[1] The IIGOP report https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/389219/IIGOP_care.data.pdf

[2] EHI ‘Care.data Review Raises Questions‘ http://www.ehi.co.uk/news/ehi/9808/care.data-review-raises-questions

[3] BBC Radio 4, February 4 2014 http://www.bbc.co.uk/programmes/p01rmpdy

[4] Nov 2014, Progress of HSCIC data sharing review by Sir Nick Partridge https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/380042/HSCIC_Report_Summary_of_progress_261114_FINAL.pdf

[5] 7 Oct 2014, CCGs to help deliver care.data pilots http://www.england.nhs.uk/2014/10/07/ccgs-care-data-programme/

[6] What information is being heard at Listening events? https://jenpersson.com/pathfinder/

[7]The APPG Report – Nov 2014 – http://www.patients-association.com/Portals/0/APPG%20Report%20on%20Care%20data.pdf

[8] Report into NHS Data breaches http://www.bigbrotherwatch.org.uk/wp-content/uploads/2014/11/EMBARGO-0001-FRIDAY-14-NOVEMBER-BBW-NHS-Data-Breaches-Report.pdf

[9] on GP indemnity: care.data MPS advice to members http://www.medicalprotection.org/uk/membership-indemnity-updates/care.data

[10] The data linkage service http://www.hscic.gov.uk/media/12443/data-linkage-service-charges-2013-2014-updated/pdf/dles_service_charges__2013_14_V10_050913.pdf

[11] The Open House June 2014, public questions https://jenpersson.com/care-data-communications-core-concepts-part-two/

[12] Privacy and Personal Data IPSOS Mori poll https://www.ipsos-mori.com/researchpublications/researcharchive/3407/Privacy-and-personal-data.aspx

[13] 2013 Experian keynote address the Nectar Head of Customer Marketing

[14] care.data downfall parody http://paulbernal.wordpress.com/2014/02/25/tim-kelsey-discovers-care-data-is-in-trouble/

[15] medConfidential bulletin https://medconfidential.org/2014/medconfidential-bulletin-19-december-2014/

 

Rebuilding trust in care.data

In response to a care.data feature in the November Pharma Times Magazine,  I wrote a brief reader letter which was published, slightly abbreviated, on p.13 in the December issue.[1]

The November article had given me the impression that legislation in the Care Act from July was considered to have ironed out most patient concerns.

And it said that GPs opting patients out at practice level ‘would be illegal’.

I suggested three things.

1. The importance that legislation would be seen and enacted before the pathfinders to:

a) shore up trust of the broad definition of purposes to rule out commercial [re]use

b) enact an opt out

c) lend any legal weight to the role of National Data Guardian

Public and professional scrutiny and consultation on these changes will be required to ensure much talked of transparency is seen to be meaningful

2. Pathfinders must not only as the article stated intend to “test all aspects of communication and extraction”  in the pilot, but have a watertight plan for managing the planned broadening of both scope and access [2]

after all, how can communications be tested and considered effective which tell patients only part of the story how their data is planned to be used in future? Its merger with social care data, just one example.

and

3. a clarification was worth noting on the GP position regards opt out; that with certain conditions, the ICO had said that GPs opting out patients at practice level would be lawful regards their Data Protection obligations.

Data protection laws do not prevent doctors from adopting the approach recommended by the group Patient Concern, practice-wide opt out and offering opt-in at local level, the Information Commissioner’s Office (ICO) had said, providing certain conditions are met.

“If GPs choose to opt out all of their patients, then that is an issue for them and NHS England – the Data Protection Act does not prevent it,” said strategic liaison group manager at the ICO, Dawn Monaghan, according to a report in GP Online and Pulse. [3]

“However, the Data Protection Act would still require patients to be given a full explanation of the options open to them, and why the GP has chosen to opt them out.”

The Health and Social Care Act however requires GPs to release data to the HSCIC so would practices be in non-compliance with the Health and Social Care Act by doing so?

NHS England threatened one practice in November 2013 with penalties for doing just that a year ago. In fact, it was that position and article [4] which first prompted me to join the twitter social media debate, and my very first tweet on care.data.

caredata twitter

 

A full year on, and here we are, still unclear on opt out.

A full year on and our HES and other data is still being released without our consent, or fair processing.

Whilst the GPs may remain unclear if they would be sanctioned for practice wide opt out of care.data even if they maintain data protection compliance, it seems the penalty for data misuse after release is unchanged.

Whilst there was talk of new penalties for data misuse by companies and organisations, no ‘one strike and out’ ever materialised.

Whilst legislation by the Secretary of State promised patients a statutory right to opt out, it hasn’t happened.

On February 25th 2014, he said in Parliament:

“people should be able to opt out from having their anonymised data used for the purposes of scientific research.” [col 148]

“When they extended the programme to out-patient data in 2003 and to A and E data in 2008, at no point did they give people the right to opt out. We have introduced that right, which is why we are having the debate.” [5]

However until that opt out for our GP care.data and our A and E, HES, and other data for secondary purposes is on a legal footing, the opt out has no value for patients compared with the weight of the Health and Social Care Act.

When will the Secretary of State follow through on his word?

Right now, our HES/other secondary data is being released even if we have indicated our opt out to GPs for secondary uses, 9nu4. [6]

It appears to date, we lack both legislation and the technical tool to operate the opt out.

