Category Archives: commercial

Policy shapers, product makers, and profit takers (2)

Corporate capture

Companies are increasingly in controlling positions of the tech narrative in the press. They are funding neutral third-sector orgs’ and think tanks’ research. Supporting organisations advising on online education. Closely involved in politics. And sit increasingly, within the organisations set up to lead the technology vision, advising government on policy and UK data analytics, or on social media, AI and ethics.

It is all subject to corporate capture.

But is this healthy for UK public policy and the future not of an industry sector, but a whole technology, when it comes to AI?

If a company’s vital business interests seem unfazed by the risk and harm they cause to individuals — from people who no longer trust the confidentiality of the system to measurable harms — why should those companies sit on public policy boards set up to shape the ethics they claim we need, to solve the problems and restore loss of trust that these very same companies are causing?

We laud people in these companies as co-founders and forward thinkers on new data ethics institutes. They are invited to sit on our national boards, or create new ones.

What does that say about the entire board’s respect for the law which the company breached? It is hard not to see it signal acceptance of the company’s excuses or lack of accountability.

Corporate accountability

The same companies whose work has breached data protection law, multiple ways, seemingly ‘by accident’ on national data extractions, are those companies that cross the t’s and dot the i’s on even the simplest conference call, and demand everything is said in strictest confidence. Meanwhile their everyday business practices ignore millions of people’s lawful rights to confidentiality.

The extent of commercial companies’ influence on these boards is  opaque. To allow this ethics bandwagon to be driven by the corporate giants surely eschews genuine rights-based values, and long-term integrity of the body they appear to serve.

I am told that these global orgs must be in the room and at the table, to use the opportunity to make the world a better place.

These companies already have *all* the opportunity. Not only monopoly positions on their own technology, but the datasets at scale which underpin it, excluding new entrants to the market. Their pick of new hires from universities. The sponsorship of events. The political lobbying. Access to the media. The lawyers. Bottomless pockets to pay for it all. And seats at board tables set up to shape UK policy responses.

It’s a struggle for power, and a stake in our collective future. The status quo is not good enough for many parts of society, and to enable Big Tech or big government to maintain that simply through the latest tools, is a missed chance to reshape for good.

You can see it in many tech boards’ make up, and pervasive white male bias. We hear it echoed in London think tank conferences, even independent tech design agencies, or set out in some Big Tech reports. All seemingly unconnected, but often funded by the same driving sources.

These companies are often those that made it worse to start with, and the very ethics issues the boards have been set up to deal with, are at the core of their business models and of their making.

The deliberate infiltration of influence on online safety policy for children, or global privacy efforts is very real, explicitly set out in the #FacebookEmails, for example.

We will not resolve these fundamental questions, as long as the companies whose business depend on them, steer national policy. The odds will be ever in their favour.

At the same time, some of these individuals are brilliant. In all senses.

So what’s the answer. If they are around the table, what should the UK public expect of their involvement, and ensure in whose best interests it is? How do we achieve authentic accountability?

Whether it be social media, data analytics, or AI in public policy, can companies be safely permitted to be policy shapers if they wear all the hats; product maker, profit taker, *and* process or product auditor?

Creating Authentic Accountability

At minimum we must demand responsibility for their own actions from board members who represent or are funded by companies.

  1. They must deliver on their own product problems first before being allowed to suggest solutions to societal problems.
  2. There should be credible separation between informing policy makers, and shaping policy.
  3. There must be total transparency of funding sources across any public sector boards, of members, and those lobbying them.
  4. Board members must be meaningfully held accountable for continued company transgressions on rights and freedoms, not only harms.
  5. Oversight of board decision making must be decentralised, transparent and available to scrutiny and meaningful challenge.

While these new bodies may propose solutions that include public engagement strategies, transparency, and standards, few propose meaningful oversight. The real test is not what companies say in their ethical frameworks, but in what they continue to do.

If they fail to meet legal or regulatory frameworks, minimum accountability should mean no more access to public data sets and losing positions of policy influence.

Their behaviour needs to go above and beyond meeting the letter of the law, scraping by or working around rights based protections. They need to put people ahead of profit and self interests. That’s what ethics should mean, not be a PR route to avoid regulation.

As long as companies think the consequences of their platforms and actions are tolerable and a minimal disruption to their business model, society will be expected to live with their transgressions, and our most vulnerable will continue to pay the cost.


This is part 2 of thoughts on Policy shapers, product makers, and profit takers — data and AI. Part 1 is here.

Are UK teacher and pupil profile data stolen, lost and exposed?

Update received from Edmodo, VP Marketing & Adoption, June 1:


While everyone is focused on #WannaCry ransomware, it appears that a global edTech company has had a potential global data breach that few are yet talking about.

Edmodo is still claiming on its website it is, “The safest and easiest way for teachers to connect and collaborate with students, parents, and each other.” But is it true, and who verifies that safe is safe?

Edmodo data from 78 million users for sale

Matt Burgess wrote in VICE: “Education website Edmodo promises a way for “educators to connect and collaborate with students, parents, and each other”. However, 78 million of its customers have had their user account details stolen. Vice’s Motherboard reports that usernames, email addresses, and hashed passwords were taken from the service and have been put up for sale on the dark web for around $1,000 (£700).

“Data breach notification website LeakBase also has a copy of the data and provided it to Motherboard. According to LeakBase around 40 million of the accounts have email addresses connected to them. The company said it is aware of a “potential security incident” and is investigating.”

The Motherboard article by Joseph Cox, says it happened last month. What has been done since? Why is there no public information or notification about the breach on the company website?

Joseph doesn’t think profile photos are at risk, unless someone can log into an account. He was given usernames, email addresses, and hashed passwords, and as far as he knows, that was all that was stolen.

“The passwords have apparently been hashed with the robust bcrypt algorithm, and a string of random characters known as a salt, meaning hackers will have a much harder time obtaining user’s actual login credentials. Not all of the records include a user email address.”

Going further back, it looks like Edmodo’s weaknesses had already been identified 4 years ago. Did anything change?

So far I’ve been unable to find out from Edmodo directly. There is no telephone technical support. There is no human that can be reached dialling the headquarters telephone number.

Where’s the parental update?

No one has yet responded to say whether UK pupils and teachers’ data was among that reportedly stolen. (Update June 1, the company did respond with confirmation of UK users involved.)

While there is no mention of the other data the site holds being in the breach, details are as yet sketchy, and Edmodo holds children’s data. Where is the company assurance what was and was not stolen?

As it’s a platform log on I would want to know when parents will be told exactly what was compromised and how details have been exposed. I would want clarification if this could potentially be a weakness for further breaches of other integrated systems, or not.

Are edTech and IoT toys fit for UK children?

In 2016, more than 727,000 UK children had their information compromised following a cyber attack on VTech, including images. These toys are sold as educational, even if targeted at an early age.

In Spring 2017, CloudPets, the maker of Internet of Things teddy bears, “smart toys” left more than two million voice recordings from children online without any security protections and exposing children’s personal details.

As yet UK ministers have declined our civil society recommendations to act and take steps on the public sector security of national pupil data or on the private security of Internet connected toys and things. The latter in line with Germany for example.

It is right that the approach is considered. The UK government must take these risks seriously in an evidence based and informed way, and act, not with knee jerk reactions. But it must act.

Two months after Germany banned the Cayla doll, we still had them for sale here.

Parents are often accused of being uninformed, but we must be able to expect that our products pass a minimum standard of tech and data security testing as part of pre-sale consumer safety testing.

Parents have a responsibility to educate themselves to a reasonable level of user knowledge. But the opportunities are limited when there’s no transparency. Much of the use of a child’s personal data and system data’s interaction with our online behaviour, in toys, things, and even plain websites remains hidden to most of us.

So too, the Edmodo privacy policy contained no mention of profiling or behavioural web tracking, for example. Only when this savvy parent spotted it was happening, it appears the company responded properly to fix it. Given strict COPPA rules it is perhaps unsurprising, though it shouldn’t have happened at all.

How will the uses of these smart toys, and edTech apps be made safe, and is the government going to update regulations to do so?

Are public sector policy, practice and people, fit for managing UK children’s data privacy needs?

While these private edTech companies used directly in schools can expose children to risk, so too does public data collected in schools, being handed out to commercial companies, by government departments. Our UK government does not model good practice.

Two years on, I’m still working on asking for fixes in basic national pupil data improvement.  To make safe data policy, this is far too slow.

The Department for Education is still cagey about transparency, not telling schools it gives away national pupil data including to commercial companies without pupil or parental knowledge, and hides the Home Office use, now on a monthly basis, by not publishing it on a regular basis.

These uses of data are not safe, and expose children to potential greater theft, loss and selling of their personal data. It must change.

Whether the government hands out children’s data to commercial companies at national level and doesn’t tell schools, or staff in schools do it directly through in-class app registrations, it is often done without consent, and without any privacy impact assessment or due diligence up front. Some send data to the US or Australia. Schools still tell parents these are ‘required’ without any choice. But have they ensured that there is an equal and adequate level of data protection offered to personal data that they extract from the SIMs?

 

School staff and teachers manage, collect, administer personal data daily, including signing up children as users of web accounts with technology providers. Very often telling parents after the event, and with no choice. How can they and not put others at risk, if untrained in the basics of good data handling practices?

In our UK schools, just like the health system, the basics are still not being fixed or good practices on offer to staff. Teachers in the UK, get no data privacy or data protection training in their basic teacher training. That’s according to what I’ve been told so far from teacher trainers, CDP leaders, union members and teachers themselves,

Would you train fire fighters without ever letting them have hose practice?

Infrastructure is known to be exposed and under invested, but it’s not all about the tech. Security investment must also be in people.

Systemic failures seen this week revealed by WannaCry are not limited to the NHS. This from George Danezis could be, with few tweaks, copy pasted into education. So the question is not if, but when the same happens in education, unless it’s fixed.

“…from poor security standards in heath informatics industries; poor procurement processes in heath organizations; lack of liability on any of the software vendors (incl. Microsoft) for providing insecure software or devices; cost-cutting from the government on NHS cyber security with no constructive alternatives to mitigate risks; and finally the UK/US cyber-offense doctrine that inevitably leads to proliferation of cyber-weapons and their use on civilian critical infrastructures.” [Original post]

Google Family Link for Under 13s: children’s privacy friend or faux?

“With the Family Link app from Google, you can stay in the loop as your kid explores on their Android* device. Family Link lets you create a Google Account for your kid that’s like your account, while also helping you set certain digital ground rules that work for your family — like managing the apps your kid can use, keeping an eye on screen time, and setting a bedtime on your kid’s device.”


John Carr shared his blog post about the Google Family Link today which was the first I had read about the new US account in beta. In his post, with an eye on GDPR, he asks, what is the right thing to do?

What is the Family Link app?

Family Link requires a US based google account to sign up, so outside the US we can’t read the full details. However from what is published online, it appears to offer the following three key features:

“Approve or block the apps your kid wants to download from the Google Play Store.

Keep an eye on screen time. See how much time your kid spends on their favorite apps with weekly or monthly activity reports, and set daily screen time limits for their device. “

and

“Set device bedtime: Remotely lock your kid’s device when it’s time to play, study, or sleep.”

From the privacy and disclosure information it reads that there is not a lot of difference between a regular (over 13s) Google account and this one for under 13s. To collect data from under 13s it must be compliant with COPPA legislation.

If you google “what is COPPA” the first result says, The Children’s Online Privacy Protection Act (COPPA) is a law created to protect the privacy of children under 13.”

But does this Google Family Link do that? What safeguards and controls are in place for use of this app and children’s privacy?

What data does it capture?

“In order to create a Google Account for your child, you must review the Disclosure (including the Privacy Notice) and the Google Privacy Policy, and give consent by authorizing a $0.30 charge on your credit card.”

Google captures the parent’s verified real-life credit card data.

Google captures child’s name, date of birth and email.

Google captures voice.

Google captures location.

Google may associate your child’s phone number with their account.

And lots more:

Google automatically collects and stores certain information about the services a child uses and how a child uses them, including when they save a picture in Google Photos, enter a query in Google Search, create a document in Google Drive, talk to the Google Assistant, or watch a video in YouTube Kids.

What does it offer over regular “13+ Google”?

In terms of general safeguarding, it doesn’t appear that SafeSearch is on by default but must be set and enforced by a parent.

Parents should “review and adjust your child’s Google Play settings based on what you think is right for them.”

Google rightly points out however that, “filters like SafeSearch are not perfect, so explicit, graphic, or other content you may not want your child to see makes it through sometimes.”

