Tag Archives: privacy

Wearables: patients will ‘essentially manage their data as they wish’. What will this mean for diagnostics, treatment and research and why should we care? [#NHSWDP 3]

 

Consent to data sharing appears to be a new choice firmly available on the NHS England patient menu if patient ownership of our own records, is clearly acknowledged as ‘the operating principle legally’.

Simon Stevens, had just said in his keynote speech:

“..smartphones; […] the single most important health treatment and diagnostic tool at our disposal over the coming decade and beyond ” Simon Stevens, March 18 2015.

Tim Kelsey, Director Patients and Information, NHS England, then talked about consent in the Q&A:

“We now acknowledge the patient’s ownership of the record […] essentially, it’s always been implied, it’s still not absolutely explicit but it is the operating principle now legally for the NHS.

“So, let’s get back to consent and what it means for clinical professionals, because we are going to move to a place where people will make those decisions as they currently do with wearable devices, and other kinds of mobile, and we need to get to a point where people can plug their wearable device into their medical record, and essentially manage their data as they wish.

“It is essentially, their data.”

How this principle has been applied in the past, is being now, and how it may change matters, as it will affect many other areas.

Our personal health data is the business intelligence of the health industry’s future.

Some parts of that industry will say we don’t share enough data. Or don’t use it in the right way.  For wearables designed as medical devices, it will be vital to do so.

But before some launch into polemics on the rights and wrongs of blanket ‘data sharing’ we should be careful what types of data we mean, and for what purposes it is extracted.It matters when discussing consent and sharing.

We should be clear to separate consent to data sharing for direct treatment from consent for secondary purposes other than care (although Mr Kelsey hinted at a conflation of the two in a later comment). The promised opt-out from sharing for secondary uses is pending legal change. At least that’s what we’ve been told.

Given that patient data from hospital and range of NHS health settings today, are used for secondary purposes without consent – despite the political acknowledgement that patients have an opt out – this sounded a bold new statement, and contrasted with his past stance.

Primary care data extraction for secondary uses, in the care.data programme, was not intended to be consensual. Will it become so?

Its plan so far has an assumed opt-in model, despite professional calls from some, such as at the the BMA ARM to move to an opt-in model, and the acknowledged risk of harm that it will do to patient trust.

The NHS England Privacy Assessment said: ‘The extraction of personal confidential data from providers without consent carries the risk that patients may lose trust in the confidential nature of the health service.’

A year into the launch, Jan 2014, a national communications plan should have solved the need for fair processing, but another year on, March 2015, there is postcode lottery, pilot approach.

If in principle, datasharing is to be decided by consensual active choice,  as it “is the operating principle now legally for the NHS” then why not now, for care.data, and for all?

When will the promised choice be enacted to withhold data from secondary uses and sharing with third parties beyond the HSCIC?

“we are going to move to a place where people will make those decisions as they currently do with wearable devices” [Widening digital participation, at the King’s Fund March 2015]

So when will we see this ‘move’ and what will it mean?

Why plan to continue to extract more data under the ‘old’ assumption principle, if ownership of data is now with the individual?

And who is to make the move first – NHS patients or NHS patriarchy – if patients use wearables before the NHS is geared up to them?

Looking back or forward thinking?

Last year’s programme has become outdated not only in principle, but digital best practice if top down dictatorship is out, and the individual is now to “manage their data as they wish.”

What might happen in the next two years, in the scope of the Five Year Forward Plan or indeed by 2020?

This shift in data creation, sharing and acknowledged ownership may mean epic change for expectations and access.

It will mean that people’s choice around data sharing; from patients and healthy controls, need considered early on in research & projects. Engagement, communication and involvement will be all about trust.

For the ‘worried well’, wearables could ‘provide digital “nudges” that will empower us to live healthier and better lives‘ or perhaps not.

What understanding have we yet, of the big picture of what this may mean and where apps fit into the wider digital NHS application and beyond?

Patients right to choose

The rights to information and decision making responsibility is shifting towards the patient in other applied areas of care.

But what data will patients truly choose to apply and what to share, manipulate or delete? Who will use wearables and who will not, and how will that affect the access to and delivery of care?

What data will citizens choose to share in future and how will it affect the decision making by their clinician, the NHS as an organisation, research, public health, the state, and the individual?

Selective deletion could change a clinical history and clinician’s view.

Selective accuracy in terms of false measurements [think diabetes], or in medication, could kill people quickly.

How are apps to be regulated? Will only NHS ‘approved’ apps be licensed for use in the NHS and made available to choose from and what happens to patients’ data who use a non-approved app?

How will any of their data be accessed and applied in primary care?

Knowledge is used to make choices and inform decisions. Individuals make choices about their own lives, clinicians make decisions for and with their patients in their service provision, organisations make choices about their business model which may include where to profit.

Our personal health data is the business intelligence of the health industry’s future.

Who holds the balance of power in that future delivery model for healthcare in England, is going to be an ongoing debate of epic proportions but it will likely change in drips rather than a flood.

It has already begun. Lobbyists and companies who want access to data are apparently asking for significant changes to be made in the access to micro data held at the ONS. EU laws are changing.

The players who hold data, will hold knowledge, will hold power.

If the NHS were a monopoly board game, data intermediaries would be some of the wealthiest sites, but the value they create from publicly funded NHS data, should belong in the community chest.

If consent is to be with the individual for all purposes other than direct care, then all data sharing bodies and users had best set their expectations accordingly. Patients will need to make wise decisions, for themselves and in the public interest.

Projects for research and sharing must design trust and security into plans from the start or risk failure through lack of participants.

It’s enormously exciting.  I suspect some apps will be rather well hyped and deflate quickly if not effective. Others might be truly useful. Others may kill us.

As twitter might say, what a time to be alive.

Digital opportunities for engaging citizens as far as apps and data sharing goes, is not only not about how the NHS will engage citizens, but how citizens will engage with what NHS offering.