This position seems to be in urgent need of clarification for patients to have our opt out rights confirmed for both GP held data and the existing data held by HSCIC. As well as needing clarified for the GPs and HSCIC as data controllers to be clear on their responsibilities.

When the system has proven so flawed in the past we need change to show why it is different now.

It’s not enough to tell patients things will be different. We want to see that they are.

We can only trust a system which is underpinned in law particularly at a time when, ahead of a General Election, many promises may have been made and will be made. Ministers move roles. Their word alone is frankly, going to be of little value to many. Experience tells us, promises may not always turn out as expected in practice.

I asked one of my local community leaders what he thought of the current position on the programme and what his reaction would be if in fact the opt out came to naught and health data was to be extracted and used for research without consent. “We’d be out on the streets,” [in protest] was his prompt reply. Whilst many are happy for data to be used in research, the majority want to know about it first; who will access it and for what purpose. Not everyone is happy for their data to be used in research. And over half were happy only with active consent or not at all, according to a survey carried out by Ipsos MORI in June 2014.[7]

The Data Guardian role [8] too, should be a positive addition to underpin the importance of ethical practice in data management but again, can only be truly meaningful with legislative weight behind it.

The recent DH November announcement said this would happen, ‘at the earliest opportunity.’

How much longer will it be before that opportunity?

When can we expect to see the rules around uses, opt out and the oversight role of the Data Guardian published for public and professional consultation and scrutiny?

If we are to rebuild trust in the programme, it must first offer a foundation for doing so.

*

In the same Pharma Times December issue [2] there is also a feature on George Freeman MP and on EU Data sharing. Well worth a read.

My submitted reader letter:

Your November article ‘Taking care of our data’ states proposed changes to the Care Act 2014 will be laid before Parliament in the new year.

It is imperative this is done before the care.data pilots’ launch. Only meaningful changes underpinned in law will provide patients the basis on which to rebuild their trust in the programme.

Data use purposes remain overly broad, the newly appointed role of National Data Guardian has no legal teeth, and the Health Secretary’s word that a patient’s objection will be respected, is not enough.

The rules around access, oversight and opt out must be pinned down.

And parliamentary scrutiny of these changes, open to professional and public consultation, will be fundamental to public confidence.

Pathfinders must not only ‘‘test all aspects of the communication and extraction process” ready for an imminent rollout. New communications must present real improvements and a watertight plan for managing the planned broadening of the future scope and access.

And finally, one clarification worth noting; under certain conditions, the ICO ruled that GPs opting out patients at practice level would be lawful regards their Data Protection obligations.

Refs:

[1] December Pharma Times p 13

[2] care.data expansion roadmap

[3] GP Online October 22, 2014

[4] Pulse, November 2013

[5] Hansard, February 25th 2014

[6] HSCIC DARS releases

[7] Ipsos MORI poll of almost 2000

[8] National Data Guardian appointed  November 13, 2014

care.data – the cut-outs: questions from minority voices

“By creating these coloured paper cut-outs, it seems to me that I am happily anticipating things to come…I know that it will only be much later that people will realise to what extent the work I am doing today is in step with the future.” Henri Matisse (1869-1954) [1]

My thoughts on the care.data advisory event Saturday September 6th.  “Minority voices, the need for confidentiality and anticipating the future.”

[Video in full > here. Well worth a viewing.]

After taking part in the care.data advisory group public workshop 10.30-1pm on Saturday Sept 6th in London, I took advantage of a recent, generous gift; membership of the Tate. I went to ‘Matisse – the cut outs’ art exhibition.  Whilst looking around it was hard to switch off the questions from the morning, and it struck me that we still have so many voices not heard in the discussion of benefits, risk and background to the care.data programme. So many ‘cut out’ of any decision making.

Most impressive of the morning, had been the depth and granularity of questions which were asked.  I have heard varying aspects of questions at public events, and the subject can differ a little based on the variety of organisations involved. However, increasingly, there are not new questions, rather I hear deeper versions of the questions which have already been asked, over the last eighteen months. Questions which have been asked intensely in the last 6 months pause, since February 2014 [2] and which remain unanswered. Those from the care.data advisory committee and hosting the event, said the same thing based on a previous care.data advisory event also.

What stood out, were a number of minority group voices.

A representative for the group Friends, Families and Travellers (FFT) raised a number of excellent questions, including that of communications and ‘home’ GP practices for the Traveller community. How will they be informed about care.data and know where their ‘home’ practice is and how to contact them? Whose responsibility will that be?

I spoke with a small group a few weeks ago simply about NHS use in general. One said they feared being tracked down through a government system [which was used for anything other than clinical care]. They register with new names if they need to access A&E. That tells you already how much they trust ‘the system’. For the most part, he said, they would avoid NHS care unless they were really desperately in need and beyond the capability of their own traveller community ‘nurse’. The exception was childbirth when this group said they would encourage expectant mums to go into hospital for delivery. They must continue to do so when they need to and must feel safe to do so. Whether in general they may use primary care or not, many travellers are registered at GPs, and unless their names have been inadvertently cleansed recently, they should be contacted before any data extraction as much as anyone else.

Our NHS is constitutionally there for all. That includes groups who may be cut off from mainstream inclusion in society, through their actions, inaction or others’ prejudice. Is the reality in this national programm actively inclusive? Does it demonstrate an exemplary model in practice of what we hear said the NHS aims to promote?