Ron Amadeo at Arstechnica wrote a review of the Family Link app back in February, and came to similar conclusions about added safeguarding value:

“Other than not showing “personalized” ads to kids, data collection and storage seems to work just like in a regular Google account. On the “Disclosure for Parents” page, Google notes that “your child’s Google Account will be like your own” and “Most of these products and services have not been designed or tailored for children.” Google won’t do any special content blocking on a kid’s device, so they can still get into plenty of trouble even with a monitored Google account.”

Your child will be able to share information, including photos, videos, audio, and location, publicly and with others, when signed in with their Google Account. And Google wants to see those photos.

There’s some things that parents cannot block at all.

Installs of app updates can’t be controlled, so leave a questionable grey area. Many apps are built on classic bait and switch – start with a free version and then the upgrade contains paid features. This is therefore something to watch for.

“Regardless of the approval settings you choose for your child’s purchases and downloads, you won’t be asked to provide approval in some instances, such as if your child: re-downloads an app or other content; installs an update to an app (even an update that adds content or asks for additional data or permissions); or downloads shared content from your Google Play Family Library. “

The child “will have the ability to change their activity controls, delete their past activity in “My Activity,” and grant app permissions (including things like device location, microphone, or contacts) to third parties”.

What’s in it for children?

You could argue that this gives children “their own accounts” and autonomy. But why do they need one at all? If I give my child a device on which they can download an app, then I approve it first.

If I am not aware of my under 13 year old child’s Internet time physically, then I’m probably not a parent who’s going to care to monitor it much by remote app either. Is there enough insecurity around ‘what children under 13 really do online’, versus what I see or they tell me as a parent, that warrants 24/7 built-in surveillance software?

I can use safe settings without this app. I can use a device time limiting app without creating a Google account for my child.

If parents want to give children an email address, yes, this allows them to have a device linked Gmail account to which you as a parent, cannot access content. But wait a minute, what’s this. Google can?

Google can read their mails and provide them “personalised product features”. More detail is probably needed but this seems clear:

“Our automated systems analyze your child’s content (including emails) to provide your child personally relevant product features, such as customized search results and spam and malware detection.”

And what happens when the under 13s turn 13? It’s questionable that it is right for Google et al. to then be able draw on a pool of ready-made customers’ data in waiting. Free from COPPA ad regulation. Free from COPPA privacy regulation.

Google knows when the child reaches 13 (the set-up requires a child’s date of birth, their first and last name, and email address, to set up the account). And they will inform the child directly when they become eligible to sign up to a regular account free of parental oversight.

What a birthday gift. But is it packaged for the child or Google?

What’s in it for Google?

The parental disclosure begins,

“At Google, your trust is a priority for us.”

If it truly is, I’d suggest they revise their privacy policy entirely.

Google’s disclosure policy also makes parents read a lot before you fully understand the permissions this app gives to Google.

I do not believe Family Link gives parents adequate control of their children’s privacy at all nor does it protect children from predatory practices.

While “Google will not serve personalized ads to your child“, your child “will still see ads while using Google’s services.”

Google also tailors the Family Link apps that the child sees, (and begs you to buy) based on their data:

“(including combining personal information from one service with information, including personal information, from other Google services) to offer them tailored content, such as more relevant app recommendations or search results.”

Contextual advertising using “persistent identifiers” is permitted under COPPA, and is surely a fundamental flaw. It’s certainly one I wouldn’t want to see duplicated under GDPR. Serving up ads that are relevant to the content the child is using, doesn’t protect them from predatory ads at all.

Google captures geolocators and knows where a child is and builds up their behavioural and location patterns. Google, like other online companies, captures and uses what I’ve labelled ‘your synthesised self’; the mix of online and offline identity and behavioural data about a user. In this case, the who and where and what they are doing, are the synthesised selves of under 13 year old children.

These data are made more valuable by the connection to an adult with spending power.

The Google Privacy Policy’s description of how Google services generally use information applies to your child’s Google Account.

Google gains permission via the parent’s acceptance of the privacy policy, to pass personal data around to third parties and affiliates. An affiliate is an entity that belongs to the Google group of companies. Today, that’s a lot of companies.

Google’s ad network consists of Google services, like Search, YouTube and Gmail, as well as 2+ million non-Google websites and apps that partner with Google to show ads.

I also wonder if it will undo some of the previous pro-privacy features on any linked child’s YouTube account if Google links any logged in accounts across the Family Link and YouTube platforms.

Is this pseudo-safe use a good thing?

In practical terms, I’d suggest this app is likely to lull parents into a false sense of security. Privacy safeguarding is not the default set up.

It’s questionable that Google should adopt some sort of parenting role through an app. Parental remote controls via an app isn’t an appropriate way to regulate whether my under 13 year old is using their device, rather than sleeping.

It’s also got to raise questions about children’s autonomy at say, 12. Should I as a parent know exactly every website and app that my child visits? What does that do for parental-child trust and relations?

As for my own children I see no benefit compared with letting them have supervised access as I do already.  That is without compromising my debit card details, or under a false sense of safeguarding. Their online time is based on age appropriate education and trust, and yes I have to manage their viewing time.

That said, if there are people who think parents cannot do that, is the app a step forward? I’m not convinced. It’s definitely of benefit to Google. But for families it feels more like a sop to adults who feel a duty towards safeguarding children, but aren’t sure how to do it.

Is this the best that Google can do by children?

In summary it seems to me that the Family Link app is a free gift from Google. (Well, free after the thirty cents to prove you’re a card-carrying adult.)

It gives parents three key tools: App approval (accept, pay, or block), Screen-time surveillance,  and a remote Switch Off of child’s access.

In return, Google gets access to a valuable data set – a parent-child relationship with credit data attached – and can increase its potential targeted app sales. Yet Google can’t guarantee additional safeguarding, privacy, or benefits for the child while using it.

I think for families and child rights, it’s a false friend. None of these tools per se require a Google account. There are alternatives.

Children’s use of the Internet should not mean they are used and their personal data passed around or traded in hidden back room bidding by the Internet companies, with no hope of control.

There are other technical solutions to age verification and privacy too.

I’d ask, what else has Google considered and discarded?

Is this the best that a cutting edge technology giant can muster?

This isn’t designed to respect children’s rights as intended under COPPA or ready for GDPR, and it’s a shame they’re not trying.

If I were designing Family Link for children, it would collect no real identifiers. No voice. No locators. It would not permit others access to voice or images or need linked. It would keep children’s privacy intact, and enable them when older, to decide what they disclose. It would not target personalised apps/products  at children at all.

GDPR requires active, informed parental consent for children’s online services. It must be revocable, personal data must collect the minimum necessary and be portable. Privacy policies must be clear to children. This, in terms of GDPR readiness, is nowhere near ‘it’.

Family Link needs to re-do their homework. And this isn’t a case of ‘please revise’.

Google is a multi-billion dollar company. If they want parental trust, and want to be GDPR and COPPA compliant, they should do the right thing.

When it comes to child rights, companies must do or do not. There is no try.


image source: ArsTechnica

A data sharing fairytale (3): transformation and impact

Part three: It is vital that the data sharing consultation is not seen in a silo, or even a set of silos each particular to its own stakeholder. To do it justice and ensure the questions that should be asked are answered, we must look instead at the whole story and the background setting. And we must ask each stakeholder, what does your happy ending look like?

Parts one and two to follow address public engagement and ethics, this focuses on current national data practice, tailored public services, and local impact of the change and transformation that will result.

What is your happy ending?

This data sharing consultation is gradually revealing to me how disjoined government appears in practice and strategy. Our digital future, a society that is more inclusive and more just, supported by better uses of technology and data in ‘dot everyone’ will not happen if they cannot first join the dots across all of Cabinet thinking and good practice, and align policies that are out of step with each other.

Last Thursday night’s “Government as a Platform Future” panel discussion (#GaaPFuture) took me back to memories of my old job, working in business implementations of process and cutting edge systems. Our finest hour was showing leadership why success would depend on neither. Success was down to local change management and communications, because change is about people, not the tech.

People in this data sharing consultation, means the public, means the staff of local government public bodies, as well as the people working at national stakeholders of the UKSA (statistics strand), ADRN (de-identified research strand), Home Office (GRO strand), DWP (Fraud and Debt strands), and DECC (energy) and staff at the national driver, the Cabinet Office.

I’ve attended two of the 2016 datasharing meetings,  and am most interested from three points of view  – because I am directly involved in the de-identified data strand,  campaign for privacy, and believe in public engagement.

Engagement with civil society, after almost 2 years of involvement on three projects, and an almost ten month pause in between, the projects had suddenly become six in 2016, so the most sensitive strands of the datasharing legislation have been the least openly discussed.

At the end of the first 2016 meeting, I asked one question.

How will local change management be handled and the consultation tailored to local organisations’ understanding and expectations of its outcome?

Why? Because a top down data extraction programme from all public services opens up the extraction of personal data as business intelligence to national level, of all local services interactions with citizens’ data.  Or at least, those parts they have collected or may collect in future.

That means a change in how the process works today. Global business intelligence/data extractions are designed to make processes more efficient, through reductions in current delivery, yet concrete public benefits for citizens are hard to see that would be different from today, so why make this change in practice?

What it might mean for example, would be to enable collection of all citizens’ debt information into one place, and that would allow the service to centralise chasing debt and enforce its collection, outsourced to a single national commercial provider.

So what does the future look like from the top? What is the happy ending for each strand, that will be achieved should this legislation be passed?  What will success for each set of plans look like?

What will we stop doing, what will we start doing differently and how will services concretely change from today, the current state, to the future?

Most importantly to understand its implications for citizens and staff, we should ask how will this transformation be managed well to see the benefits we are told it will deliver?

Can we avoid being left holding a pumpkin, after the glitter of ‘use more shiny tech’ and government love affair with the promises of Big Data wear off?

Look into the local future

Those with the vision of the future on a panel at the GDS meeting this week, the new local government model enabled by GaaP, also identified, there are implications for potential loss of local jobs, and “turkeys won’t vote for Christmas”. So who is packaging this change to make it successfully deliverable?

If we can’t be told easily in consultation, then it is not a clear enough policy to deliver. If there is a clear end-state, then we should ask what the applied implications in practice are going to be?

It is vital that the data sharing consultation is not seen in a silo, or even a set of silos each particular to its own stakeholder, about copying datasets to share them more widely, but that we look instead at the whole story and the background setting.

The Tailored Reviews: public bodies guidance suggests massive reform of local government, looking for additional savings, looking to cut back office functions and commercial plans. It asks “What workforce reductions have already been agreed for the body? Is there potential to go further? Are these linked to digital savings referenced earlier?”

Options include ‘abolish, move out of central government, commercial model, bring in-house, merge with another body.’

So where is the local government public bodies engagement with change management plans in the datasharing consultation as a change process? Does it not exist?

I asked at the end of the first datasharing meeting in January and everyone looked a bit blank. A question ‘to take away’ turned into nothing.

Yet to make this work, the buy-in of local public bodies is vital. So why skirt round this issue in local government, if there are plans to address it properly?

If there are none, then with all the data in the world, public services delivery will not be improved, because the issues are friction not of interference by consent, or privacy issues, but working practices.

If the idea is to avoid this ‘friction’ by removing it, then where is the change management plan for public services and our public staff?

Trust depends on transparency

John Pullinger, our National Statistician, this week also said on datasharing we need a social charter on data to develop trust.

Trust can only be built between public and state if the organisations, and all the people in them, are trustworthy.

To implement process change successfully, the people involved in these affected organisations, the staff, must trust that change will mean positive improvement and risks explained.

For the public, what defined levels of data access, privacy protection, and scope limitation that this new consultation will permit in practice, are clearly going to be vital to define if the public will trust its purposes.

The consultation does not do this, and there is no draft code of conduct yet, and no one is willing to define ‘research’ or ‘public interest’.

Public interest models or ‘charter’ for collection and use of research data in health, concluded that ofr ethical purposes, time also mattered. Benefits must be specific, measurable, attainable, relevant and time-bound. So let’s talk about the intended end state that is to be achieved from these changes, and identify how its benefits are to meet those objectives – change without an intended end state will almost never be successful, if you don’t know start knowing what it looks like.

For public trust, that means scope boundaries. Sharing now, with today’s laws and ethics is only fully meaningful if we trust that today’s governance, ethics and safeguards will be changeable in future to the benefit of the citizen, not ever greater powers to the state at the expense of the individual. Where is scope defined?