Consent it seems will one day be king.
Will there or won’t there be a wearables revolution?
Will we be offered or choose digital ‘wellness tools’ or medically approved apps? Will we trust them for diagnostics and treatment? Or will few become more than a fad for the worried well?
Control for the individual over their own data and choice to make their own decisions of what to store, share or deny may rule in practice, as well as theory.
That practice will need to differentiate between purposes for direct clinical care and secondary uses as it does today, and be supported and protected in legislation, protecting patient trust.
“We are going to move to a place where people will make those decisions as they currently do with wearable devices, and other kinds of mobile, and we need to get to a point where people can plug their wearable device into their medical record, and essentially manage their data as they wish.”
However as ‘choice’ was the buzzword for NHS care in recent years – conflated with increasing the use of private providers – will consent be abused to mean a shift of responsibility from the state to the individual, with caveats for how it could affect care?
With that shift in responsibility for decision making, as with personalized budgets, will we also see a shift in responsibility for payment choices from state to citizen?
Will our lifestyle choices in one area exclude choice in another?
Could app data of unhealthy purchases from the supermarket or refusal to share our health data, one day be seen as refusal of care and a reason to decline it? Mr Kelsey hinted at this last question in the meeting.
Add a population stratified by risk groups into the mix, and we have lots of legitimate questions to ask on the future vision of the NHS.
He went on to say:
“we have got some very significant challenges to explore in our minds, and we need to do, quite urgently from a legal and ethical perspective, around the advent of machine learning, and …artificial intelligence capable of handling data at a scale which we don’t currently do […] .
“I happen to be the person responsible in the NHS for the 100K genomes programme[…]. We are on the edge of a new kind of medicine, where we can also look at the interaction of all your molecules, as they bounce around your DNA. […]
“The point is, the principle is, it’s the patient’s data and they must make decisions about who uses it and what they mash it up with.”
How well that is managed will determine who citizens will choose to engage and share data with, inside and outside our future NHS.
Simon Stevens earlier at the event, had acknowledged a fundamental power shift he sees as necessary:
“This has got to be central about what the redesign of care looks like, with a fundamental power shift actually, in the way in which services are produced and co-produced.”

That could affect everyone in the NHS, with or without a wearables revolution.

These are challenges the public is not yet discussing and we’re already late to the party.

We’re all invited. What will you be wearing?

********
[Previous: part one here #NHSWDP 1  – From the event “Digital Participation and Health Literacy: Opportunities for engaging citizens” held at the King’s Fund, London, March 18, 2015]

[Previous: part two #NHSWDP 2: Smartphones: the single most important health treatment & diagnostic tool at our disposal]

********

Apple ResearchKit: http://techcrunch.com/2015/03/09/apple-introduces-researchkit-turning-iphones-into-medical-diagnostic-devices/#lZOCiR:UwOp
Digital nudges – the Tyranny of the Should by Maneesha Juneja http://maneeshjuneja.com/blog/2015/3/2/the-tyranny-of-the-should

You may use these HTML tags and attributes: <blockquote cite="">

Nothing to fear, nowhere to hide – a mother’s attempt to untangle UK surveillance law and programmes

“The Secret Service should start recruiting through Mumsnet to attract more women to senior posts, MPs have said.”
[SkyNews, March 5, 2015]

Whilst we may have always dreamed of being ‘M’, perhaps we can start by empowering all Mums to understand how real-life surveillance works today, in all our lives, homes and schools.

In the words of Franklin D. Roosevelt at his 1933 inaugural address:

“This is preeminently the time to speak the truth, the whole truth, frankly and boldly…

“Let me assert my firm belief that the only thing we have to fear is fear itself—nameless, unreasoning, unjustified terror which paralyzes needed efforts to convert retreat into advance.”

It is hard to know in the debate in the ‘war on terror’, what is truthful and what is ‘justified’ fear as opposed to ‘nameless and unreasoning.’

To be reasoned, we need to have information to understand what is going on and it can feel that picture is complex and unclear.

What concrete facts do you and I have about terrorism today, and the wider effects it has on our home life?

If you have children in school, or are a journalist, a whistleblower, lawyer or have thought about the effects of the news recently, it may affect our children or any of us in ways which we may not expect.

It might surprise you that it was surveillance law that was used to track a mother and her children’s [1] movements when a council wasn’t sure if her school application was for the correct catchment area. [It legally used the Regulation of Investigatory Powers Act 2000, (RIPA) [2]

Recent headlines are filled with the story of three more girls who are reported to have travelled to Syria.

As a Mum I’d be desperate for my teens, and I cannot imagine what their family must feel. There are conflicting opinions, and politics,  but let’s leave that aside. These girls are each somebody’s daughter, and at risk.

As a result MPs are talking about what they should be teaching in schools. Do parents and citizens agree, and do we know what?

Shadow business secretary Chuka Umunna, Labour MP told Pienaar’s Politics on BBC Radio 5 Live: “I really do think this is not just an issue for the intelligence services, it’s for all of us in our schools, in our communities, in our families to tackle this.”

Justice Minister Simon Hughes told Murnaghan on Sky News it was important to ensure a counter-argument against extremism was being made in schools and also to show pupils “that’s not where excitement and success should lie”. [BBC 22 February 2015]

There are already policies in schools that touch all our children and laws which reach into our family lives that we may know little about.

I have lots of questions what and how we are teaching our children about ‘extremism’ in schools and how the state uses surveillance to monitor our children’s and our own lives.

This may affect all schools and places of education, not those about which we hear stories about in the news, so it includes yours.

We all want the best for our young people and security in society, but are we protecting and promoting the right things?

Are today’s policies in practice, helping or hardening our children’s thinking?

Of course I want to see that all our kids are brought up safe. I also want to bring them up free from prejudice and see they get equal treatment and an equal start in life in a fair and friendly society.

I think we should understand the big picture better.

1. Do you feel comfortable that you know what is being  taught in schools or what is done with information recorded or shared by schools or its proposed expansion to pre-schools about toddlers under the Prevent programme?.

2. Do government communications’ surveillance programmes in reality, match up with real world evidence of need, and how is it measured to be effective?

3. Do these programmes create more problems as side-effects we don’t see or don’t measure?

4. If any of our children have information recorded about them in these programmes, how is it used, who sees it and for what purposes?