Transgender and other issues

The question was posed on twitter to the event, whether trans issues would be addressed by care.data. The person suggested, that the data to be extracted would “out us as probably being trans people.” As a result,  she said “I’d want to see all trans ppl excluded from care.data.”

Someone who addressed ‘her complex gender identity’ through her art, was another artist I respect, Fiore de Henriquez. She was ‘shy of publicity.’ One of her former studios is filled with work based on two faces or symbiotic heads, aside from practice pieces for her more famous commissioned work.For her biography she insisted that nothing be concealed. “Put in everything you can find out about me, darling. I am proud to be hermaphrodite, I think I am very lucky, actually.” However, in her lifetime she acknowledged the need for a private retreat and was shy until old age, despite her flamboyant appearance and behaviour. You can see why the tweet suggested excluding any transgender data or people.

‘Transgender issues’ is an upcoming topic to be addressed at the NHS Citizen even on 18th September as well. How are we making sure these groups and the ‘other’ conditions, are not forgotten by care.data and other initiatives? Minorities included by design will be better catered for, and likely to participate if they are not simply tacked on as an afterthought, in tick-box participation

However, another aspect of risk is to be considered – missing minorities 

Any groups who opt themselves out completely, may find that they and their issues are under represented in decision making about them by commissioners and budget planning for example.  If authorities or researchers choose to base decisions only on care.data these discrepancies will need taken into account.

Ciarán Devane highlighted this two-sided coin of discrimination for some people. There are conditions which are excluded from care.data scope. For example HIV. It is included in HARS reporting, but not in care.data. Will the conditions which are excluded from data, be discriminated against somehow? Why are they included in one place, not in another, or where data is duplicated in different collections, where is it necessary, where is the benefit? How can you make sure the system is safe and transparent for minorities’ data to be included,  and not find their trust undermined by taking part in a system, in which they may have fears about being identified?

Missing voices

These are just two examples of groups from whom there had been little involvement or at least public questions asked, until now. The traveller and transgender community. But there are many, notably BME, and many many others not represented at any public meetings I have been at. If they have been well represented elsewhere, any raw feedback, with issues addressed, is yet to be shared publicly.

Missing voices – youth

A further voice from which we hear little at meetings, because these meetings have been attended as far as I have seen so far, mainly by older people, is the voice of our youth.

They are left out of the care.data discussion in my opinion, but should be directly involved. It is after all, for them that we need to think most how consent should work, as once in, our data is never deleted.

Whilst consent is in law overridden by the Health and Social Care Act, it is still the age old and accepted ethical best practice. If care.data is to be used in research in future, it must design best practices now, fit for their future purposes.

How will our under-18s future lives be affected by choices others make now on their behalf?

Both for them as the future society and as individuals. Decisions which will affect research, public health planning and delivering the NHS service provision as well as decisions which will affect the risk of individual discrimination or harm, or simply that others have knowledge about their health and lifestyle which they did not choose to share themselves.

Some people assume that due to social networks, young people don’t care about privacy. This is just not true. In fact, studies show that younger people are more conscious of the potential harm to their reputation, than we may want to give them credit for.

This Royal Academy of Engineering report, [3]” Privacy and Prejudice – Young People’s views on the Development of Electronic Patient Records” produced in conjunction with Wellcome from 2010, examines in some depth, youth opinions of 14-18 year olds.  It tackles questions on medical data use: consent, control and commercialism. The hairy questions are asked about teen access to records, so when does Gillick become applied in practice and who decides?

The summary is a collection of their central questions and its discussion towards the end, which are just as valid for care.data today, as well as for considering in the Patient Online discussion for direct care access. I hope you’ll take time to read it, it’s worth it.

And what about the Children?

Some of our most vulnerable, will have their data and records held at the HSCIC. There are plans for expansion rapidly into social care data management, aligned with the transformation of health and social services. Where’s the discussion of this? Does HSCIC even have the legal capacity to handle children’s social care data?

How will at-risk groups be safer using this system in which their identities are less protected? How will the information gathered be used intelligently in practice to make a difference and bring benefit? What safeguards are in place?

“Future releases of new functionality are planned over the next 12 months, including the introduction of the Child Protection – Information Sharing application which will help to improve the protection of children who have previously been identified as vulnerable by social services.” (ref: HSCIC Spine transition)

“Domestic violence can affect anyone, but women,
transgender people and people from BME groups are at higher risk than the general population.”
(Ref: Islington’s JSNA Executive Summary – 9 – August 2014)

 

We must ask these questions about data sharing and its protection on behalf of others, because these under represented groups and minorities cannot themselves, if they are not in the room.

Where’s the Benefit?

We should also be asking the question raised at the event, about the benefits compared with the data already shared today. “Where’s the benefit?”, asked another blogger some time ago, raising his concerns for those with disabilities. We should be asking this about new dating sharing vs the many existing research databases and registries we already have, with years of history. Ciarán Devane wisely asked this on the 6th, succinctly asking what attendees had expressed.

“It will be interesting to know if they can demonstrate benefits. Not just: ‘Can we technically do this?’ but: ‘If we see primary care data next to HES data, can we see something we didn’t see before’?”