There is very little information about where limits would be on what data could not be shared, or when it would not be possible to do so without explicit consent. Permissive powers put the onus onto the data controller to share, and given ‘a new law says you should share’ would become the mantra, it is likely to mean less individual accountability. Where are those lines to be drawn to support the staff and public, the data user and the data subject?

So to summarise, so far I have six key questions:

  • What does your happy ending look like for each data strand?
  • How will bad practices which conflict with the current consultation proposals be stopped?
  • How will the ongoing balance of use of data for government purposes, privacy and information rights be decided and by whom?
  • In what context will the ethical principles be shaped today?
  • How will the transformation from the current to that future end state be supported, paid for and delivered?
  • Who will oversee new policies and ensure good data science practices, protection and ethics are applied in practice?

This datasharing consultation is not entirely for something new, but expansion of what is done already. And in some places is done very badly.

How will the old stories and new be reconciled?

Wearing my privacy and public engagement hats, here’s an idea.

Perhaps before the central State starts collecting more, sharing more, and using more of our personal data for ‘tailored public services’ and more, the government should ask for a data amnesty?

It’s time to draw a line under bad practice.  Clear out the ethics drawers of bad historical practice, and start again, with a fresh chapter. Because current practices are not future-proofed and covering them up in the language of ‘better data ethics’ will fail.

The consultation assures us that: “These proposals are not about selling public or personal data, collecting new data from citizens or weakening the Data Protection Act 1998.”

However it does already sell out personal data from at least BIS. How will these contradictory positions across all Departments be resolved?

The left hand gives out de-identified data in safe settings for public benefit research while the right hands out over 10 million records to the Telegraph and The Times without parental or schools’ consent. Only in la-la land are these both considered ethical.

Will somebody at the data sharing meeting please ask, “when will this stop?” It is wrong. These are our individual children’s identifiable personal data. Stop giving them away to press and charities and commercial users without informed consent. It’s ludicrous. Yet it is real.

Policy makers should provide an assurance there are plans for this to change as part of this consultation.

Without it, the consultation line about commercial use, is at best disingenuous, at worst a bare cheeked lie.

“These powers will also ensure we can improve the safe handling of citizen data by bringing consistency and improved safeguards to the way it is handled.”

Will it? Show me how and I might believe it.

Privacy, it was said at the RSS event, is the biggest concern in this consultation:

“includes proposals to expand the use of appropriate and ethical data science techniques to help tailor interventions to the public”

“also to start fixing government’s data infrastructure to better support public services.”

The techniques need outlined what they mean, and practices fixed now, because many stand on shaky legal ground. These privacy issues have come about over cumulative governments of different parties in the last ten years, so the problems are non-partisan, but need practical fixes.

Today, less than transparent international agreements push ‘very far-reaching chapters on the liberalisation of data trading’ while according to the European Court of Justice these practices lack a solid legal basis.

Today our government already gives our children’s personal data to commercial third parties and sells our higher education data without informed consent, while the DfE and BIS both know they fail processing and its potential consequences: the European Court reaffirmed in 2015 “persons whose personal data are subject to transfer and processing between two public administrative bodies must be informed in advance” in Judgment in Case C-201/14.

In a time that actively cultivates universal public fear,  it is time for individuals to be brave and ask the awkward questions because you either solve them up front, or hit the problems later. The child who stood up and said The Emperor has on no clothes, was right.

What’s missing?

The consultation conversation will only be genuine, once the policy makers acknowledge and address solutions regards:

  1. those data practices that are currently unethical and must change
  2. how the tailored public services datasharing legislation will shape the delivery of government services’ infrastructure and staff, as well as the service to the individual in the public.

If we start by understanding what the happy ending looks like, we are much more likely to arrive there, and how to measure success.

The datasharing consultation engagement, the ethics of data science, and impact on data infrastructures as part of ‘government as a platform’ need seen as a whole joined up story if we are each to consider what success for us as stakeholders, looks like.

We need to call out current data failings and things that are missing, to get them fixed.

Without a strong, consistent ethical framework you risk 3 things:

  1. data misuse and loss of public trust
  2. data non-use because your staff don’t trust they’re doing it right
  3. data is becoming a toxic asset

The upcoming meetings should address this and ask practically:

  1. How the codes of conduct, and ethics, are to be shaped, and by whom, if outwith the consultation?
  2. What is planned to manage and pay for the future changes in our data infrastructures;  ie the models of local government delivery?
  3. What is the happy ending that each data strand wants to achieve through this and how will the success criteria be measured?

Public benefit is supposed to be at the heart of this change. For UK statistics, for academic public benefit research, they are clear.

For some of the other strands, local public benefits that outweigh the privacy risks and do not jeopardise public trust seem like magical unicorns dancing in the land far, far away of centralised government; hard to imagine, and even harder to capture.

*****

Part one: A data sharing fairytale: Engagement
Part two: A data sharing fairytale: Ethics
Part three: A data sharing fairytale: Impact (this post)

Tailored public bodies review: Feb 2016

img credit: Hermann Vogel illustration ‘Cinderella’

Are care.data pilots heading for a breech delivery?

Call the midwife [if you can find one free, the underpaid overworked miracle workers that they are], the care.data ‘pathfinder’ pilots are on their way! [This is under a five minute read, so there should be time to get the hot water on – and make a cup of tea.]

I’d like to be able to say I’m looking forward to a happy new arrival, but I worry care.data is set for a breech birth. Is there still time to have it turned around? I’d like to say yes, but it might need help.

The pause appears to be over as the NHS England board delegated the final approval of directions to their Chair, Sir Malcolm Grant and Chief Executive, Simon Stevens, on Thursday May 28.

Directions from NHS England which will enable the HSCIC to proceed with their pathfinder pilots’ next stage of delivery.

“this is a programme in which we have invested a great deal, of time and thought in its development.” [Sir Malcolm Grant, May 28, 2015, NHS England Board meeting]

And yet. After years of work and planning, and a 16 month pause, as long as it takes for the gestation of a walrus, it appears the directions had flaws. Technical fixes are also needed before the plan could proceed to extract GP care.data and merge it with our hospital data at HSCIC.

And there’s lots of unknowns what this will deliver.**

Groundhog Day?

The public and MPs were surprised in 2014. They may be even more surprised if 2015 sees a repeat of the same again.

We have yet to hear case studies of who received data in the past and would now be no longer eligible. Commercial data intermediaries? Can still get data, the NHS Open Day was told. And they do, as the HSCIC DARS meeting minutes in 2015 confirm.

By the time the pilots launch, the objection must actually work, communications must include an opt out form and must clearly give the programme a name.

I hope that those lessons have been learned, but I fear they have not been. There is still lack of transparency. NHS England’s communications materials and May-Oct 2014 and any 2015 programme board minutes have not been published.

We have been here before.

Back to September 2013: the GPES Advisory Committee, the ICO and Dame Fiona Caldicott, as well as campaigners and individuals could see the issues in the patient leaflet and asked for fixes.The programme went ahead anyway in February 2014 and although foreseen, failed to deliver. [For some, quite literally.]

These voices aren’t critical for fun, they call for fixes to get it right.

I would suggest that all of the issues raised since April 2014, were broadly known in February 2014 before the pause began. From the public listening exercise,  the high level summary captures some issues raised by patients, but doesn’t address their range or depth.

Some of the difficult and unwanted  issues, are still there, still the same and still being ignored, at least in the public domain. [4]

A Healthy New Arrival?

How is the approach better now and what happens next to proceed?

“It seems a shame,” the Walrus said, “To play them such a trick, After we’ve brought them out so far, And made them trot so quick!” [Lewis Carroll]

When asked by a board member: What is it we seek to learn from the pathfinder approach that will guide us in the decision later if this will become a national approach? it wasn’t very clear. [full detail end of post]

First they must pass the tests asked of them by Dame Fiona [her criteria and 27 questions from before Christmas.] At least that was what the verbal background given at the board meeting explained.

If the pilots should be a dip in the water of how national rollouts will proceed, then they need to test not just for today, but at least for the known future of changing content scope and expanding users – who will pay for the communication materials’ costs each time?

If policy keeps pressing forward, will it not make these complications worse under pressure? There may be external pressure ahead as potential changes to EU data protection are expected this year as well, for which the pilot must be prepared and design in advance for the expectations of best practice.

Pushing out the pathfinder directions, before knowing the answers to these practical things and patient questions open for over 16 months, is surely backwards. A breech birth, with predictable complications.

If in Sir Malcolm Grant’s words:

“we would only do this  if we believed it was absolutely critical in the interests of patients.” [Malcom Grant, May 28, 2015, NHS England Board meeting]

then I’d like to see the critical interest of patients put first. Address the full range of patient questions from the ‘listening pause’.

In the rush to just fix the best of a bad job, we’ve not even asked are we even doing the right thing? Is the system designed to best support doctor patient needs especially with the integration “blurring the lines” that Simon Stevens seems set on.

If  focus is on the success of the programme and not the patient, consider this: there’s a real risk too many opt out due to these unknowns. And lack of real choice on how their data gets used. It could be done better to reduce that risk.

What’s the percentage of opt out that the programme deems a success to make it worthwhile?

In March 2014, at a London event, a GP told me all her patients who were opting out were the newspaper reading informed, white, middle class. She was worried that the data that would be included, would be misleading and unrepresentative of her practice in CCG decision making.

medConfidential has written a current status for pathfinder areas that make great sense to focus first on fixing care.data’s big post-election question the opt out that hasn’t been put into effect. Of course in February 2014 we had to choose between two opt outs -so how will that work for pathfinders?

In the public interest we need collectively to see this done well. Another mis-delivery will be fatal. “No artificial timelines?”

Right now, my expectations are that the result won’t be as cute as a baby walrus.

******

Notes from the NHS England Board Meeting, May 28, 2015:

TK said:  “These directions [1] relate only to the pathfinder programme and specify for the HSCIC what data we want to be extracted in the event that Dame Fiona, this board and the Secretary of State have given their approval for the extraction to proceed.

“We will be testing in this process a public opt out, a citizen’s right to opt out, which means that, and to be absolutely clear if someone does exercise their right to opt out, no clinical data will be extracted from their general practice,  just to make that point absolutely clearly.

“We have limited access to the data, should it be extracted at the end of the pathfinder phase, in the pathfinder context to just four organisations: NHS England, Public Health England, the HSCIC and CQC.”

“Those four organisations will only be able to access it for analytic purposes in a safe, a secure environment developed by the Information Centre [HSCIC], so there will be no third party hosting of the data that flows from the extraction.

“In the event that Dame Fiona, this board, the Secretary of State, the board of the Information Centre, are persuaded that there is merit in the data analysis that proceeds from the extraction, and that we’ve achieved an appropriate standard of what’s called fair processing, essentially have explained to people their rights, it may well be that we proceed to a programme of national rollout, in that case this board will have to agree a separate set of directions.”

“This is not signing off anything other than a process to test communications, and for a conditional approval on extracting data subject to the conditions I’ve just described.”

CD said: “This is new territory, precedent, this is something we have to get right, not only for the pathfinders but generically as well.”

“One of the consequences of having a pathfinder approach, is as Tim was describing, is that directions will change in the future. So if we are going to have a truly fair process , one of the things we have to get right, is that for the pathfinders, people understand that the set of data that is extracted and who can use it in the pathfinders, will both be a subset of, the data that is extracted and who can use it in the future. If we are going to be true to this fair process, we have to make sure in the pathfinders that we do that.

“For example, at the advisory group last week, is that in the communication going forward we have to make sure that we flag the fact there will be further directions, and they will be changed, that we are overt in saying, subject to what Fiona Caldicott decides, that process itself will be transparent.”

Questions from Board members:
Q: What is it we seek to learn from the pathfinder approach that will guide us in the decision later if this will become a national approach?
What are the top three objectives we seek to achieve?

TK: So, Dame Fiona has set a series of standards she expects the pathfinders to demonstrate, in supporting GPs to be able to discharge this rather complex communication responsibility, that they have under the law  in any case.

“On another level how we can demonstrate that people have adequately understood their right to opt out [..]

“and how do we make sure that populations who are relatively hard to reach, although listed with GPs, are also made aware of their opportunity to opt out.

Perhaps it may help if I forward this to the board, It is in the public domain. But I will forward the letter to the board.”

“So that lays out quite a number of specific tangible objectives that we then have to evaluate in light of the pathfinder experience. “

Chair: “this is a programme in which we have invested a great deal, of time and thought in its development, we would only do this  if we believed it was absolutely critical in the interests of patients, it was something that would give us the information the intelligence that we need to more finely attune our commissioning practice, but also to get real time intelligence about how patients lives are lived, how treatments work and how we can better provide for their care.