5. How much do we know about the laws brought in under the banner of ‘counter-terror’ measures, and how they are used for all citizens in everyday life?

We always think unexpected things will happen to someone else, and everything is rightfully justified in surveillance, until it isn’t.

Labels can be misleading.

One man’s terrorist may be another’s freedom fighter.

One man’s investigative journalist is another’s ‘domestic extremist.’

Who decides who is who?

Has anyone asked in Parliament: Why has religious hate crime escalated by 45% in 2013/14 and what are we doing about it? (up 700 to 2, 273 offences, Crime figures [19])

These aren’t easy questions, but we shouldn’t avoid asking them because it’s difficult.

I think we should ask: do we have laws which discriminate by religion, censor our young people’s education, or store information about us which is used in ways we don’t expect or know about?

Our MPs are after all, only people like us, who represent us, and who make decisions about us, which affect us. And on 7th May, they may be about to change.

As a mother, whoever wins the next General Election matters to me because it will affect the next five years or more, of what policies are made which will affect our children, and all of us as citizens.

It should be clear what these programmes are and there should be no reason why it’s not transparent.

“To counter terrorism, society needs more than labels and laws. We need trust in authority and in each other.”

We need trust in authority and in each other in our society, built on a strong and simple legal framework and founded on facts, not fears.

So I think this should be an election issue. What does each party plan on surveillance to resolve the issues outlined by journalists, lawyers and civil society? What applied programmes does each party see that will be, in practical terms: “for all of us in our schools, in our communities, in our families to tackle this.”

If you agree, then you could ask your MP, and ask your prospective parliamentary candidates. What is already done in real life and what are their future policies?

Let’s understand ‘the war on terror’ at home better, and its real impacts. These laws and programmes should be transparent, easy to understand, and not only legal, but clearly just, and proportionate.

Let’s get back to some of the basics, and respect the rights of our children.

Let’s start to untangle this spaghetti of laws; the programmes, that affect us in practice; and understand their measures of success.

Solutions to protecting our children, are neither simple or short term. But they may not always mean more surveillance.

Whether the Secret Service will start recruiting through Mumsnet or not, we could start with better education of us all.

At very least, we should understand what ‘surveillance’ means.

****

If you want to know more detail, I look at this below.

The laws applied in Real Life

Have you ever looked at case studies of how surveillance law is used?

In  one case, a mother and her children’s [1] movements were watched and tracked when a council wasn’t sure if her school application was for the correct catchment area. [It legally used the Regulation of Investigatory Powers Act 2000, (RIPA) [2]

Do you think it is just or fair that  a lawyer’s conversations with his client [3] were recorded and may have been used preparing the trial – when the basis of our justice system is innocent until proven guilty?

Or is it right that journalists’ phone records could be used to identify people by the police, without telling the journalists or getting independent approval, from a judge for example?

ft

These aren’t theoretical questions but stem from real-life uses of laws used in the ‘counter terrorism’ political arena and in practice.

Further programmes store information about every day people which we may find surprising.

In November 2014 it was reported that six British journalists [4] had found out personal and professionally related information had been collected about them, and was stored on the ‘domestic extremist’ database by the Metropolitan Police in London.

They were not criminal nor under surveillance for any wrongdoing.

One of the journalists wrote in response in a blog post on the NUJ website [5]:

“…the police have monitored public interest investigations in my case since 1999. More importantly if the police are keeping tabs on a lightweight like myself then they are doing the same and more to others?”

Ever participated in a protest and if not reported on one?

‘Others’ in that ‘domestic extremist list’ might include you, or me.

Current laws may be about to change [6] (again) and perhaps for the good, but will yet more rushed legislation in this area be done right?

There are questions over the detail and what will actually change. There are multiple bills affecting security, counter-terrorism and data access in parliament, panels and reviews going on in parallel.

The background which has led to this is the culmination of lots of concern and pressure over a long period of time focuses on one set of legal rules, in the the Regulation of Investigatory Powers Act (RIPA).

The latest draft code of practice [7] for the Regulation of Investigatory Powers Act (RIPA) [8] allows the police and other authorities to continue to access journalists’ and other professionals’ communications without any independent process or oversight.

‘Nothing to hide, nothing to fear’, is a phrase we hear said of surveillance but as these examples show, its use is widespread and often unexpected, not in extremes as we are often told.

David Cameron most recently called for ever wider surveillance legislation, again in The Telegraph, Jan 12 2015  saying:[9]

“That is why in extremis it has been possible to read someone’s letter, to listen to someone’s telephone, to mobile communications.”

Laws and programmes enable and permit these kinds of activity which are not transparent to the broad public. Is that right?

The Deregulation bill has changes, which appear now to have been amended to keep the changes affecting journalists in PACE [10] laws after all, but what effects are there for other professions and how exactly will this change interact with further new laws such as the Counter Terrorism and Security Act [p20]? [11]

It’s understandable that politicians are afraid of doing nothing, if a terrorist attack takes place, they are at risk of looking like they failed.

But it appears that politicians may have got themselves so keen to be seen to be doing ‘something’ in the face of terror attacks, that they are doing too much, in the wrong places, and we have ended up with a legislative spaghetti of simultaneous changes, with no end in sight.

It’s certainly no way to make legal changes understandable to the British public.

Political change may come as a result of the General Election. What implications will it have for the applied ‘war-on-terror’ and average citizen’s experience of surveillance programmes in real life?

What do we know about how we are affected? The harm to some in society is real, and is clearly felt in some, if not all communities. [12]

Where is the evidence to include in the debate, how laws affect us in real life and what difference they make vs their intentions?

Anti-terror programmes in practice; in schools & surgeries

In addition to these changes in law, there are a number of programmes in place at the moment.

The Prevent programme?[16] I already mentioned above.

Its expansion to wider settings would include our children from age 2 and up, who will be under an additional level of scrutiny and surveillance [criticism of the the proposal has come across the UK].

How might what a three year old says or draws be interpreted, or recorded them about them, or their family? Who accesses that data?