An attendee at the Healthwatch run care.data event in Oxford last week, asked the same thing. NHS England and IT providers would, one would think, be falling over themselves to demonstrate the cost/benefit, to show why this care.data programme is well managed compared with past failures. There is form on having expensive top down programmes go awry at huge public expense and time and effort. On NpfIT “the NAO also noted that “…it was not demonstrated that the financial value of the benefits exceeds the cost of the Programme.”

Where is the benefits case for care.data, to weigh against the risks? I have yet to see a publicly available business case.

The public donation

Like my museum membership, the donation of our data will be a gift. It deserves to be treated with the respect that each individual should deserve if you were to meet them face-to-face in the park.

As I enjoyed early evening sun  leaving the exhibition, the grassy area outside was packed with people. There were families, friends, children, and adults on their own. A woman rested heavily pregnant, her bump against her partner. Children chased wasps and stamped on empty cans. One man came and sold me a copy of the Big Issue, I glimpsed a hearing aid tucked into a young woman’s beehive hair, one amputee, a child with Down Syndrome giggling with a sister. Those glimpses of people gave me images I could label without a second glance. Disabled. Deaf. Downs. There were potentially conditions I could not see in others. Cancer. Crohn’s. Chlamydia. Some were drinking wine, some smoking. A small group possibly high. I know nothing about any of those individuals. I knew no names, no addresses. Yet I could see some familial relationships. Some connections were obvious. It struck me, that they represented part of a care.data population, whom buyers and researchers  may perceive as only data. I hope that we remember them as people. People from whom this programme wants to extract knowledge of their lifestyles and lives, and who have rights to express if, and how they want to share that knowledge. How will that process work?

Pathfinders – the rollout challenges that remain?

At the advisory group led meeting it was confirmed that pathfinders, would be chosen shortly.

[CCGs were subsequently announced here,  see related links, end of page for detail, note added Oct 7th]

But  the care.data programme is “still delivering without a business case”.  Despite this, “between two and four clinical commissioning groups will be selected, “in the coming weeks” to begin the pathfinder stage of the care.data programme, ” reports NIB meeting[8]

It reports what was discussed at the meeting.

“The pathfinders will test different communication strategies before moving forward with the data extraction part of the project.”

I for one would be extremely  disappointed if pathfinders go ahead in the ‘as is’ mode.  It’s not communications which is the underlying issue still. It’s not communications that most people ask about. It’s questions of substance, to which, there appear to be still insufficient information to give sound answers.

Answers would acknowledge the trust in confidentiality owed to the individual men, women, and children whose data this is. The people represented by those in the park. Or by the fifty who gave up their time on a sunny Saturday to come and ask their questions. Many without pay or travel expenses just giving up their time. Bringing their questions in search of some answers.

The pathfinder communications cannot be meaningfully trialled to meet the needs of today and the future design, when the substance of key parts of the message is uncertain. Like scope.

The care.data advisory group and the Health and Social Care Information Centre , based on the open discussion at the workshop both appear to be working, “anticipating things to come…” and to be doing their best to put processes and change in place today, which will be “in step with the future.”

To what extent that is given the right tools, time and support to be successful with all of the public, including our minorities, I don’t know. It will depend largely now on the answers to all the open questions, which need to come from the Patients and Information Directorate at the Commissioning Board, NHS England.

After all, as Mr.Kelsey himself says,

“The NHS should be engaging, empowering and hearing patients and their carers throughout the whole system all the time. The goal is not for patients to be the passive recipients of increased engagement, but rather to achieve a pervasive culture that welcomes authentic patient participation.”

What could be less empowering than to dismiss patient rights?

The challenge is: how will the Directorate at NHS England ensure to meet all these technical, governance and security needs, and yet put the most important factors first in the design; confidentiality and the voice of the empowered patient: the voice of Consent?

*****

This post captured my thoughts on the care.data advisory event Saturday September 6th.  “Minority voices, the need for confidentiality and anticipating the future.” This was about the people side of things. Part two, focuses on the system part of that.

*****

Immediate information and support for women experiencing domestic violence: National Domestic Violence, Freephone Helpline 0808 2000 247

*****

[1] Interested in a glimpse into the Matisse exhibition which has now closed? Check out this film.

[2] Previous post: My six month pause round up [part one] https://jenpersson.com/care-data-pause-six-months-on/

[3] Privacy and Prejudice: http://www.raeng.org.uk/publications/reports/privacy-and-prejudice-views This study was conducted by The Royal Academy of Engineering (the Academy) and Laura Grant Associates and was made possible by a partnership with the YTouring Theatre Company, support from Central YMCA, and funding from the Wellcome Trust and three of the Research Councils (Engineering and Physical and Sciences Research Council; Economic and Social Research Council and Medical Research Council).

[4]  Barbara Hepworth – Pelagos – in Prospect Magazine

[5] Questions remain open on how opt out works with identifiable vs pseudonymous data sharing requirement and what the objection really offers. [ref: Article by Tim Kelsey in Prospect Magazine 2009 “Long Live the Database State.”]
[6] HSCIC current actions published with Board minutes
[8] NIB https://app.box.com/s/aq33ejw29tp34i99moam/1/2236557895/19347602687/1

 

*****

More information about the Advisory Group is here: http://www.england.nhs.uk/ourwork/tsd/ad-grp/

More about the care.data programme here at HSCIC – there is an NHS England site too, but I think the HSCIC is cleaner and more useful: http://www.hscic.gov.uk/article/3525/Caredata

 

Flagship care.data – [2] Commercial use with the Brokers

“If our health records should sail off in the flagship care.data programme, on the sea of commercial Big Data, are we confident that there is consent, fair processing, transparency, accountability, security and good governance? We must know that these basic mainstays are in place, to give it our support.”