“I don’t think this is any longer a matter of huge controversy, but how do we sensitively attune ourselves to patient confidentiality.”

“I propose that […] you will approve in principle the directions before you and also delegate to the Chief Executive and to myself to do final approval on behalf of the board, once we have taken into account the comments from medConfidential and any other issues, but the substance will remain unchanged.”

******

[4] request for the release of June 2014 Open House feedback still to be published in the hope that the range and depth of public questions can be addressed.

care.data comms letter

******
“The time has come,” the walrus said, “to talk of many things.”
[From ‘The Walrus* and the Carpenter’ in Through the Looking-Glass by Lewis Carroll]

*A walrus has a gestation period of about 16 months.
The same amount of time which the pause in the care.data programme has taken to give birth to the pathfinder sites.

references:
[1] NHS England Directions to HSCIC: May 28 2015 – http://www.england.nhs.uk/wp-content/uploads/2015/05/item6-board-280515.pdf
[2] Notes from care.data advisory group meeting on 27th February 2015
[3] Patient questions: https://jenpersson.com/pathfinder/
[4] Letter from NHS England in response to request from September, and November 2014 to request that public questions be released and addressed


15 Jan 2024: Image section in header replaced at the request of likely image tracing scammers who don’t own the rights and since it and this blog is non-commercial would fall under fair use anyway. However not worth the hassle. All other artwork on this site is mine.

The Economic Value of Data vs the Public Good? [1] care.data, Concerns and the cost of Consent

They say ‘every little helps’.  care.data needs every little it can get.

In my new lay member role on the ADRN panel, I read submissions for research requests for any ethical concerns that may be reflected in wider public opinion.

The driving force for sharing administrative data research is non-commercial, with benefits to be gained for the public good.

So how do we quantify the public good, and ‘in the public interest’?

Is there alignment between the ideology of government, the drivers of policy [for health, such as the commissioning body NHS England] and the citizens of the country on what constitutes ‘the public good’?

There is public good to be gained for example, from social and health data seen as a knowledge base,  by using it using in ‘bona fide’ research, often through linking with other data to broaden insights.

Insight that might result in improving medicines, health applications, and services. Social benefits that should help improve lives, to benefit society.

Although social benefits may be less tangible, they are no harder for the public to grasp than the economic. And often a no brainer as long as confidentiality and personal control are not disregarded.

When it comes to money making from our data the public is less happy. The economic value of data raises more questions on use.

There is economic benefit to extract from data as a knowledge base to inform decision making, being cost efficient and investing wisely. Saving money.

And there is measurable economic public good in terms of income tax from individuals and corporations who by using the data make a profit, using data as a basis from which to create tools or other knowledge. Making money for the public good through indirect sales.

Then there is economic benefit from data trading as a commodity. Direct sales.

In all of these considerations, how does what the public feels and their range of opinions, get taken into account in the public good cost and benefit accounting?

Do we have a consistent and developed understanding of ‘the public interest’ and how it is shifting to fit public expectation and use?

Public concern

“The importance of building and maintaining trust and confidence among all stakeholder groups concerned – including researchers, institutions, ethical review boards and research participants – as a basis for effective data sharing cannot be overstated.”  [Wellcome blog, April 2015]

If something is jeopardising that public good it is in the public interest to say so, and for the right reasons.

The loss of public trust in data sharing measured by public feeling in 2014 is a threat to data used in the public interest, so what are we doing to fix it and are care.data lessons being learned?

The three biggest concerns voiced by the public at care.data listening events[1] were repeatedly about commercial companies’ use, and re-use of data, third parties accessing data for unknown purposes and the resultant loss of confidentiality.

 Question from Leicester: “Are we saying there will be only clinical use of the data – no marketing, no insurance, no profit making? This is our data.” [NHS Open Day, June 2014]

While people are happy for the state to use their data without active consent for bona fide research, they are not for commercial purposes.

Much of the debate and upset caused by the revelations of how our hospital episode statistics were managed in the past centred on the sense of loss of ownership. And with that, the inability to consent to who uses it. This despite acknowledgment that patients own their data.

Significant concern centres on use of the information gleaned from data that patients consider commercial exploitation. For use segmenting the insurance markets. For consumer market research. Using data for individual targeting. And its utter lack of governance.

There is also concern about data being directly sold or exchanged as a commodity.

These concerns were raised meeting after meeting in the 2014 care.data “listening process.”

To read in Private Eye that commercially sensitive projects were discussed in various meetings between NHS England and supermarket giant Tesco throughout 2014 [2] by the Patients and Information Director, responsible for care.data, is therefore all the more surprising.

They may of course be quite unrelated.

But when transparency is the mother of trust, it’s perhaps a surprising liason while ‘listening’ to care.data concerns.

It could appear that greater confidentiality was given to the sensitivity of commercial meetings than citizens’ sensitive data.

Consent package deals may be a costly mistake

People are much more aware since care.data a year ago, that unknown third parties may access data without our consent.

Consent around secondary NHS data sharing and in wider fora is no longer an inconvenient ethical dilemma best left on the shelf, as it has been for the last 25 years in secondary use, dusted off in the care.data crisis. [3]

Consent is front and centre in the latest EU data protection discussions [4] in which consent may become a requirement for all research purposes.

How that may affect social science and health research use, its pros and cons [5] remain to be seen.

However, in principle consent has always been required and good practice in applied medicine, despite the caveat for data used in medical research. As a general rule: “An intervention in the health field may only be carried out after the person concerned has given free and informed consent to it”. But this is consent for your care. Assuming that information is shared when looking after you, for direct care, during medical treatment itself is not causes concerns.

The idea is becoming increasingly assumed in discussions I have heard, [at CCG and other public meetings] that because patients have given implied consent to sharing their information for their care, that the same data may be shared for other purposes. It is not, and it is those secondary purposes that the public has asked at care.data events, to see split up, and differentiated.

Research uses are secondary uses, and those purposes cannot ethically be assumed. However, legal gateways, access to that data which makes it possible to uses for clearly defined secondary purposes by law, may make that data sharing legal.

That legal assumption, for the majority of people polls and dialogue show [though not for everyone 6b], comes  a degree of automatic support for bona fide research in the public interest. But it’s not a blanket for all secondary uses by any means, and it is this blanket assumption which has damaged trust.

So if data use in research assumes consent, and any panel is the proxy for personal decision making, the panel must consider the public voice and public interest in its decision making.

So what does the public want?

In those cases where there is no practicable alternative [to consent], there is still pressure to respect patient privacy and to meet reasonable expectations regarding use. The stated ambition of the CAG, for example, is to only advise disclosure in those circumstances where there is reason to think patients would agree it to be reasonable.

Whether active not implied consent does or does not become a requirement for research purposes without differentiation between kinds, the public already has different expectations and trust around different users.

The biggest challenge for championing the benefits of research in the public good, may be to avoid being lumped in with commercial marketing research for private profit.

The latter’s misuse of data is an underlying cause of the mistrust now around data sharing [6]. It’s been a high price to pay for public health research and others delayed since the Partridge audit.

Consent package deals mean that the public cannot choose how data are used in what kids of research and if not happy with one kind, may refuse permission for the other.

By denying any differentiation between direct, indirect, economic and social vale derived from data uses, the public may choose to deny all researchers access to their all personal data.

That may be costly to the public good, for public health and in broader research.

A public good which takes profit into account for private companies and the state, must not be at the expense of public feeling, reasonable expectations and ethical good practice.

A state which allows profit for private companies to harm the perception of  good practice by research in the public interest has lost its principles and priorities. And lost sight of the public interest.

Understanding if the public, the research community and government have differing views on what role economic value plays in the public good matters.

It matters when we discuss how we should best protect and approach it moving towards a changing EU legal framework.

“If the law relating to health research is to be better harmonised through the passing of a Regulation (rather than the existing Directive 95/46/EC), then we need a much better developed understanding of ‘the public interest’ than is currently offered by law.”  [M Taylor, “Information Governance as a Force for Good? Lessons to be Learnt from Care.data”, (2014) 11:1 SCRIPTed 1]

In the words of Dr Mark Taylor, “we need to do this better.”

How? I took a look at some of this in more detail:

Part two: The Economic Value of Data vs the Public Good? [2] Pay-for-privacy and Defining Purposes.

Part three: The Economic Value of Data vs the Public Good? [3] The value of public voice.

Update note: A version of these three posts was combined into an opinion piece – care.data: ‘The Value of Data versus the Public Interest?’ published on StatsLife on June 3rd 2015.

****

image via Tesco media

 

[1] care.data listening event questions: https://jenpersson.com/pathfinder/

[2] Private Eye – on Tesco / NHS England commercial meetings https://twitter.com/medConfidential/status/593819474807148546

[3] HSCIC audit and programme for change www.hscic.gov.uk/article/4780/HSCIC-learns-lessons-of-the-past-with-immediate-programme-for-change

[4] EU data protection discussion http://www.digitalhealth.net/news/EHI/9934/eu-ministers-back-data-privacy-changes

[5] Joint statement on EU Data Protection proposals http://www.wellcome.ac.uk/stellent/groups/corporatesite/@policy_communications/documents/web_document/WTP055584.pdf

[6] Ipsos MORI research with the Royal Statistical Society into the Trust deficit with lessons for policy makers https://www.ipsos-mori.com/researchpublications/researcharchive/3422/New-research-finds-data-trust-deficit-with-lessons-for-policymakers.aspx

[6b] The ‘Dialogue on Data’ Ipsos MORI research 2014 https://www.ipsos-mori.com/researchpublications/publications/1652/Dialogue-on-Data.aspx – commissioned by the Economic and Social Research Council (ESRC) and the Office for National Statistics (ONS) to conduct a public dialogue examining the public’s views on using linked administrative data for research purposes,

[7] AdExchanger Janaury 2015 http://adexchanger.com/data-driven-thinking/the-newest-asset-class-data/

[8] Tesco clubcard data sale https://jenpersson.com/public_data_in_private_hands/  / Computing 14.01.2015 – article by Sooraj Shah: http://www.computing.co.uk/ctg/feature/2390197/what-does-tescos-sale-of-dunnhumby-mean-for-its-data-strategy

[9] Direct Marketing 2013 http://www.dmnews.com/tesco-every-little-bit-of-customer-data-helps/article/317823/

[10] Personalisation in health data plans http://www.england.nhs.uk/iscg/wp-content/uploads/sites/4/2014/01/ISCG-Paper-Ref-ISCG-009-002-Adult-Social-Care-Informatics.pdf

[11] Tim Kelsey Keynote speech at Strata November 2013 https://www.youtube.com/watch?v=s8HCbXsC4z8

[12] Forbes: Illumina CEO on the US$20bn DNA market http://www.forbes.com/sites/luketimmerman/2015/04/29/qa-with-jay-flatley-ceo-of-illumina-the-genomics-company-pursuing-a-20b-market/

 

The Economic Value of Data vs the Public Good? [3] The value of public voice.

Demonstrable value of public research to the public good, while abstract, is a concept quite clearly understood.

Demonstrating the economic value of data for private consumer companies like major supermarkets is even easier to understand.

What is less obvious is the harm that the commercial misuse of data can do to the public’s perception of all research for the public good.[6]

The personal cost of consumer data exploitation, whether through the loss of, or through paid-for privacy, must be limited to reduce the perceived personal cost of the public good.

By reducing the personal cost, we increase the value of the perceived public benefit of sharing and overall public good.

The public good may mean many things: benefits from public health research like understanding how disease travels, or good financial planning, derived from knowing what needs communities have and what services to provide.

By reducing the private cost to individuals of the loss of control and privacy of our data, citizens will be more willing to share.

It will create more opportunity for data to be used in the public interest, for both economic and social gain.

As I outlined in the previous linked blog posts, consent [part 1] and privacy [part 2] would be wise investments for its growth.

So how are consumer businesses and the state taking this into account?

Where is the dialogue we need to keep expectations and practices aligned in a changing environment and legal framework?

Personalisation: the economic value of data for companies

Any projects under discussion or in progress without adequate public consultation and real involvement, that ignore public voice,  risk their own success and with it the public good they should create.

The same is true for commercial projects.  For example, back to Tesco.

Whether the clubcard data management and processing [8] is directly or indirectly connected to Tesco, its customer data are important to the supermarket chain and are valuable.