What film material is being produced that is: ” distributed directly by these organisations, with only a small portion directly badged with government involvement” and who is shown it and why? [Review of Australia‘s Counter Terror Machinery, February 2015] [17]

What if it’s my child who has something recorded about them under ‘Prevent’? Will I be told? Who will see that information?  What do I do if I disagree with something said or stored about them?

Does surveillance benefit society or make parts of it feel alienated and how are both its intangible cost and benefit measured?

When you combine these kinds of opaque, embedded programmes in education or social care  with political thinking which could appear to be based on prejudice not fact [18], the outcomes could be unexpected and reminiscent of 1930s anti-religious laws.

Baroness Hamwee raised this concern in the Lords on the 28th January, 2015 on the Prevent Programme:

“I am told that freedom of information requests for basic statistics about Prevent are routinely denied on the basis of national security. It seems to me that we should be looking for ways of providing information that do not endanger security.

“For instance, I wondered how many individuals are in a programme because of anti-Semitic violence. Over the last day or two, I have been pondering what it would look like if one substituted “Jewish” for “Muslim” in the briefings and descriptions we have had.” Baroness Hamwee:  [28 Jan 2015 : Column 267 -11]

“It has been put to me that Prevent is regarded as a security prism through which all Muslims are seen and that Muslims are suspect until proved otherwise. The term “siege mentality” has also been used.

“We have discussed the dangers of alienation arising from the very activities that should be part of the solution, not part of the problem, and of alienation feeding violence. […]

“Transparency is a very important tool … to counter those concerns.”

Throughout history good and bad are dependent on your point of view. In 70s London, but assuming today’s technology, would all Catholics have come sweepingly under this extra scrutiny?

“Early education funding regulations have been amended to ensure that providers who fail to promote the fundamental British values of democracy, the rule of law, individual liberty and mutual respect and tolerance for those with different faiths and beliefs do not receive funding.” [consultation guidance Dec 2014]

The programme’s own values seem undermined by its attitudes to religion and individual liberty. On universities the same paragraph on ‘freedom of speech’ suggests restrictive planning measures on protest meetings and IT surveillance for material accessed for  ‘non-research purposes’.

School and university is a time when our young people explore all sorts of ideas, including to be able to understand and to criticise them. Just looking at material online should not necessarily have any implications.  Do we really want to censor what our young people should and should not think about, and who is deciding the criteria?

For families affected by violence, nothing can justify their loss and we may want to do anything to justify its prevention.

But are we seeing widespread harm in society as side effects of surveillance programmes?

We may think we live in a free and modern society. History tells us all too easily governments can change a slide into previously unthinkable directions. It would be complacent to think, ‘it couldn’t happen here.’

Don’t forget, religious hate crime escalated by 45% in 2013/14 Crime figures [19])

Writers self-censor their work.  Whistleblowers may not come forward to speak to journalists if they feel actively watched.

Terrorism is not new.

Young people with fervour to do something for a cause and going off ‘to the fight’ in a foreign country is not new.

In the 1930s the UK Government made it illegal to volunteer to fight in Spain in the civil war, but over 2,000 went anyway.

New laws are not always solutions. especially when ever stricter surveillance laws, may still not mean any better accuracy of terror prevention on the ground. [As Charlie Hebdo and Copenhagen showed. in these cases the people involved were known to police. In the case of Lee Rigby it was even more complex.]

How about improving our citizens’ education and transparency about what’s going on & why, based on fact and not fear?

If the state shouldn’t nanny us, then it must allow citizens and parents the transparency and understanding of the current reality, to be able to inform ourselves and our children in practical ways, and know if we are being snooped on or surveillance recorded.

There is an important role for cyber experts in/and civil society to educate and challenge MPs on policy. There is also a very big gap in practical knowledge for the public, which should be addressed.

Can  we trust that information will be kept confidential that I discuss with my doctor or lawyer or if I come forward as a whistleblower?

Do I know whether my email and telephone conversations, or social media interactions are being watched, actively or by algorithms?

Do we trust that we are treating all our young people equally and without prejudice and how are we measuring impact of programmes we impose on them?

To counter terrorism, society needs more than labels and laws

We need trust in authority and in each other in our society, built on a strong and simple legal framework and founded on facts, not fears.

If the Prevent programme is truly needed at this scale, tell us why and tell us all what our children are being told in these programmes.

We should ask our MPs even though consultation is closed, what is the evidence behind the thinking about getting prevent into toddler settings and far more? What risks and benefits have been assessed for any of our children and families who might be affected?

Do these efforts need expanded to include two-year-olds?

Are all efforts to keep our kids and society safe equally effective and proportionate to potential and actual harm caused?

Alistair MacDonald QC, chairman of the Bar Council, said:

‘As a caring society, we cannot simply leave surveillance issues to senior officers of the police and the security services acting purportedly under mere codes of practice.

What is surely needed more than ever before is a rigorous statutory framework under which surveillance is authorised and conducted.”

Whether we are disabled PIP protesters outside parliament or mothers on the school run, journalists or lawyers, doctors or teachers, or anyone, these changes in law or lack of them, may affect us. Baroness Hamwee clearly sees harm caused in the community.

Development of a future legislative framework should reflect public consensus, as well as the expert views of technologists, jurists, academics and civil liberty groups.

What don’t we know? and what can we do?

According to an Ipsos MORI poll for the Evening Standard on October 2014 [20] only one in five people think the police should be free to trawl through the phone records of journalists to identify their sources.

Sixty-seven per cent said the approval of a judge should be obtained before such powers are used.

No one has asked the public if we think the Prevent programme is appropriate or proportionate as far as I recall?

Who watches that actions taken under it, are reasonable and not reactionary?

We really should be asking; what are our kids being shown, taught, informed about or how they may be  informed upon?

I’d like all of that in the public domain, for all parents and guardians. The curriculum, who is teaching and what materials are used.

It’s common sense to see that young people who feel isolated or defensive are less likely to talk to parents about their concerns.

It is a well known quote in surveillance “Nothing to hide, nothing to fear.” But this argument is flawed, because information can be wrong.