“He that filches from me my good name, robs me of that which not enriches him, and makes me poor indeed.”                     William Shakespeare, Othello

I read this Shakespeare quote last week, not in the original but in the statement Data Brokers: A Call for Transparency and Accountability by US Commissioner of the Federal Trade Commission Julie Brill, May 27 2014. [1] . Since then I have tried to piece together a lay consumer understanding, of how this commercial data market works and how our health records fit in. Experts in data markets and many others will undoubtedly see how naïve it is. But by sharing my ordinary understanding as a mother who is thinking about the impacts of my shopping habits and upcoming care.data decision will have on my children’s future, perhaps I can highlight how trusting we are, and why those governing our data need to ensure the processes around our data are worthy of that trust.

The Commissioner begins:

“Data brokers gather massive amounts of data, from online and offline sources, and combine them into profiles about each of us. Data brokers examine each piece of information they hold about us – where we live, where we work and how much we earn, our race, our daily activities (both off line and online), our interests, our health conditions and our overall financial status – to create a narrative about our past, present and even our future lives. Perhaps we are described as “Financially Challenged” or instead as “Bible Lifestyle.”

Perhaps we are also placed in a category of “Diabetes Interest” or “Smoker in Household.” Data brokers’ clients use these profiles to send us advertisements we might be interested in, an activity that can benefit both the advertiser and the consumer. But these profiles can also be used to determine whether and on what terms companies should do business with us as individual consumers, and could result in our being treated differently based on characteristics such as our race, income, or sexual orientation. If data broker profiles are based on inaccurate information or inappropriate classifications, or used for inappropriate purposes, the profiles have the ability to not only rob us of our good name, but also to lead to lost economic opportunities, higher costs, and other significant harm.”
In other words, organisations, which we may not know store our personal, sensitive or confidential data, use it to classify, segment  and label us. In this environment when third parties it seems know more about us than we may know ourselves, it would seem prudent to want to control and understand what data is held by whom and how they use it. Especially, if in her words, “the profiles have the ability to not only rob us of our good name, but also to lead to lost economic opportunities, higher costs, and other significant harm.”

This is why it matters what is being done at break-neck pace to extract and share our health records in England.

I believe we are not yet sufficiently aware of how our data is used by these intermediaries, and if we were, we’d be horrified. We are complicit consumers in how our data is used with minimal understanding. We’re prepared to unwittingly trade a little privacy with the supermarket, to get our discount vouchers through the post. But we don’t look beyond that to understand what price we are paying and how our commercial interests may be harmed, in much more significant ways than £10 discount or a Legoland entry may compensate. Just like our food, the public are complicit [2] in our own downfall, accepting the marketing spin. We don’t understand credit ratings [3] and risk scores, and even if we do, most consumers don’t know data brokers offer companies scores for other purposes unrelated to credit in an onward chain of reselling. Data can be inaccurate, we are unaware of how to manage or correct it, how we are labelled by it, what opportunities it may restrict as highlighted in the report. We should be better informed.

I’ve recently learned how these, “powerful cross-channel consumer classifications help companies understand the demographics, lifestyles, preferences and behaviours of the UK adult population in extraordinary detail.” [4] demonstrated by Experian.

That they understand and track my behaviours probably better than I do, and at such detailed level, I find surprising and invasive. “Within rural areas we are able to pick out the individual households that are likely to be commuting to towns and cities nearby…” I’ll go more into that later.

It has come to the attention of the general public,  only in the last 6 months, that our hospital episode statistics (HES) and data from other secondary care sources, have been on sale in this consumer market. As I said in a previous post [5], a year ago, in April 2013, The ‘Health and Social Care Transparency Panel’ discussion on sharing patient data with information intermediaries stated at that time, there was no legitimate or statutory basis to share at least ONS data [6] in that way for commercial purposes:

“The issues of finding a legitimate basis for sharing ONS death data with information intermediaries for commercial purposes had been a long running problem…The panel identified this as a significant barrier to developing a vibrant market of information intermediaries.”

The HSCIC at that time saw a “vibrant market of information intermediaries, for commercial purposes” using our personal records as desirable and indeed, as Sir Kingsley Manning’s comments to the Health Select Committee demonstrate, in their DH handed-down policy remit.


In this way, companies who process data such as Beacon Dodsworth received data in the last year and offered it for commercial exploitation by others “HES data may be used by pharmaceutical companies “to improve [their] social marketing / media awareness campaigns”. Others included  OmegaSolver [7] and Harvey Walsh [8].


Some of that data goes back into our health market as business intelligence, both for NHS and private use, for benchmarking, comparisons and making commercial decisions. In our commissioning based marketplace [9], now becoming normalised.