Former Tesco executive, spoke about that value in a 2013 interview:

“These are slow-growing industries,” Leahy said. “The difference was in the use of data, in the way Tesco learned about its customers. And from that, everything flowed.”[9]

By knowing who, how and when citizens shop, it allows them to target the sales offering to make people buy more or differently. The so-called ‘nudge’ moving citizens in the direction the company wants.

He explained how, through the Clubcard loyalty program, the supermarket was able to transition from mass marketing to personalized marketing and that it works in other areas too:

“You can already see in some areas where customers are content to be priced as customers: risk pricing with insurance and so on.

“It makes a lot of sense in health pricing, but there will be certain social policy restriction in terms of fair access and so on.”

NHS patient data and commercial supermarket data may be coming closer in their use than we might think.

Not only closer in their similar desire to move towards personalisation [10] but for similar reasons, in the desire to use all the data to know all about people as health consumers and from that, to plan and purchase, best and cheapest…”in reducing overall cost.”

It is worth thinking about in an economy driven by ideological austerity, how reducing overall cost will be applied, by cutting services or reducing to whom services are offered.

What ‘nudge’ may be applied through NHS policies, to move citizens in the direction the drivers in government or civil service want to see?

What will push those who can afford it, into private care and out of those who the state has to spend money on, if they are prepared to spend their own, for example.

What is the data that citizens provide through schemes like care.data designed to achieve?

“Demonstrating The Actual Economic Value of Data”

Tim Kelsey, speaking at Strata in 2013 [11] talked about: “Demonstrating The Actual Economic Value of Data”. Our NHS data are valuable in both economic and social terms.

[From 12:17] “It will help put the UK on the map in terms of genomic research. The PM has already committed to the UK developing 100K gene sequences very rapidly. But those sequences on their own will have very limited value without the reference data that lies out there in the real world of the NHS, the data we’ll start making available form next June […]. The name of the programme by the way is care dot data.”

The long since delayed care.data programme plans to provide medical records for secondary use, as reference data for the 100K genomics programme. The programme has the intent to “create a lasting legacy for patients, the NHS and the UK economy.”

With consent.

When the CEO of Illumina talks about winning a US $20bn market [12] perhaps it also sounds economically appealing for the UK plc and the austerity-lean NHS. Illumina is the company which won the contract for the Genomics England project sequencing of course.

“The notion here is that it’s really a precursor to understand the health economics of why sequencing helps improve healthcare, both in quality of outcome, and in reducing overall cost. Presuming we meet the objectives of this three-year study–and it’s truly a pilot–then the program will expand substantially and sequence many more people in the U.K.” [Jay Flatley, CEO]

The idea of it being a precursor leaves me asking, to what?
“Will expand substantially” to whom?

As more and more becomes possible in science, there will be an ever greater need for understanding between how and why we should advance medicine, and how to protect human dignity. Because it becomes possible may not always mean it should be done.

Article 21 of the Convention for the Protection of Human Rights and Dignity of the Human Being with regard to the application of biology and medicine, also says:  “The human body and its parts shall not, as such, give rise to financial gain.”

How close is profit making from DNA sequencing getting to that line?

These are questions that raise ethical questions and questions of social and economic value. The social legitimacy of these programmes will depend on trust. Trust based on no surprises.

Commercial market research or real research for the public good?

Meanwhile all consenting patients can in theory now choose to access their own record [GP online].  Mr Kelsey expressed hopes in 2013 that developers would use that to help patients:

“to mash it up with other data sources to get their local retailers to tell them about their purchasing habits [16:05] so they can mash it up with their health data.”

This despite the 67% of the public concerned around health data use by commercial companies.

So what were the commercially sensitive projects discussed by NHS England and Tesco throughout 2014? It would be interesting to know whether loyalty cards and mashing up our data was part of it – or did they discuss market segmentation, personalisation and health pricing? Will we hear the ‘Transparency Tsar‘ tell NHS citizens their engagement is valued, but in reality find the public is not involved?

To do so would risk another care.data style fiasco in other fields.

Who might any plans offer most value to – the customer, the company or the country plc? Will the Goliaths focus on short term profit or fair processing and future benefits?

In the long run, ignoring public voice won’t help the UK plc or the public interest.

A balanced and sustainable research future will not centre on a consumer pay-for-privacy basis, or commercial alliances, but on a robust ethical framework for the public good.

A public good which takes profit into account for private companies and the state, but not at the expense of public feeling and ethical good practice.

A public good which we can understand in terms of social, direct and indirect economic value.

While we strive for the economic and public good in scientific and medical advances we must also champion human dignity and values.

This dialogue needs to be continued.

“The commitment must be an ongoing one to continue to consult with people, to continue to work to optimally protect both privacy and the public interest in the uses of health data. We need to use data but we need to use it in ways that people have reason to accept. Use ‘in the public interest’ must respect individual privacy. The current law of data protection, with its opposed concepts of ‘privacy’ and ‘public interest’, does not do enough to recognise the dependencies or promote the synergies between these concepts.”

[M Taylor, “Information Governance as a Force for Good? Lessons to be Learnt from Care.data”, (2014) 11:1 SCRIPTed 1]

The public voice from care.data listening and beyond, could positively help shape the developing consensual model if given genuine adequate opportunity to do so in much needed dialogue.

As they say, every little helps.

****

Part one: The Economic Value of Data vs the Public Good? [1] Concerns and the cost of Consent

Part two: The Economic Value of Data vs the Public Good? [2] Pay-for-privacy and Defining Purposes.

Part three: The Economic Value of Data vs the Public Good? [3] The value of public voice.

****

[1] care.data listening event questions: https://jenpersson.com/pathfinder/

[2] Private Eye – on Tesco / NHS England commercial meetings https://twitter.com/medConfidential/status/593819474807148546

[3] HSCIC audit and programme for change www.hscic.gov.uk/article/4780/HSCIC-learns-lessons-of-the-past-with-immediate-programme-for-change

[4] EU data protection discussion http://www.digitalhealth.net/news/EHI/9934/eu-ministers-back-data-privacy-changes

[5] Joint statement on EU Data Protection proposals http://www.wellcome.ac.uk/stellent/groups/corporatesite/@policy_communications/documents/web_document/WTP055584.pdf

[6] Ipsos MORI research with the Royal Statistical Society into the Trust deficit with lessons for policy makers https://www.ipsos-mori.com/researchpublications/researcharchive/3422/New-research-finds-data-trust-deficit-with-lessons-for-policymakers.aspx

[7] AdExchanger Janaury 2015 http://adexchanger.com/data-driven-thinking/the-newest-asset-class-data/

[8] Tesco clubcard data sale https://jenpersson.com/public_data_in_private_hands/  / Computing 14.01.2015 – article by Sooraj Shah: http://www.computing.co.uk/ctg/feature/2390197/what-does-tescos-sale-of-dunnhumby-mean-for-its-data-strategy

[9] Direct Marketing 2013 http://www.dmnews.com/tesco-every-little-bit-of-customer-data-helps/article/317823/

[10] Personalisation in health data plans http://www.england.nhs.uk/iscg/wp-content/uploads/sites/4/2014/01/ISCG-Paper-Ref-ISCG-009-002-Adult-Social-Care-Informatics.pdf

[11] Tim Kelsey Keynote speech at Strata November 2013 https://www.youtube.com/watch?v=s8HCbXsC4z8

[12] Forbes: Illumina CEO on the US$20bn DNA market http://www.forbes.com/sites/luketimmerman/2015/04/29/qa-with-jay-flatley-ceo-of-illumina-the-genomics-company-pursuing-a-20b-market/

A review of NHS news in 2014, from ‘the Spirit of the NHS Future’.

Respectful of all the serious, current news and that of the past year, this is a lighthearted look back at some of the stories of 2014. ‘The Spirit of the NHS Future’ looks forwards into 2015 & at what may still be changed.

***

The Spirit of the NHS Future  visits the Powers-at-be
(To the tune of The 12 Days of Christmas)

[click to open music in another window]

On the first day of Christmas
the Spirit said to me:
I’m the ghost of the family GP.

On the second day of Christmas
the Spirit said to me: a
two-tiered system,
in the future I foresee.

On the third day of Christmas
the Spirit said to me:
You told GPs,
merge or hand in keys,
feder-ate or salaried please.

On the fourth day of Christmas
the Spirit said, I hear:
“Save our surgeries”,
MPIG freeze,
partners on their knees,
blame commissioning on local CCGs.

On the fifth day of Christmas
the Spirit said to me:
Five Ye-ar Plan!
Call it Forward View,
digital or screwed.
Let’s have a new review,
keep ‘em happy at PWC.

On the sixth day of Christmas
the Spirit said to me:
Ill patients making,
out-of-Ho-urs-rings!
Callbacks all delayed,
six hours wait,
one one one mistakes.
But must tell them not to visit A&E.

On the seventh day of Christmas
the Spirit said, GPs:
see your service contract,
with the QOF they’re trimming,
what-will-this-bring?
Open Christmas Eve,
New Year’s no reprieve,
please don’t cheat our Steve,
or a breach notice will you see.

On the eighth day of Christmas
the Spirit said to me:
Population’s ageing,
social care is straining,
want is pro-creating,
obe-si-ty’s the thing!
Cash to diagnose,
statins no one knows,
indicator woes,
and Doc Foster staff employed at CQC.

On the ninth day of Christmas
the Spirit said to me:
Cash for transforming,
seven days of working.
Think of emigrating,
ten grand re-registration.
Four-teen hour stints!
DES and LES are fixed.
Called to heal the sick,
still they love the gig,
being skilled, conscientious GPs.

On the tenth day of Christmas
the Spirit said to me:
Many Lords a-leaping,
Owen’s not been sleeping,
private contracts creeping,
Circle’s ever growing.
Care home sales not slowing.
Merge-eve-ry-thing!
New bidding wars,
tenders are on course
top nine billion, more,
still you claim to run it nation-al-ly.

On the eleventh day of Christmas
the Spirit said to me:
Patient groups are griping,
records you’ve been swiping,
listening while sharing,
data firms are buying,
selling it for mining,
opt-out needs defining,
block Gold-acre tweets!
The care dot data* board
minutes we shall hoard,
troubled pilots loom.
Hi-de Partridge’s report behind a tree?

On the twelfth day of Christmas
the Spirit said to me:
disabled are protesting
sanctions, need arresting,
mental health is failing,
genomes we are trading,**
staff all need more paying,
boundaries set for changing,
top-down re-arranging,
All-this-to-come!
New hires, no absurd,
targets rule the world,
regulation first.
What’s the plan to save our service, Jeremy?

– – – – – –

Thanks to the NHS staff, whose hard work, grit and humour, continues to offer the service we know. You keep us and our loved ones healthy and whole whenever possible, and deal with us & our human frailty, when it is not.

Dear GPs & other NHS staff who’ve had a Dickens of a year. Please, don’t let the system get you down.

You are appreciated, & not just at Xmas. Happy New Year everyone.

“It is a fair, even-handed, noble adjustment of things, that while there is infection in disease and sorrow, there is nothing in the world so irresistibly contagious as laughter and good humour.”
Charles Dickens,   A Christmas Carol, 1843

– – – – –

*New Statesman, Dr Phil Whitaker’s Health Matters column, 20th March 2014, ‘Hunt should be frank about the economic imperative behind the urgency to establish the [care.data] database and should engage in a sensible discussion about what might be compromised by undue haste.’

**Genomics England Kickstarting a Genomics Industry

Launching genomics, lifeboats, & care.data [part 2]

“On Friday 1st August the media reported the next giant leap in the genomics programme in England, suggesting the 100K Genomics Project news was akin to Kennedy launching the Space Race. [1] [from 2:46.30].”

[Part one of this post is in this link, and includes thinking about care.data & genomics interaction].

Part two:

What is the expectation beyond 2017?

The investment to date may seem vast if, like me, you are unfamiliar with the amounts of money that are spent in research [in 2011 an £800M announcement, last summer £90M in Oxford as just two examples], and Friday revealed yet more money, a new £300M research package.  It is complex how it all adds up, and from mixed sourcing. But the stated aim of the investment is relatively simple: the whole genomes of 75,000 people [40K patients and 35K healthy relatives] are to be mapped by 2017.

Where the boundary lies between participation for clinical care and for research is less clear in the media presentation. If indeed participants’ results will be fed back into their NHS care pathway,  then both aims seem to be the intent of the current wave of participants.

It remains therefore perhaps unclear, how this new offering interacts with the existing NHS genetic services for direct clinical care, or the other research projects such as the UK Biobank for example, particularly when aims appear to overlap:.