‘Nothing to fear, nowhere to hide’, may become an alternative meme we hear debated again soon, about surveillance if the internet and all communications are routinely tracked, without oversight.

To ensure proper judicial oversight in all these laws and processes – to have an independent judge give an extra layer of approval – would restore public trust in this system and the authority on which it depends.

It could pave the way for a new hope of restoring the checks and balances in many governance procedures, which a just and democratic society deserves.

As Roosevelt said: “let me assert my firm belief that the only thing we have to fear is fear itself—nameless, unreasoning, unjustified terror.”

 

******

[On Channel4OD: Channel 4 – Oscar winning, ‘CitizenFour’  Snowden documentary]

References:

[1] The Guardian, 2008, council spies on school applicants

[2] Wikipedia RIPA legislation

[3] UK admits unlawfully monitoring communications

[4] http://www.theguardian.com/uk-news/2014/nov/20/police-legal-action-snooping-journalists

[5] Journalist’s response

[6] SOS Campaign

[7] RIPA Consultation

[8] The RIPA documents are directly accessible here

[9] The Telegraph

[10] Deregulation Bill

[11] Counter Terrorism and Security Act 2015

[12] Baroness Hamwee comments in the House of Lords [Hansard]

[13] Consultation response by charity Children in Scotland

[14] The Telegraph, Anti-terror plan to spy on toddlers ‘is heavy-handed’

[15] GPs told to specify counter terrorism leads [Prevent]

[16] The Prevent programme, BBC / 2009 Prevent programme for schools

[17] Review of Australia’s CT Machinery

[18] Boris Johnson, March 2014

[19] Hate crime figures 2013-14

[20] Ipsos MORI poll, October 2014

 

******

 image credit: ancient history

MORE: click the link below

Continue reading Nothing to fear, nowhere to hide – a mother’s attempt to untangle UK surveillance law and programmes

Human Rights – real threats today vs theories of tomorrow

Theories on Thursday, furore on Friday. By Saturday the social media had hit the fan.

What we must remember whilst caught up in the recent Human Rights fuss, is that this is discussing a future theory. In practice, we are at risk of missing three* current and upcoming human rights threats, which are very real.

Whilst future policy change may already be doing harm to the spirit of the human rights law and those ideals today, current policies are having effect today in practice.

The Deregulation Bill, and other current policies and projects.

Regular readers will know, I have followed closely the care.data plans [see past posts] to extract our confidential GP medical records and centrally store, sell and share the information.

I hadn’t realised until recently why I care so strongly about doing this the right way. It simply felt wrong that the original plan was not to inform patients at all, and not ask for consent to remove the foundation stone of our confidentiality. The delayed plan, had a terrible junk-mail leaflet drop.

The current extraction plan is pending [roadmap end of page], but details unknown.

I have concerns about how it will harm the trust in the patient-GP relationship, potentially discriminate and segment certain groups and  I’m still unhappy how open the records will be for use by third parties, not for clinical care. There needs work done to make it done well, and to be transparent and trustworthy for patients.

But I’ve realised now, it feels wrong, simply because it impinges on one of our basic human rights. Our right to privacy.

This post is not about care.data per se, but the recent Bill of Rights debate made me take a closer look at the bigger picture.

There are many discussing this, far better informed on human rights than me. But perhaps it’s time the ordinary public pay more attention to our rights, and where they fit into our lives in the UK. Rights which are easily eroded if we don’t pay attention.

I’ve had a look at the current Bill proposal [my notes & comment at the end], but at least for now, I’m more concerned about the actual plans already underway, which will in  practice,  affect the application of our human rights today, and we may not know it.

There are at least three real changes in legislation right now which I believe should command our attention.

First, the Deregulation Bill.

This Bill will go to the Lords Committee stage on October 21st.

This is a real and present threat to human rights, as stated in the Joint Committee Report on Human Rights, June 14th 2014:

The Bill provides that a person exercising a regulatory function specified by the Minister:

 

The Government intends this economic growth duty to apply to the EHRC. We believe that applying this growth duty to the EHRC poses a significant risk to the EHRC’s independence, and therefore to its compliance with the Paris Principles and the Equal Treatment Directives as implemented by the Equality Act 2010. The Government is therefore risking the possibility of the EHRC’s accredited “A” status being downgraded and of putting the UK in breach of its obligations under EU equality law. Unless the continuing discussions between the Government and the Commission satisfy the Commission that the growth duty will not in any way impact upon its independence, we recommend that this duty not be applied to the EHRC.
Sections of the Deregulation Act currently passing through Parliament suggest the removal of any regulation that conflicts with the interests of a profit-maker. There are other domestic and regulatory bodies for which we should carefully consider this implication, not least from my perspective, in the NHS.

 

The Deregulation Bill creates a conflict when a law must consider commercial gain above human rights.

Further;

“The Bill would remove the power conferred on employment tribunals by the Equality Act to make wider recommendations in discrimination cases.”

 

The EHRC regards the power [conferred on employment tribunals] as useful, both for the employer to whom the recommendation is made and to the Commission itself for following up tribunal decisions, and it does not consider that sufficient evidence has been gathered to make out the case for abolition. We therefore recommend that the power of employment tribunals to make wider recommendations in discrimination cases should be retained.”

 

 

 

The Deregulation Bill also poses some concern for those interested in the requisition process for information, and press representation groups spoke out, worried it offers a back-door for seizing journalists’ material.

 

Seen all together, aspects of the Bill which is a mish-mash of all sorts of subjects, which was derided in some reports as being about knitting yarn, means it may well be a wolf in sheep’s clothing when it comes to human rights.

 

Second and Third, the recent changes in legislation & access

Other real threats to our universal human rights in the UK, I consider as points two and three, are already having an effect.

Recent legal changes to both a) the legal aid and b) the judicial review processes mean it is harder for many people to use the available processes due to cost.

(current consultation closing October 15th here and anyone can write to their MP for support, guidance at end of page.)

This results in inequality to use rights, which should be human rights for all by creating:

1. restrictions of individual access  (who can get a fair trial, the ability to appeal)

 

and

 

2. reducing the universality of application to human rights law (limiting the circumstances and reasons ‘the how and when’ under which rights may be applied)

 

 

These are the changes in progress right now. So what of the actual projects underway or recently effected?