Through the press earlier this year, and the first data release register [10] we have come to understand in part, who is using it and at least in part, how. Aside from bone fide public health planners and health researchers, and the intermediaries using data for commissioning support tools, recipients include these commercial companies and third-party intermediaries exploiting the data as a commodity. Organisations which may buy raw data and sell it on, or process it and sell that data mined information onwards. Organisations after which, Chair Kingsley Manning told the Health Select Committee, [11] we have no idea whom all the end users may be. He indicated the progress that is needed and that HSCIC is already working on improvements, stating the view that “the process HSCIC inherited was no longer robust. ” Q285

“Kingsley Manning: I realise that, and may I come back to that? That is why, specifically with regard to the sets of data that are covered by data-sharing agreements, I took the view that the process that we inherited was no longer robust. We have therefore been in the process of changing the management and the processes, and we have voluntarily adopted a process of being much more transparent about the process and about the data releases we have made.

              Q286Barbara Keeley: But what I was trying to get to was the concern.  We are just looking for transparency and honesty here. On all the data that was previously released through these commercial reuse licences where there are end users—the question that the Committee wanted to put to you—you are unable to say what are the uses to which the data release under those licences may be put, what controls are in place and what information is provided—you don’t know. With the whole 13 years of the HES database and however many million records have gone out to one of these providers that then provides on to others—in the United States, this has involved putting up the data on Google cloud, and we are not sure of the security of that—you can’t say. You should admit it now. If you can’t tell us where all that data is and what all its uses are, it seems you can’t. You have already admitted that entirely commercial market uses—

              Kingsley Manning: The control is through both the overriding regulations established within the Data Protection Act and the data-sharing agreements that we enter into with people, which specifically allow the reuse of data with safeguards with regard to anonymity.

              Q287Barbara Keeley: So you have no idea who the end user is. You have no idea if they are using it properly because there is no audit.

              Kingsley Manning: And that is in accordance with the law and the regulations as they stand today.

              Q288Barbara Keeley: So, just to be clear, audit is not going to be possible for all the uses and all the end users. The data is out there. You have licensed people to use it and other people to buy it, and there is no control over that—it is just out there.

              Kingsley Manning: I don’t accept there is no control. There is control established in accordance with law and the regulations as they are today.

              Q289Barbara Keeley: But you are not able to say who is using it and for what reason. You are not able to say that.  There are end users out there.

              Kingsley Manning: No, because we have a large range of organisations that we have been encouraging. Government policy has for a long time been to encourage the use of this data to advance both the health and social care system in this country and the economy. If, for example, we supply pseudonymised data to a drug company to help it to develop a new drug, we do not know the end users beyond that organisation, but that is perceived as being a task and a function that we have. It is done in such a manner that the data is safe and secure, and is not identifiable back to an individual.

              You may wish to change the base upon which we act. We absolutely welcome the suggestion that we should submit these to the confidentiality advisory group. We have identified a number of cases where we think its guidance would be very helpful, including in this area. We would absolutely welcome that, but I am afraid we cannot make up the rules that we act by.”

This is what concerns me, if the purposes and permissions granted for care.data are to be defined by the reason why recipients get data for the “promotion of health ” [12] and that their worthiness to receive data is based on,  a wooly, undefined notion of whether it will improve care or promote health. It cannot be transparently judged if many users of data are intermediaries with re-use licences, if even the HSCIC doesn’t know who all the end users are, and does not routinely audit them. Nor can anyone know how identifiable therefore the accumulated data sets may be.

If HSCIC does not track each release, each time, each recipient receives data, how do they know every time a new request is granted, how much of the jigsaw puzzle for any given individual, is left to complete?

If you don’t know who they are, how can you govern them and what they do with our data? How on earth can anyone judge how they will be for purposes in the Care Bill 2014 of:

(a)the provision of health care or adult social care, or

(b)the promotion of health.

How can the data controllers judge whether that  release, together with all the data these companies already hold, will not do us ‘significant harm’  in the words of Commissioner Brill, of the Federal Trade Commission? Will it not by its nature of labels discriminate against segments of our society, whom the data owners select, based on information beyond our visibility or control? Is society which is segmented and stratified at risk of every increasing inequality? Disability groups for example, may feel at increased risk of stigma or exclusion. David Gillon [13] addresses this in his post here. How can individuals determine if releasing our data to these companies is in our own, or the public interest [14]?

Impossible if we don’t know who they are, and we don’t know what they already hold. A model which is hardly transparent nor conducive to trust.

Dr.Neil Bhatia in Hampshire, a GP who founded the non-commercial website care-data.info, asked HSCIC in an FOI request for the data *about him* which was released to these type of intermediaries. He was told this week, that the data controller, the Health and Information Centre, does not know. We can then only surmise, if our individual data was contained in pseudonymous bulk data transfers in which there remains ‘a latent risk’ of identification. So from the released data register, we should look at what types of companies are using pseudonymous data. We are also told that penalties may be imposed, or even ‘one strike and you’re out’ for misuse of data. Until now at least without robust audit procedures, I believe we’d never know. So how could data be better secured?

There is talk of a ‘fume cupboard’ access, [15] or giving customers data only in query format, instead of giving out raw chunks of the database. But the Care Bill certainly didn’t legislate for any changes in those types or indeed any governance procedures. We can only wait and see if talk becomes reality and how we can trust it becomes a secure policy and stays so, after we entrust our data. There is no delete button after all.

The Secretary of State wrote on April 25th [16], asking to ensure current practices are up to the task, but as polite as it is, a letter is no form of governance. On June 12th, HSJ [17] reported that the HSCIC has ordered a significant number of trusts to “promptly” delete a series of datafields, which it claims could put patients at risk of being identified, because some of the information in “secondary uses service” that they had submitted to the agency had been entered in an incorrect way over ten years. The good news in this, is it would appear progress is being made in audit, and these errors are being addressed.