“The ultimate aim is to make genomic testing a routine part of clinical practice – but only if patients and clinicians want it.” [Genomics England, how we work]

The infrastructure of equipment is enormous to have these sequences running 24/7 as was indicated in media TV coverage. I’m no maths whizz, but it appears to me they’re building Titantic at Genomics England and the numbers of actual people planned to take part (75K) would fit on the lifeboats. So with what, from whom, are they expecting to fill the sequencing labs after 2017?  At Genomics England events it has been stated that the infrastructure will then be embedded in the NHS. How is unclear, if commercial funding has been used to establish it. But at its most basic, there will be  no point building the infrastructure and finding no volunteers want to take part. You don’t build the ship and sail without passengers. What happens, if the English don’t volunteer in the desired numbers?

What research has been done to demonstrate the need or want for this new WGS project going forwards at scale, compared with a) present direct care or b) existing research facilities?

I cannot help but think of the line in the film, Field of Dreams. If you build it they will come. So who will come to be tested? Who will come to exploit the research uses for public good? Who will come in vast numbers in our aging population to exploit the resulting knowledge for their personal benefit vs companies who seek commercial profit? How will the commercial and charity investors, make it worth their while? Is the cost/benefit to society worth it?

All the various investors in addition to the taxpayer; Wellcome Trust, the MRC, Illumina, and others, will want to guarantee they are not left with an empty shell. There is huge existing and promised investment. Wellcome for example, has already “invested more than £1 billion in genomic research and has agreed to spend £27 million on a world class sequencing hub at its Genome Campus near Cambridge. This will house Genomics England’s operations alongside those of the internationally respected Sanger Institute.”

Whilst the commercial exploitation by third parties is explicit, there may also be another possibility to consider: would the Government want:

a) some cost participation by the participants? and

b) will want to sell the incidental findings’ results to the participants?

[ref: http://www.phgfoundation.org/file/10363 ref. #13]

“Regier et al. 345 have estimated the willingness-to-pay (WTP) for a diagnostic test to find the genetic cause of idiopathic developmental disability from families with an affected child. They used a discrete choice experiment to obtain WTP values and found that these families were willing to pay CDN$1118 (95% CI CDN$498-1788) for the expected benefit of twice as many diagnoses using aCGH and a reduction in waiting time of 1 week when compared to conventional cytogenetic analysis.”

“Moreover, it is advisable to minimise incidental findings where possible; health care professionals should not have an obligation to feedback findings that do not relate to the clinical question, except in cases where they are unavoidably discovered and have high predictive value. It follows that the NHS does not have an obligation to provide patients with their raw genome sequence data for further analysis outside of the NHS. We make no judgement here about whether the individual should be able to purchase and analyse their genome sequence independently; however, if this course of action is pursued, the NHS should provide follow-up advice and care only when additional findings are considered to be of significant clinical relevance in that individual…” [13]

How much is that cost, per person to be mapped? What is the expected return on the investment?

What are the questions which are not being asked of this huge state investment, particularly at a time when we are told he NHS is in such financial dire straits?

Are we measuring the costs and benefits?

Patient and medical staff support is fundamental to the programme, not an optional extra. It should not be forgotten that the NHS is a National Service owned by all of us. We should know how it runs. We should know what is spends. Ultimately, it is we who pay for it.

So let’s see on paper, what are the actual costs vs benefits? Where is the overall and long term cost benefit business case covering the multi-year investment, both of tangible and intangible benefits? In my personal research, I’m yet to find one. There is however, some discussion in this document:

“The problem for NGS is that very little ‘real’ information is available on the actual costs for NGS from the NHS perspective and the NHS Department of Health Reference Costs Database and PSSRU, where standard NHS costings are listed, are generally not helpful.” [13 – PHG, 2011]

Where are the questions being asked if this is really what we should be doing for the public good and for the future of the NHS?

Research under good ethics and bona fide transparent purposes is a public asset. This rollout, has potential to become a liability.

To me, yet again it seems, politics has the potential to wreck serious research aims and the public good.

Perhaps more importantly, the unrestrained media hype carries the very real risk of creating unfounded hope for an immediate diagnosis or treatment, for vulnerable individuals and families who in reality will see no personal benefit. This is not to undermine what may be possible in future. It is simply a plea to rein in hype to reality.

Politicians and civil servants in NHS England appear to use both research and the notion of the broad ‘public good’, broadly in speeches to appear to be doing ‘the right thing to do’, but without measurable substance. Without a clear cost-benefit analysis, I admit, I am skeptical. I would like to see more information in the public domain.

Has the documentation of the balance of patient/public good and  expected “major contribution to make to wealth creation and economic growth in this country” been examined?

Is society prepared for this?

I question whether the propositions of the initiative have been grasped by Parliament and society as a whole, although I understand this is not a ‘new’ subject as such. This execution however, does appear at least, massive in its practical implications, not least for GPs if it is to become so mainstream, as quickly as plans predict. It raises a huge number of ethical questions. Not least of which will be around incidental findings, as the Radio 4 interview raised.

The first I have is consideration of pre-natal testing plans:

“Aside from WGS of individuals, other applications using NGS could potentially be more successful in the DTC market. For example, the use of NGS for non-invasive prenatal testing would doubtless be very popular if it became available DTC prior to being offered by the NHS, particularly for relatively common conditions such as Down syndrome…” [

and then the whole question of consent, particularly from children:

“…it may be almost impossible to mitigate the risk that individuals may have their genome sequenced without their consent. Some genome scan companies (e.g. 23andMe) have argued that the risks of covert testing are reduced by their sample collection method, which requires 2ml of saliva; in addition, individuals are asked to sign to confirm that the sample belongs to them (or that they have gained consent from the individual to whom it belongs). However, neither of these methods will have any effect on the possibility of sequencing DNA from children, which is a particularly contentious issue within DTC genomics.” [13]

“two issues have emerged as being particularly pressing: first is the paradox that individuals cannot be asked to consent to the discovery of risks the importance of which is impossible to assess. Thus from a legal perspective, there is no ‘meeting of minds’ and contractually the contract between researcher and participant might be void. It is also unclear whether informed consent is sufficient to deal with the feedback of incidental findings which are not pertinent to the initial research or clinical question but that may have either clinical or personal significance…” [PHG page 94]

And thirdly, we should not forget the elderly. In February 2014 the Department of Health proposed that a patient’s economic value should be taken into account when deciding on healthcare. Sir Andrew Dillon, head of the National Institute for Healthcare and Excellence (NICE, who set national healthcare budgets and priorities), disagreed saying:
“What we don’t want to say is those 10 years you have between 70 and 80, although clearly you are not going to be working, are not going to be valuable to somebody.

Clearly they are. You might be doing all sorts of very useful things for your family or local society. That’s what we are worried about and that’s the problem with the Department of Health’s calculation.

There are lots of people who adopt the fair-innings approach; ‘you’ve had 70 years of life you’ve got to accept that society is going to bias its investments in younger people.”

[14 – see Channel 4] Yet our population is ageing and we need to find a balance of where roles, rules and expectations meet. And question, how do we measure human value, should we, and on what basis are we making cost-based care decisions?

The Department of Health proposed that a patient’s economic value should be taken into account when deciding on healthcare. What is their thinking on genomics for the care of the elderly?

Clinical environment changes make engagement and understanding harder to achieve

All this, is sitting on shifting, fundamental questions on how decision making and accountability will be set, in a world of ever fragmenting NHS structure:

“More problematic will be the use of specific genomic technologies such as NGS in patient pathways for inherited disorders that are delivered outside the clinical genetics services (such as services for FH, haemophilia and sickle cell disease) and NGS that is used for non-inherited disease conditions. These will be commissioned by GP consortia within established care pathways. Such commissioning of companion diagnostics would, in theory be evaluated first by NICE. However, it is not clear what capacity NICE will have across a broad range of uses. In practice it seems likely that GP consortia may make a variety of different decisions influenced by local experts and pressure, funding and different priorities. Particular questions for NGS will include: How will commissioners be provided with the necessary evidence for decision-making and can this be developed and coordinated at a national level? How will commissioners prioritise particularly when it may be necessary to invest early in order to achieve savings later? What (if any) influence may commissioners be able to exert over the configuration of test providers (for example the rationalisation of laboratories or the use of private testing companies)? [13]
Today (August 8th) the public row between Roche and the Government through NICE became apparant on cancer treatment. And again I found myself asking, what are we not funding, whilst we spend on genomics?  If you did not you hear Sir Andrew Dillon & the discussion, you can listen again on BBC Radio 2 iPlayer here. [It’s in the middle of the programme, and begins at 01:09.06.]

Questions, in search of an answer
Where has the population indicated that this is the direction of travel we wish our National Health Service to take? What preparation has been made for the significant changes in society it will bring? When was Parliament asked before this next step in policy and huge public spend were signed off and where is the periodic check against progress and public sign off, of the next step? Who is preparing the people and processes for this explosive change, announced with sparklers, at arms length and a long taper? Are the challenges being shared honestly between policy, politicians and scientists, being shared with patients and public: as discussed at the stakeholder meeting at St.Barts London, 3rd October 2013 (a key panel presentation: 45 minute video with slides)? When will that be shared with the public and NHS staff in full? Why does NHS England feel this is so fundamental to the future of the NHS? Must we abandon a scuppered and sinking NHS for personalised medicine on personal budgets and expectations of increased use of private health insurance?

Is genomics really the lifeboat to which the NHS is inextricably bound?

The Patients and Information Directorate nor wider NHS England Board does not discuss these questions in public.  At the July 3rd 2014 Board Meeting, in the discussion of the genomics programme I understood the discussion as starting to address the inevitable future loss of equity of access because of genomic stratification, dividing the population into risk pool classifications [10.42] . To my mind, that is the end of the free-to-all NHS as we know it. And IF it is so, through planned policy. More people paying for their own care under ‘personalisation;  is in line with ISCG expectations set out  earlier in 2014: “there will be increasing numbers of people funding their own care and caring for others.”

Not everyone may have understood it that way, but if not, I’d like to know what was meant.

I would like to understand what is meant when Genomics England spokespeople  say the future holds:

“Increasingly to select most appropriate treatment strategy. In the longer term, potential shift to prevention based on risk-based information.”
or
“Review the role of sequencing in antenatal and adult screening.”

I would welcome the opportunity to fully understand what was suggested at that Board meeting as a result of our shared risk pool, and readers should view it and make up their own mind. Even better, a frank public and/or press board meeting with Q&A could be rewarding.

The ethical questions that are thrown up by this seem yet to have little public media attention.

Not least, incidental findings: if by sequencing someone’s DNA, you establish there is something for their health that they ought to be doing soon, will you go to that patient and say look, you should be doing this…. these are incidental findings, and may be quite unexpected and separate from the original illness under investigation in say, a family member, and may also only suggest risk indicators, not clear facts.

If this is expected to be mainstream by 2018, what training plans are in place as indicated needed as a “requirement for professionals across the NHS to be trained in genetics and its implications”? [presentation by Mark Bale, DoH, July 2014]

When will we get answers to these questions, and more?

Because there is so much people like me don’t know, but should, if this is our future NHS under such fundamental change as is hyped.

Because even the most esteemed in our land can get things wrong. One of them at the St.Bart’s events quotes on of my favourite myths attributed wrongly to Goethe. It cannot be attributed to him, that he said, ” “Whatever you can do or dream you can, begin it. Boldness has genius, power and magic in it.” You see, we just hear something which sounds plausible, from someone who seems to know what they are talking about. It isn’t always right.

Because patients of rare disease in search of clinical care answers should be entitled to have expectations set appropriately, and participants in research know to what they, and possibly family members indirectly, are committed.

Because if the NHS belongs to all of us, we should be able to ask questions and expect answers about its planning,  how we choose to spend its budget and how it will look in future.

These are all questions we should be asking as society

Fundamentally, in what kind of society will my children grow up?

With the questions of pre-natal intervention, how will we shape our attitudes towards our disabled and those who are sick, or vulnerable or elderly? Are we moving towards the research vision Mr.Hunt, Cameron and Freeman appear to share, only for good, or are we indeed to look further head to a Gattacan vision of perfection?

As we become the first country in the world to permit so called ‘three parent children’ how far will we go down the path of ‘fixing’ pre-natal genetic changes, here or in PGD?

How may this look in a society where ‘some cornflakes get to the top‘ and genetic advantage seen as a natural right over those without that ability? In a state where genetics could be considered as part of education planning? [16]

For those with lifelong conditions, how may genetic screening affect their life insurance when the Moratorium expires*  in 2017 (*any shift in date TBC pending discussion) ? How will it affect their health care, if the NHS England Board sees a potential effect on equity of access? How will it affect those of us who choose not to have screening – will we be penalised for that?