 

Current threats in practice to our UK Human Rights

Mr. Grayling said this week that any future policy change will continue to ensure to promote the values of individual human dignity, equal treatment and fairness as the foundations of a democratic society. Many disagree.

The whole debate of this future policy change may already be doing real harm to the spirit of the law and those ideals today.

In my opinion, current actions are having real effect today in practice which risk undermining rather than strengthening our position towards universal human rights.

Current government policies and projects sign-post current thinking on the value of universal human rights and future direction.

Consider three things:

1. the recent changes which undermine access to use our rights, [access and universal applicability for all]
2. what value rights are given within current policies and practices,
3. the direction of travel in recent legislation, such as in surveillance, affecting universal rights for all.

It should come as no surprise then to hear of a more wholesale move towards the removal of rights in the proposal to repeal the Human Rights Act, and more. Steps have been taken on this path for some time.

A current sample of some areas with flaws in their approach to human rights include from my lay perspective:

If we in the ordinary public, in response to the proposals this week, are now concerned about about the theoretical threats to human rights by a potential future government, and care about getting it right, I’d suggest we:

don’t wait to worry about what might be in June next year. Encourage those who can, such as our MPs, to look at these real and practical human rights’ threats today. Support MPs & others who are.

Start the list, with the Deregulation Bill.  (Unless NHS England Patient & Information Directorate decide to begin care.data extractions before October 21st.) Watch this space.

************************
*there is clearly more of significance in this area, with which those better informed and active than me would say is missing, but with which I’ve not taken as close an interest. The Deregulation Bill will potentially affect NHS bodies, and I’ve looked at it before on care.data.

Notes on the proposals, and my references below:

************************

Reference sites:

The Deregulation Bill was introduced in the House of Commons on 23 January 2014. It received its Second Reading in the Commons on 4 February 2014, completed its Committee Stage on 25 March and began its Report Stage on 14 May. The Bill has been carried over to the next Session of Parliament. The Bill was preceded by a draft Deregulation Bill which was subject to pre-legislative scrutiny by the ad hoc Joint Committee on the Draft Deregulation Bill.

************************
For your reference and to their credit, I’ve found the following three websites useful and kept up to date with care.data information:

Dr. Bhatia, GP in Hampshire’s care.data info site

HSCIC care.data site

medConfidential – campaign for confidentiality and consent in health and social care – seeking to ensure that every flow of data into, across and out of the NHS and care system is consensual, safe and transparent

******************

On Legal Aid – consultation responses or write to your MP: http://www.lawsociety.org.uk/news/stories/moj-consultation-on-duty-crime-contracts-support-pack-for-member-responses/

******************

For reference – background Bil of Rights / scrapping the HRA

The theory

The outline future proposal this week suggested, “A majority Conservative Government will scrap Labour’s Human Rights Act, and will end the ability of the European Court of Human Rights to order changes to British laws.” [Jack of Kent, October 2nd]

Some of these plans were discussed here> on the Daily Politics. From 32.30 minutes in.

The plans have been met with widespread criticism in the press and by campaigners showing where the plans are flawed.

Myths abound how human rights are applied inappropriately to whom, and how they lack common sense.

In contrast, real examples have been presented of when the Human Rights Act and ECHR have been used to enhance and protect UK citizens, not least in the Mirror.

Looking to the future, individuals have further pointed out the fundamental flaw if limits of application were to be brought in which would for example, not use the law for ‘trivial cases’.

Tim Hancock, campaigns director of Amnesty UK, said in the International Business Times of this week’s announcement: “This is electioneering on the backs of Europe’s most vulnerable.

“Under these plans human rights would be reserved for only those people the Government decides should get them.”

Whilst we may each have our own political opinions, it is valuable to stay outside them and see changes objectively.

We must also see past the UKIP defection, knee-jerk reaction which conflates everything ‘Europe’, into something from which which the UK could ‘opt out’. As long as Britain remains a signatory to the ECHR, UK citizens could still directly petition the European Court of Human Rights in Strasburg to hear their case. In fact, could be more likely to, rather than go through the British courts first. These proposals conflate the 1951 Convention on Human Rights, the UK 1998 Human Rights Act and our rights under current European law, and more.

If next May, a Conservative majority were to be elected, this proposal might form a basis of proposed legislative changes.

It is highly unlikely to be as is, or without debate. It is a partisan approach which ignores the fact that cross parliamentary support would likely be needed, as was the case when Parliament voted in favour of the introduction of the UK Human Rights Act in 1998.

But that is an if, and thus far, actually moving towards this legislative change is theoretical.

 

 

care.data should be like playing Chopin – or will it be all the right notes, but in the wrong order? [Part one]

Five months after the most recent delay to the care.data launch, I’ve come to the conclusion that we must seek long-term excellence in its performance, not content ourselves with a second-rate dress rehearsal.

“Sharing our medical records, is like playing Chopin. Done well, it has the potential to demonstrate brilliance. It separates the good, the bad and the ugly, from the world-class players.  But will we get it right, or will we look back at repeat dire performances and can say, we knew all the right notes, but got them all in the wrong order?”

Around 100 interested individuals filled a conference room at the King’s Fund, on Cavendish Square in London last Monday, July 21st, where the Health and Social Care Information Centre (HSCIC) [1] held a meeting to publicly discuss the Partridge Review [2] and HSCIC data sharing policies, practices and stakeholder expectations going forward.  Driving Positive Change.[3]

The vast majority were from organisations which are data users, some names familiar from the care.data press coverage in spring, [Beacon Consulting, Harvey Walsh] plus many university and charity driven researchers.

Sir Kingsley Manning, Sir Nick Partridge and Andy Williams [The  CEO since April 2014] all representing HSCIC, spoke about the outcomes of the PWC audit, which sampled 10% of the releases of identifiable or pseudonymous data sharing agreements for closer review, and what is termed ‘Back Office’ access (by the police, Home Office, court orders) in the eight years as the NHS IC prior to the HSCIC rebrand and changes on April 1st, 2013.