However, it highlights the issue created when you release raw data beyond your control. It will mean that organisations who should not have received data, did. How now is that data to be removed from information into which it has become? It will now no longer be raw numbers, but be in graphs, comparative studies and have been inexorably merged with other data. Unlike Cinderella’s carriage, it’s not an automatic process that the raw materials, the data, returns to its previous state after it has become enhanced, turned into business intelligence. The raw files may be traced, removed and deleted, but the knowledge it has turned into, will be almost impossible to find and delete. The links between the two may have disappeared into thin air. Harder to find, than the owner of the glass slipper. An impossible audit trail.

An audit process on leaving the trusts and upon arrival at HSCIC and on leaving HSCIC – at least a three place checkpoint – is what I would have  been familiar with in the past for payroll & personal data. It seems that audit procedures for our health records, have just not kept up with the speed at which the data has been sent out on the open seas, and there has been no audit.

Q287Barbara Keeley: So you have no idea who the end user is. You have no idea if they are using it properly because there is no audit.

  Kingsley Manning: And that is in accordance with the law and the regulations as they stand today.”

It’s not to say there are no controls. We are told that data sharing agreements prevent data provided being matched with other data held, which prevents making individuals identifiable. However, as I’ll look at in my next post, I don’t think it even has to get the the person level to be sufficiently identifiable as to be discriminatory. The segmenting of society at group level, at household level, with detailed understanding of our behaviours, is sufficient, aside from the identifiable individual level data these companies hold for identity verification and so on. When companies extract and store raw data, we have no idea where and with whom it lands up. I’ve been completely surprised by what I have learned in the last few weeks how these third parties use our data.

The current controls around and governance of our health data remains unchanged by the Care Bill.  Through policy, law and directions the HSCIC has

…”licensed people to use it and other people to buy it, and there is no control over that.” [12]

As Sir Manning said,

…”because we have a large range of organisations that we have been encouraging. Government policy has for a long time been to encourage the use of this data”

Controls may be in line with policy and the law, but I believe it simply hasn’t kept up with the functional need for a decent governance framework.

Julie Brill’s Statement made a recommendation:

“A second accountability measure that Congress should consider is to require data brokers to take reasonable steps to ensure that their original sources of information obtained appropriate consent from consumers.”

Accountability in the UK of these data brokers seems quite absent in real terms, unknown to the public at large.

The same core issue identified by Julie Brill in the US, lack of informed consent. If we don’t know you have it, how can we ask to check if it’s correct or who uses it? In an era of borderless electronic data transfers, we should seek to put in place the highest standards as common denominators, and in terms of privacy, there are lessons worth learning from the US actions post Snowden which in the UK, we have not yet begun.

If our health records should sail off in the flagship care.data programme, on the sea of commercial Big Data, are we confident that there is consent, fair processing, transparency, accountability, security and good governance? We must know that these basic mainstays are in place, and will stay so in future, to give it our support. Well governed data is more likely to get our trust, therefore our consent and be of better quality for buyers.

We must also not forget to clarify why it is our records are needed in the broad and undefined care.data scope that we still have not seen pinned down. Is the public good really defined for care.data and does it outweigh the private long established rights of consent and confidentiality? Do we trust these commercial company uses to do “no harm” as the US Commissioner of the Federal Trade Commission examined?

…”the profiles have the ability to not only rob us of our good name, but also to lead to lost economic opportunities, higher costs, and other significant harm.”

When we visit a medic we are vulnerable, ill or in need of help. We entrust our knowledge in confidence, and trust it will be used for our care. A whole hotchpotch of other indirect uses, including commercial exploitation is not what we expect. We need to trust the data we give away to local staff,  is processed appropriately all the way up the data chain, when it is stored, when it is released and beyond. For now at least, it appears citizens can only control the one point at which we first give our data up. After that, we have faith that those governing our data ensure the processes around its management are worthy of that trust. The governance processes that go beyond the HSCIC control, will directly influence that trust, and our care.data decision to object, or not.

For citizens to see this still precarious commercial hull, and trust that our innermost confidences should be safe within it, is stretching our trust, just a little too far.  The knowledge of our health and lifestyle should not be commercially exploited in this uncontrollable marketplace by data brokers without our knowledge and consent.  Health data is on the cusp of including more widespread biomedical data. In my children’s lifetime that may be a whole new era of data management to contend with. For now,  all this intensive data mining may be much more than we already imagined and we should carefully consider how society will be affected if it includes every aspect of our health and lifestyle data. It may be yet another aspect of individual surveillance more than society can stand.[18]

The care.data storm may not yet be over.

*****

In part three on commercial uses, I’m going to explore, from my lay perspective, on how some of these intermediaries and data processing companies, use data concretely in practice. As Julie Brill says how these intermediaries, “create a narrative about our past, present and even our future lives.”