And whilst risk factors may include genomic factors, lifestyle factors some argue are even more important, but these change over time. How would those, who may have had past genetic screening be affected in future requirements?

After the August 1st announcement, [11] The Wellcome Trust‘s reporting was much more balanced and sensible than the political championing had been. It grasps the challenges ahead:

“Genomics England has ambitious plans to sequence 100,000 genomes from 75,000 people, some of whom will also have cancer cells sequenced. The sheer scale of the plans is pretty daunting. The genetic information arising from this project will be immense and a huge challenge for computational analysis as well as clinical interpretation. It will also raise a number of issues regarding privacy of patient data. Ensuring that these genetic data can be used maximally for patient benefit whilst protecting the rights of the individual participant must be at the heart of this project.

At the beginning of the Human Genome Project, scientists and funders like the Wellcome Trust knew they were on a journey that would be fraught with difficulties and challenges, but the long-term vision was clear. And so it is with the plans for Genomics England, it will most certainly not be easy…”

Managing change

Reality is that yet again, Change Management and Communications have been relegated to the bottom of the boarding priorities list.

This is not only a research technology or health programme. Bigger than all of that is the change it may bring. Not only in NHS practice, should the everyday vision of black boxes in GP surgeries become reality, but for the whole of society. For the shape of society, in age and diversity. Indeed if we are to be world leaders, we have potential to start to sling the world on a dangerous orbit if the edges of scope are ill defined. Discussing only with interested parties, those who have specific personal or business interests in genomic research and data sharing, whilst at Board meetings not clearly discussing the potential effects of risk stratification and personalisation on a free at the point of delivery health service is in my opinion, not transparent, and requires more public discussion.

After all, there are patients who are desperate for answers, who are part of the NHS and need our fair treatment and equity of access for rare disease. There is the majority who may not have those needs but knows someone who does. And we all fund and support the structure and staff in our world class service, we know and love. We want this to work well.

Future research participation depends on current experience and expectations. It is the latter I fear are being currently mishandled in public and the media.

Less than a month ago, at the NHS England Board Meeting on July 3rd,  Lord Adebowale very sensibly asked, “how do we lead people from where we are, and how we take the public with us? We need to be a world leader in engaging all the public”

Engagement is not rocket science. But don’t forget the ethics.

If this project is meant to be, according to MP George Freeman [George 2], akin to Kennedy launching the Space Race, then, by Fenyman [12], why can they not get their public involvement at big launches sorted out?

Is it because there are such large gaps and unknowns that questioning will not stand up to scrutiny? Is it because suggesting a programme will end the NHS as we know it, would be fatal for any politician or party who supports that programme in the coming year? Or do the leading organisations possibly paternalistically believe the public is too dim or uninterested or simply working to make ends meet to care [perhaps part of the 42% of the population who expected to struggle as a result of universal welfare changes,  one in three main claimants (34 per cent) said in 2012 they ‘run out of money before the end of the week/month always or most of the time’] ? But why bother will the big press splash, if it should not make waves?

In the words of Richard Feynman after the Challenger launch disaster in 1986:

“Let us make recommendations to ensure that NASA officials deal in a world of reality in understanding technological weaknesses and imperfections well enough to be actively trying to eliminate them. They must live in reality in comparing the costs and utility of the Shuttle to other methods of entering space. And they must be realistic in making contracts, in estimating costs, and the difficulty of the projects.

Only realistic flight schedules should be proposed, schedules that have a reasonable chance of being met.

If in this way the government would not support them, then so be it. NASA owes it to the citizens from whom it asks support to be frank, honest, and informative, so that these citizens can make the wisest decisions for the use of their limited resources. For a successful technology, reality must take precedence over public relations… [June 6th 1986. Six months after the disaster, the Report to the Presidential Commission (Appendix F)]

Just like the Rosetta spacecraft is getting ever closer to actually landing on the comet, its goal, [15 – BBC Newsround has an excellent little summary] after over ten years, so too is genomics close to the goal of many. It is within grasp that the long-planned mainstreaming of genomic intervention, will touch down in the NHS. My hope is that in its ever closer passes, we get hard factual evidence and understand exactly where we have come from, and where we intend going. What will who do with the information once collected?

The key is not the landing, it’s understanding why we launched in the first place.

Space may not be the most significant final frontier out there in the coming months that we should be looking at up close. Both in health and science.  Our focus in England must surely be to examine these plans with a microscope, and ask what frontiers have we reached in genomics, health data sharing and ethics in the NHS?

******  image source: ESA via Nature

[1] “It’s a hugely ambitious project, it’s on a par with the space race how Kennedy launched 40 years ago.” [from 2:46.30 BBC Radio 4 Int. Sarah Montague w/ George Freeman]

[2] Downing Street Press Release 1st August – genomics https://www.gov.uk/government/news/human-genome-uk-to-become-world-numb

[3] 6th December “Transcript of a speech given by Prime Minister at the FT Global Pharmaceutical and Biotechnology Conference” [https://www.gov.uk/government/speeches/pm-speech-on-life-sciences-and-opening-up-the-nhs]

[4] 10th December 2012 DNA Database concerns Channel 4 http://www.channel4.com/news/dna-cancer-database-plan-prompts-major-concerns

[5] Wellcome Trust- comment by Jeremy Farrar http://news.sky.com/story/1311189/pm-hails-300m-project-to-unlock-power-of-dna

[6] Strategic Priorities in Rare Diseases June 2013 http://www.genomicsengland.co.uk/wp-content/uploads/2013/06/GenomicsEngland_ScienceWorkingGroup_App2rarediseases.pdf

[7] NHS England Board paper presentation July 2013 http://www.england.nhs.uk/wp-content/uploads/2013/07/180713-item16.pdf

[8] ICO and HSCIC on anonymous and pseudonymous data in Computing Magazine http://www.computing.co.uk/ctg/news/2337679/ico-says-anonymous-data-not-covered-by-data-protection-act-until-its-de-anonymised

[9] HSCIC Pseudonymisation Review August 2014 http://www.hscic.gov.uk/article/4896/Data-pseudonymisation-review

[10] November 2013 ISCG – political pressure on genomics schedule http://www.england.nhs.uk/iscg/wp-content/uploads/sites/4/2014/01/ISCG-Paper-Ref-ISCG-009-001-ISCG-Meeting-Minutes-and-Actions-26-November-2013-v1.1.pdf

[11] Wellcome Trust August 1st 2014 The Genetic Building Blocks of Future Healthcare

[12] Fenyan – For successful technology reality must take precedence over PR https://jenpersson.com/successful-technology-reality-precedence-public-relations/

[13] Next Steps in the Sequence – the implications for whole genome sequencing in the UK – PHG Foundation, funded by the PHG Foundation, with additional financial support from Illumina. The second expert workshop for the project was supported by the University of Cambridge Centre for Science and Policy (CSaP) and the Wellcome Trust http://www.phgfoundation.org/file/10363

[14] Anti-elderly drugs proposals rejected by NICE: Channel 4 http://www.channel4.com/news/nice-assessment-elderly-health-drugs-rejected-contribution

[15] BBC Newsround: Rosetta spacecraft and the comet chasing

[16] Education committee, December 4th 2013 including Prof. Plomin From 11.09:30 education and social planning  http://www.parliamentlive.tv/Main/Player.aspx?meetingId=14379

*****

For avoidance of confusion [especially for foreign readership and considering one position is so new], there are two different Ministers mentioned here, both called George:

One. George Osborne [George 1] MP for Tatton, Cheshire and the Chancellor

Two. George Freeman [George 2] MP – The UK’s first-ever Minister for Life Sciences, appointed to this role July 15th 2014 [https://www.gov.uk/government/ministers/parliamentary-under-secretary-of-state–42]

 

*****

Flagship care.data – [3] Commercial use in Practice

I looked in two previous posts at the background theory [1] to commercial uses of our data, then, the background to my concerns of commercial use with data intermediaries. [2] This is now part three,  my glimpse into commercial use in real-world practice. It’s become rather a saga.

Here’s the short version: “In general commercial uses of data, I am increasingly learning that if you don’t pay for the product, you are the product. We need to shout a bit louder, that we are not a product for sale. It’s not only that there is an increased risk in a move of our health records from binder to byte and broadening access to them. We take issue with the change of approved purposes from care, to commercial use.”

At the Health Select Committee on July 1st, [3] I believe  Sir Manning misses the key issue the public has with care.data and health record sharing, when he gave a response to Q562 to David Tredinnick MP:

‘We made big mistakes over the last 10 years’

“I am saddened by some of the comments that have been made this afternoon about the lack of trust and also by the impugning of our motivation. […]

We made big mistakes over the last 10 years, and we have a once-in-a-generation chance to get it right. I am absolutely clear that we have to engage the public in an open debate about the balance of risks and benefits. There will always be risks with data. There were risks with the Lloyd George envelope; notes were lost, they flew and went all over the place. There will always be risks, but those risks and the benefits are both enhanced by the technology.”

Whilst I applaud Sir Manning’s apology, and his call for open debate, I think he misses here the fundamental point of disagreement the public has with the HSCIC current practice. Selling our health data.

It’s not only that there is an increased risk in a move from binder to byte and broadening their access. We take issue with the change of approved purposes from care, to commercial use.

And these commercial (ab)uses in current form must stop if we are to trust the governance system in future.

Health Records for Commercial sale

HSCIC currently sells our health records for commercial purposes, to intermediaries with commercial re-use licenses, and had no consent nor our permission for this in the past, it continues to do so in the present and appears to have no concern or intention to stop doing so, for the future.

Mr. Kelsey added at the HS Committee,

“We have a very big job to do, and I hope that you will hold us to account in delivering it.”

To which I can only reply, it is you who say it. But who is accountable?  The Open Debate which Sir Manning calls for has not been taken up by NHS England. We are told this is a programme of national importance, one which Mr. Kelsey has repeatedly said, including to the Health Select Committee previously, on which the entire future of the NHS depends. Why then, no national discussion, no news since the pause and a focus on updated communications of the current plan.  The current plan with flaws in consent collection, scope determination, confusion of purposes.

There are so many ways this could be improved and gotten right, but not by November and without public debate.

How can you insist a programme so vital for the entire future of the NHS yet encourage no public discussion?   This seems to be a theme in NHS England recent programmes. [4] The decision to outsource the GP support services was taken in private sessions, not available to the public like the rest of the Board Meetings [5]. Other programmes, pilot and actual plans for implementation go on without public discussion.

There’s been no apology for the data sharing policy developed since 2010 which has encouraged commercial trading and enabled this erosion of security, confidentiality and trust in the data management system of our nation’s health records. No one at the Department of Health has said, we got this policy wrong. No one at NHS England, the same people if under a different label. Poor Sir Manning at the Information Centre who carried out their policy, has been left to say there were ‘big mistakes’ made. But not by him since July 2013.

Trust and care.data off course

That our trust now lies in tatters, is not the fault of the Health Select Committee member to whom Sir Manning says,  he is saddened and disappointed. It’s not Joe Public’s fault who had no idea this was going on, until six months ago.  Where did these policies and plans since 2010 come from? Where did the use of our data go so astray and why is flagship care.data now so terribly off course? Mr. Cameron outlined it in 2011. What happened in the three years?

Health records for sale

As I wrote in a previous post,

“Some of that data goes back into our health market as business intelligence, both for NHS and private use, for benchmarking, comparisons and making commercial decisions. In our commissioning based marketplace, this re-use of data is now becoming normalised.”

But should it be normal that our medical records are for sale?

When celebrity Michael Schumacher’s notes are for sale, [6] being offered concretely to the media, we all see that is wrong. Just imagine 70 million copies of Schumi’s record, each with our own name on it, being offered to anyone outside of those who need it for our care. Offered to these commercial  for-profit data intermediaries. It’s not a theory – this is what is happening to our records, today. Don’t accept the ‘anonymised’ statements, they’re simply not true. Identifiable data and pseudonymous data has been sold. The register confirms it, and that was only a 10% sample.

“To earn the public’s trust in future, we must be able to show that our controls are meticulous, fool-proof and solid as a rock.”

said Sir Nick Partridge in his summary review.[7]

I think banning data sharing for commercial use and re-use would be a good start.

What is it to be used for and why?