“The standard PwC methodology was adopted for sample testing data releases with the prevailing governance arrangements. Samples were selected for each of the functional areas under review. Of the total number of data releases identified (3,059); approximately a 10% sample was tested in total.” (Report, Data Release Review June 2014)

I believe it is of value to understand how we got here as well as the direction in which the HSCIC is moving. This is what the meeting sought to do, to first look back and then look forward. They are Data Controller and Processor of our health records and personal identifiable data. As care.data pathfinder pilots approach at a pace, set for ‘autumn’, the changes in the current processes and procedures for data handling will not only effect records which are already held, from our hospital care and other health settings‘, but they will have a direct effect on how our medical records extracted from GP practices will be treated, for care [dot] data in the future.

Data Management thus far has failed to meet the standards of world class delivery; in collection, governance and release

After the event, walking back to the train home, I passed the house from which Chopin left, to play his last concert. [4]

It made me think, that sharing our medical records, is like playing Chopin. Done well, it has potential for brilliance. It separates the good, the bad and the ugly, from the world-class players. Even more so, when played as part of suite, where standards are understood and interoperable . Data sharing demands technical precision, experience and discipline. Equally, gone wrong, we can look back at past performances and say, we had world class potential and knew all the right notes, but got them all in the wrong order. Where did we fail? Will we learn, or let it repeat?

The 2.5 hour event, focused more on the attendees’ main interest, how they will be affected by any changes in the release process. Some had last received data before the care.data debacle in February put a temporary halt on releases.

As a result of planned changes, will some current data customers find, that they have already received data for the last time, I wonder?

After the initial review of the critical findings in the Partridge report, the discussion centred on listening to suggestions what may be done in England to prevent future fails. But in fact, I think we should be going further. We should be looking at what we are doing in England to be the world-class player that the Prime Minister said he wants.[5]

We are focused on making the best of a bad job, when we could be looking at how to be brilliant.

To me, the meeting missed a fundamental point. Before they decide the finer points of release, they need to ensure there will be data to collect. There was not one mention of the public’s surprise that our data was collected and had been sold or shared with each of them until last spring. So now that the public in part knows about it, the recipients should also consider we are watching them closely.

Data users are being judged as one, by their group performance

What the data recipients may or may not be conscious of, is that they too each are helping to shape the orchestra and will determine the overall sound that is heard outside.

They may not realise that as data recipients, we citizens, the data providers, will see and hear their actions and respond to them all collectively, in terms of what impact it may have on our opt in/out decision.

I heard on Monday one or two shriller voices from global data intermediaries claiming that others had been receiving data whilst their own requests had been overlooked. As of last Friday, HSCIC said 627 requests were on standby, waiting for review and to know whether or not they would receive data. Currently HSCIC is getting 70 new requests a month. Bearing in mind the attendees were mostly data users, they can be forgiven that they were mostly concerned about data release and use, but they did in part also raise the importance of correct communication, governance and consent of extraction. They realise without future public trust, there is no future data store.

One consultancy however, seemed to want to blame all the other players for their own past mistakes, though there was no talk of any blame in any discussion otherwise. They asked, what about the approvals process for SUS (Secondary Uses Service data), how are those being audited and approved, is it like HES? How about HSCIC getting their act together on opt out, putting power back in the hands of patients, they asked. What about the National Cancer Registries, ONS (Office of National Statistics), all the data which is not HES, will there be one entrance point to access all these data stores for all requests? And as for insurance concerns by patients, the same said, people were foolish to be concerned. Why, “if they don’t get our health data then all the premiums will go up.”

My my, it did feel a little like a Diva having a tantrum at the rest of the performers for messing up her part. And she would darn well pull the rest of them into the pit with her if she was going to get cancelled. In true diva style, I’m sure that company didn’t even realise it.

But all those data recipients are in the same show now – if one of them screws up badly, the critics will slam them all. And with it, their providers of data, we patients, will not share our data. Consent and confidentiality are golden tickets and will not be given up lightly. If  all the data-using players perform well, abide by the expected standards, and treat both critics, audience and each other with proper etiquette, then they will get their pay, and get to stay in the show. But it won’t be a one time deal. They will need to learn continuously, do whatever the show conductor asks, and listen and learn from the critics as they perform in future, not slacking off or getting complacent.

Whilst the meeting discussed past failings in the NHS IC, I hope the organisations will consider what has truly shocked the public is some of the uses to which data has been put. How the recipients used it. They need to examine their own practices as much as HSCICs.

The majority of the attendees were playing from the same score, asking future questions which I will address in detail in part two.

The vast majority asked, how will the data lab work? And other Research users asked many similar and related questions. [This from medConfidential [6] whilst on the similar environment for accredited safe havens, goes some way to explaining the principle of a health research remote data lab (HRRDL).]

Governance questions were raised. Penalties were an oft recurring theme and local patient representative group and charity representatives, asked how the new DAAG lay person appointments process would work and be transparent.

Other questions on past data use, were concerned with the volume of Back Office data uses. The volume of police tracing for example. How person tracing by the border agency, particularly with reference to HIV and migrant health, which may reveal data to border agencies which would not normally be shared by the patients’ doctors. “If people are going to have confidence in HSCIC, this was a matter of policy which needed looking at in detail. ” The HSCIC panel noted that they also understood there were serious concerns on the quantity of intra-government departments sharing, the HMRC, Home and Cabinet Offices getting mentions.  “There was debate to be had”, he said.

And  what do you think of the show so far? [7]

They’re collectively recovering from unexpected and catastrophic criticism at the start of the year. It is still having a critical effect on many organisations because they don’t have access to the data exactly as they used to, with a backlog built up after a temporary stop on the flow which was restarted after a couple of months. HSCIC has reviewed themselves, in part, and any smart attendees on Monday will know how each of their organisations have fared. The audit has found some of their weaknesses and sought to address them. There is a huge number of changes, definitions and open considerations under discussion and not yet ready to introduce. They realise there is a great amount of work still to be done, to bring the theory into practice, test it out, edit and get to a point where they are truly ready for a new public performance.