******

[1] Data Brokers: A call for transparency and accountability – http://www.ftc.gov/system/files/documents/public_statements/311551/140527databrokerrptbrillstmt.pdf

[2] Food Marketing film by Catsnake with Actress Kate Miles via Upworthy  http://www.upworthy.com/no-one-applauds-this-woman-because-theyre-too-creeped-out-at-themselves-to-put-their-hands-together

[3] Your Credit Ratings explained BBC http://news.bbc.co.uk/1/hi/business/2963580.stm

[4] “Mosaic is Experian’s most comprehensive cross-channel classification system …it helps you understand consumers in extraordinary detail.” http://www.experian.co.uk/marketing-services/products/mosaic/mosaic-in-detail.html

[5] Flagship care.data – Commercial Uses in theory: https://jenpersson.com/flagship-care-data-precious-cargo-1-commercial-uses-in-theory/

[6] Health and Social Care transparency panel:- minutes from 23rd April 2013 –  https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/259828/HSCTP_13-1-mins_23_Apr_13__NewTemp_.pdf

[7] 17th March Omega Solver in the Guardian, by Randeep Ramesh http://www.theguardian.com/technology/2014/mar/17/online-tool-identify-public-figures-medical-care

[8] 16th March Harvey Walsh in the Sunday Times by Jon Ungoed-Thomas  ‘healthcare intelligence company, has paid for a database’ http://www.thesundaytimes.co.uk/sto/news/uk_news/Health/article1388324.ece

[9]  The Privatisation of the NHS Prof.A.Pollock at Tedex event

[10] HSCIC Data Register http://www.hscic.gov.uk/dataregister

[11} Evidence at Parliamentary Health Select Committee April 8th 2014: http://data.parliament.uk/writtenevidence/committeeevidence.svc/evidencedocument/health-committee/handling-of-nhs-patient-data/oral/8416.html

[12] Care Bill 2014 – Enacted: http://www.legislation.gov.uk/ukpga/2014/23/section/122/enacted

[13] care.data in their own words – D. Gillon Where’s the Benefit? http://wheresthebenefit.blogspot.co.uk/2014/03/caredata-in-their-own-words.htm

[14] Public vs Private interest – Dr. M Taylor, “Information Governance as a Force for Good? Lessons to be Learnt from Care.data”, (2014) 11:1 SCRIPTed

[15] Fume Cupboard access in NHS England stakeholder  letter April 14th 2014

[16] Letter from Jeremy Hunto HSCIC regarding patient confidentiality

[17] Health Service Journal, June 12th, Nick Renaud-Komiya, http://www.hsj.co.uk/news/trusts-ordered-to-delete-incorrect-data/5071902.article?blocktitle=News&contentID=8805

[18] John Naughton, Observer 8th June, http://www.theguardian.com/technology/2014/jun/08/big-data-mined-real-winners-nsa-gchq-surveillance

An ode to care (dot) data

To be or not to be, that is the question.
O, what men dare do!
Two gentleman of Verona
Measure for measure
and in a Midsummer’s Night’s Dream
And like the baseless fabric of this vision
imagined there would be much ado about nothing.
Mum’s the word!
But this denoted a foregone conclusion.
Open-eyed conspiracy!
Wherefore are these things hid?

Oft expectation fails, and most oft there
Where most it promises.
The plan would be a winter’s tale.
But as you like it
or as not
Damn’d be him that first cries, ‘hold enough’!
These tedious old fools!
The tempest doth make delay.

Will the work done be love’s labour lost?
Will the storm nay be calmed?
Sigh no more, ladies, sigh no more,
Men were deceivers ever.

Would they want that chinks be earned
Gold? Yellow, glittering, precious gold?
No, Gods, I am no idle votarist!
All gold and silver rather turn to dirt!
As ’tis no better reckon’d, but of those
who have want.
“Shylock, we would have moneys,” you say so
the pound of flesh which I demand of him
is dearly bought. ‘Tis mine.

What might be toward, that this sweaty haste
Doth make the night joint-laborer with the day:
Who is’t that can inform me?
Friends, Romans, countrymen, lend me your ears!
Who bare my letter, then, to Romeo?
The letter was not nice but full of charge,
Of dear import, and the neglecting it
May do much danger!

Ignorance is the curse of God;
knowledge is the wing wherewith we fly to heaven.
No legacy is so rich as honesty.

For all this same, I’ll hide me hereabout.
His looks I fear, and his intents I doubt.
And exempt from public haunt,
finds tongues in trees.
You are thought here to the most senseless and fit man for the job.
Alas poor Yorrick
a fellow of infinite jest, of most excellent fancy.
Conscience doth make cowards of us all.

And enterprises of great pitch and moment
With this regard their currents turn awry,
And lose the name of action.
What’s more to do,
Which would be planted newly with the time,
How poor are they that have not patience!
Yet, do thy worst, old Time: despite thy wrong.

Don’t trust the person who has broken faith once?
The quality of mercy is not strain’d
I have spoke thus much
To mitigate the justice of thy plea
If we should fail –
We fail!
But screw your courage to the sticking-place,
And we’ll not fail.
All’s well if all ends well.
Love all, trust a few, do wrong to none.

Now this overdone or come tardy off,
though it make the unskillful laugh,
cannot but make the judicious grieve,
the censure of the which one must in your allowance
o’erweigh a whole theatre of others.

What’s done can’t be undone.
Forget, forgive, conclude, and be agreed: Our doctors say this is no time to bleed.

*****
Words taken in tribute,  from the works of Shakespeare
(23 April 1564 – 23 April 1616). 

All his words, not necessarily in the right order.
Celebrated on the date of the 450th anniversary of his birth, on  Metro considered, what if Shakespeare had Twitter?