But none of the truly dodgy sounding instruments have been kicked out yet. I would suggest there are simply organisations which are not themselves of the same standards of ethics and physical best practices which deserve to manage our data. They will bring down the whole, and need rejected – the commercial re-use licenses of commercial intermediaries. And the playing habits of the data intermediaries need some careful attention, drawing the line between their clinical support work and their purely commercial purposes. The pace may have slowed down, but data is still flowing out, and there was no recognition that this may be without data protection permission or best practice, if individuals aren’t aware of their data being used in this way. The panel conducted a well organised and orderly discussion, but there were by far more open questions, than answers ready to be given.

What we do now, sets the future stage of all data sharing, in the UK and beyond – to be brilliant, will take time to get right

How HSCIC puts into action and implements the safeguards, processes and their verbal plans to manage data in the short and medium term, will determine much for the future of data governance in England, and the wider world. Not only in terms of the storage and release of data – its technical capability and process governance, but in the approach to data extraction, fair processing, consent, communication and ongoing management.

This is all too important to rush, and I hope that the feedback and suggestions captured on the day will be incorporated into the production. To do so well, will need time and there is no point in some half-ready dress rehearsal when so much is yet to be done.

The next Big Thing – care.data

When it came to care.data, Andy Williams said it had been a serious failing to not recognise that patients view their GP records quite, totally differently, from the records held at a hospital. Sharing their HES data.

“And it is their data, at the end of the day,” he recognised.

So to conclude looking back, I believe where data sharing has reached, is leaps and bounds ahead of where it was six months ago. The Partridge Review and its recommendations recognises there are problems and makes 9 recommendations. There is lots more the workshop suggested for consideration. If HSCIC wants to achieve brilliance, it needs to practise before going out on a public stage again. The excellence of Chopin’s music does not happen by chance, or through passion alone. To achieve brilliance we cannot follow some romantic notion of ‘it will all be alright on the night’. Hard edged, technical experience knows world-class delivery demands more.

So rolling out care.data as a pathfinder model in autumn before so much good preparation can possibly be done, is in my opinion, utterly pointless. In fact, it would be damaging. It will be like pushing  a grade 5 school boy who’s not ready into the limelight, and just wishing him luck, while you wait whistling in the wings. But what will those in charge say?

Will our health data sharing be a virtuoso performance [8]? Or will we end up with a second rate show, where we will look back and say, we had all the right notes, but played them all in the wrong order [9]?

{Update August 6th, official meeting notes courtesy of HSCIC}

I look forward to the future and address this more, as we did in the second part of the meeting, in my post Part Two. [10]

*****

[1] The Health and Social Care Information Centre – HSCIC

[2] The Partridge Review – links to blog post and all report files

[3] HSCIC Driving Positive Change http://www.hscic.gov.uk/article/4824/Driving-positive-change

[4] Chopin’s Last concert in London http://www.chopin-society.org.uk/articles/chopin-last-concert.htm

[5] What are we doing in England to be the world-class player that the Prime Minister said he wants? https://www.gov.uk/government/news/record-800-million-for-groundbreaking-research-to-benefit-patients

[6] A Health Research Remote Data Lab (HRRDL) concept for the ASH consultation – https://medconfidential.org/2014/hrrdls-for-commissioning/

[7] “What do you think of the show so far?” A classic Waldorf and Statler line from the Muppet Show. https://www.youtube.com/watch?v=jJNxj1FdKuo&list=PL1BCB0B838EBE07C6&index=12

[8] Chopin Rubenstein Piano Concerto no.2 with Andre Previn https://www.youtube.com/watch?v=T_GecdMywPw&index=1&list=RDT_GecdMywPw

[9] Classic comedy Morecambe & Wise, with Andre Previn – all the right notes, but not necessarily in the right order https://www.youtube.com/watch?v=-zHBN45fbo8

[10] Blog post part two: care.data is like playing Chopin – or will it be all the right notes, but in the wrong order? [Part two – future]

**** In case care.data is news for you, here is a simple guide via Wired  and a website from GP and Caldicott Guardian Dr. Bhatia > the official NHS England page is here   ****

####

Fun facts: From The Telegraph, 2010: Prince of The Romantics by Adam Zamoyski

“That November farewell, given in aid of a Polish charity, came at the end of a difficult six-month British sojourn, which had included concerts in Manchester (one of the largest audiences he ever faced), Glasgow and Edinburgh, where the non-religious Chopin had unwillingly endured Bible readings by a pious patroness anxious to convert him to the Church of Scotland. Finally back in London, the composer-pianist spent three weeks preparing for what turned out to be his final recital by sitting wrapped in his coat in front of the fire at St James’s Place, attended by London’s leading homeopath and the Royal Physician, a specialist in tuberculosis. A week after the concert, he was on his way home to Parisian exile and death the following year.”

Born Zelazowa Wola, Poland of a French emigrant father and Polish mother, he left Poland aged 20, never to return. Well known and by some controversially for his long romantic liaison with novelist George Sand (Aurore Dudevant) after they separated his health failed and in 1848 he paid a long visit to Britain where he gave his last public performance at the Guildhall. He died in Paris.

That’s the power of artists’ privacy.

“That’s the power of artists’ privacy. It preserves the melodies otherwise drowned out by words, stories, information.”

Joshua Rothman – in The New Yorker

This article in The New Yorker on July 9th 2014, is a keeper. So I just had to keep a post linked here for posterity. He begins:

“These days, when we use the word “privacy,” it usually has a political meaning. We’re concerned with other people and how they might affect us. We think about how they could use information about us for their own ends, or interfere with decisions that are rightfully ours. We’re mindful of the lines that divide public life from private life. We have what you might call a citizen’s sense of privacy.

That’s an important way to think about privacy, obviously. But there are other ways. ”  Read on here >> just, perfect.

Virginia Woolf, 25th January 1882 – 28th March 1941

“To be silent; to be alone. All the being and the doing, expansive, glittering, vocal, evaporated; and one shrunk, with a sense of solemnity, to being oneself…”