When we think of our health records being used by others,  we need to separate the uses of the data, in order to understand different ways it is used, who uses it and why. Data once it is processed becomes knowledge which is used as Business Intelligence. It is common in discussion to conflate use in care with care.data. It’s even in the name. But the uses of care.data are secondary. Not to be used by clinicians caring for us, not replacing hospital notes to give to consultants when we are referred for a hospital stay. Not providing discharge papers. It’s only approved for commissioning and sketchily [imo] approved for risk stratification.  [ref p.5 ] [8]

care.data extracted from GP surgeries, is not even approved for research purposes, but to read all the recent debates you’d think research depended on it. Research using GP extracted patient data, is not an approved use of care [dot] data. Research using GP extracted patient data is not an approved use of care [dot] data. Repeat, ad nauseaum.

What is already being done, and what is used legitimately i research such as public health (albeit without our past knowledge or consent), is with our hospital data, HES, SUS, Mental Health data, usually with CAG review, and through 251 approval sometimes through DAAG review at HSCIC – it is available and is on sale to all sorts of other non-care providers. And that is planned to continue.

The records extracted so far, when not used for research appear in recent years increasingly used for comparison, the concept of ‘ranking and spanking’ professionals and providers of healthcare.  They are also used in commissioning, payment validation and understanding costs and spending. But beyond that, there are all sorts of others who still come under the umbrella of ‘health purposes’ but don’t directly benefit the NHS or individual patients. What is their demand and what are they being supplied?

In the newly created NHS marketplace, customers at individual level are patients, or at a market level they could be any part of the healthcare buying structure, a GP practice, a Clinical Commissioning Group, a Hospital Trust.

The challenge of any demand and supply chain process, is that you need a market willing to pay at the price you are prepared to sell. And you need to offer what they want to buy. For that, the buyers must see a value in the data they want to obtain. Where is the value for these areas of use: Generic NHS Business Intelligence, Generic Commercial Intelligence and Pharmaceutical intelligence?

Health records as Business Intelligence

Some companies take data and process it before selling it to NHS and other health providers in England. This provides a third party service and skill set which the HSCIC nor the NHS Trust for example, has themselves, such as IMS Health.

So business intelligence used for the benefit of the NHS, makes sense and is necessary to a greater or lesser degree depending on your attitudes to comparison websites, green/red flagging professionals and commissioning. Benchmarking was provided by Tribal until that part of their business was bought out by Capita.

These companies’ experience and market is healthcare. The kind of knowledge they can give to the NHS is highlighted in their case studies.

So for clinical care, and for commissioning at individual organisations, these tools are clearly useful and use individual patient level data. [9]

Al sorts of other places and individuals perform these services. They include a wide range of commercial organisations, small and large.

Health records as Commercial Marketing Intelligence

Commercial buyers however, can include wanting data for identity verification, fraud prevention and background checks. Services such as Experian offer. These may be what the loose definition in the Care Act would say are now banned, but are they? What is to say that a company which offers the use of private health services, healthy eating or pharmaceutical marketing is not providing information to others, for the promotion of health?

“Experian employs more than 12,500 people in 34 countries worldwide, supporting clients in more than 60 countries. Annual sales are $3.1 billion (£1.7bn/ v2.5bn).”

Identity verification can be done, matching data across a biographic footprint, ” in databases, established for 45 million UK citizens and hold in excess of 1 billion records.”

“Experian public sector currently works with 380 plus local authorities, 52 police and investigatory bodies, as well as central government agencies including DVLA, HMRC, DWP and the Cabinet Office.” [10]

There is clearly a lot of data sharing in the public sector, about which we may understand very little. But mostly the buyers of data want to sell something. Companies buy lists of people to use in marketing campaigns, who might be interested in what they’re selling — and companies also want to learn more about their current customers.

This is where I find the level of detail and what is done with our data, more than a little freaky.

Every UK consumer is classified into one of 22 types, aggregated into six groups. The 22 types are linked to six decision-making styles, providing insight into consumers’ motivations when using different media and the processes they go through in deciding about products and services.

“TrueTouch is built using over 700 individual data variables. These are chosen for their ability to illustrate an individual’s range of behaviours in relation to media consumption, including use of different channels, responsiveness and exposure to media. These are distilled into two core data sources: Quantitative data Experian’s UK Consumer Dynamics database compiles information on all UK individuals, their demographics and lifestyles, attitudes and responsiveness to media. It includes known data on demographics and lifestyles from publicly reported sources such as the ‘edited’ electoral roll, company directors, shareholders and council tax, as well as Experian’s proprietary lifestyle information taken from its programme of consumer survey.” [11]

I don’t know what segment I am in.  But I know that I will have data stored in many of those different data sources they mention. So do they actually know more about my habits and inclination, that I have self-awareness? If their tool has over 850 million input sources which they process, it’s more than likely. 34 million email addresses, 20 million mobile phone numbers, 49.7m names and addresses.

Experian may well have much of this data from the electoral roll (unless like me, you opted out of these uses) but in the HSCIC  January-April 2014 register of releases [7] data was given to Experian for use in Mosaic. (see July – 132kb right of page)

“Mosaic is Experian’s powerful cross-channel consumer classification designed to help you understand the demographics, lifestyles, preferences and behaviours of the UK adult population in extraordinary detail.” [12]

That they understand and track my behaviours probably better than I do, and at such detailed level, I find surprising and invasive. In fact, I find it threatening in a similar vein to the visceral reaction that the Facebook experiment generated this week online.

As SF Gate reported,

“Using unsuspecting members as human guinea pigs is repugnant. And when the biggest social network on the planet does it, can its leaders be trusted with their own technology?”

This idea that just because one can and the technology permits it, does not mean that one should. It just feels wrong to find out others  may manipulate our thinking and behaviours in such a targeted way. Just as Experian does with consumer data:

Within rural areas we are able to pick out the individual households that are likely to be commuting to towns and cities nearby…”[12]

Individual households? Understanding my behaviours, gives them information which they use to nudge or influence my decision making. Understanding our behaviour ‘in extraordinary detail’ helps companies market and sell more to customers.

There are other re-uses even for health purposes, which seem less transparent and more about us as general consumers, rather than for our health. For example, the use of HES data is in social marketing targeting:

“In this way, companies who process data such as Beacon Dodsworth received data in the last year and offered it for commercial exploitation by others “HES data may be used by pharmaceutical companies “to improve [their] social marketing / media awareness campaigns”. Others included  OmegaSolver and Harvey Walsh.”

These companies have re-use licenses for data. what that means is better explained here by medconfidential. [14]

How will HSCIC know how data will be used after release and how will it be audited and how often? When it comes to human tissue, the HTA only audits tissue banks in the UK once every three years. That’s a long time in between audits if something has gone horribly wrong in best practice.

Health records as Commercial Pharmaceutical Intelligence

To global pharma it is again not the data itself which is of value, but in the knowledge it reveals. The pharma business intelligence. It can show at an individual level what is being prescribed or show  any gaps it reveals, which will allow pharma, to address ‘unmet clinical need.’  The data already compares hospital prescribing and reports make recommendations used by NICE on what drugs to use and recommend. My concern is that to treat the worried well who have cash to spend, will deflect attention from the needs of the sick and poor and that even if only at postcode level, we will be targeted for pharmaceutical marketing.

“The parties will initially look at how anonymised, integrated health data can be used to identify unmet clinical need in patients with diabetes. In the UK, diabetes affects approximately 2.9 million adults overall, with more than 90% of these patients having type 2 diabetes. This makes diabetes one of the most common chronic medical conditions and represents a significant strain on U.K. health services.”

(HSCIC Astra Zeneca MOU December 2012) [15]

Astra has another Memorandum with IMS Health. So we, whose data it is, have zero transparency and can request no accountability for the use of our data once it has left the HSCIC.

And it matters because when there are data breaches in these companies, we should know whether our data has been involved.

In January 2012  AstraZeneca signed a three year partnership with IMS MOU [16] and stated it builds on AstraZeneca’s existing ‘real-world’ data and research partnership with HealthCore in the US, the health outcomes research subsidiary of WellPoint.  Wellpoint which had a massive breach a year ago, July 2013. So how do we know where our data was stored, and if it were involved or not? Here is what pharma use data for, to analyse “unmet clinical need.”

“The partnership with IMS Health will give AstraZeneca access to pre-existing anonymised electronic health records, which include clinical outcome, economic and treatment pattern data. In addition, the companies will jointly develop a customised research and data analysis platform. The information will provide a deeper insight into how medicines that are already on the market are working in real-world settings across Europe, painting a picture of unmet needs …”

We can look at this more than one way. Some feel strongly commercial use should exclude Big Pharma. On the one hand, the State and Government does not own manufacturing of drugs nor medical products. Though we used to do both.  Recently, that we did own, has been increasingly sold to commercial buyers or venture capitalists.

The State and pharma work together, often through University research, to create future health solutions, drugs and the drive towards personalised medicine and diagnostic tests. When companies which own our data are sold and bought internationally what happens to our data they own? Boots Alliance bought data from HSCIC, and they are about to be bought by US Walgreens. So many questions.

Those more informed than me will know all about the challenges of pharmaceutical companies, the patent cliff, mergers and diversification. IP, diagnostic tests and generics in the market. Big Pharma and the State are working together in much research to find solutions and discoveries to current and future medical issues.
How far does cooperation stretch and when does it become inappropriate? Is commercial interest supportive of State practice or driving decision making policy? Should commercial companies fund any costs at our NGOs? And do those which buy the most data, get a bigger slice of the influence of what conclusions reports using the data, reach? Whilst there is a public move to #Alltrials I believe we should demand #Allreports in the public interest as well. I would like to have transparency at HSCIC how their reports are funded,  when working with partners which are frequently commercial pharma partnerships.

Mr. Hunt recently defended to the Health Select Committee the reasons why a commercially supported pharma lobbying group was used to advise on the NHS Commissioning plan – the Specialised Healthcare Alliance. Supported by 14 pharma companies, these corporate members are contributing £12,000 each towards the costs of the Alliance for 2014.

Are we really seeing transparency on who is driving change in our health service?

The Richness of our records open for Exploitation

The value of Big Data is only extracted by exploiting its richness. And these days, with mobile phones, social media and shopping habits tracked by the minute, the average citizen like me, it seems can’t easily avoid being part of it, whether we want to be or not.

But if we don’t even have the right to control and own our data and we can’t control the knowledge generated from it, how can we control who knows what about us and what they use it for? If we’re unaware of its existence, how can we understand its impact on our life to make free and uninfluenced choices in what we buy, for example? Or understand how we may be segmented and discriminated against. And this is aside from the assumption that the data held is accurate and that as a result, no mistaken judgements are being made about us.

As for our health data, how can we control its use by these massive data managers if we don’t even know who they are at the end of a chain of re-use licenses?

Put Business Intell, Commercial Intell and Pharma together

The vast amounts of data already held and analysed to the nth degree by these data intermediaries, means that making even more data available to them is going to increase the segmentation and risk of identification. They already have data on individuals and is it not enough that they make analysis at household level as shown by Mosaic? Individual health level data seems that they could put a final piece in the puzzle and know exactly who in which house had which ailments, their lifestyle risk factors could be refined and these data brokers would be able to look inside our very bodies.

One which fits data together, we do know from the HSCIC data release register, and press reports in March, is Harvey Walsh. The company tracks individuals pathway data, over time and the website now says:

“Harvey Walsh use non-sensitive and non-identifiable HES data for patient pathway mapping that is used by the healthcare industry with the NHS to improve the quality of healthcare management and service delivery by better understanding how patient cohorts move around the healthcare system.”
[Harvey Walsh’s system] “AXON holds non identifiable and non-sensitive HES (Hospital Episode Statistics) data and other sources of data including GP Practice Prescribing, QOF, Demographic and NHS personnel data sets.”

Data snapshots combine to give a Picture over a Lifetime

So now, not only can these companies understand us in infinite detail, but can do so over our lifetime. We are tracked over time and anaylsed not as a snapshot, but as a living album of snaps, moving across time. They know what we do commercially, in our lifestyle and how it interacts with our health and what may affect our consumer habits and help nudge our decision making. Put them together, and it starts to feel like I’m on The Truman Show.

I’d like to know though, once the data is processed, what happens to the new combined knowledge set, it creates? The original raw data as extracted may not be given to others, but is it the same product and protected, if it now shows up as a small piece, in a bigger jigsaw?

Omega Solver took their product offline this year, after privacy campaigners identified the risk of identifying individuals.
Acxiom as a world data leader example, is a company which provides consumer data and analytics for marketing campaigns and fraud detection. Its databases contain information about 700 million consumers worldwide.

“For more than 40 years, Acxiom has been a leader in harnessing the powerful potential of data.”

It seems others share my concerns, as this article on how data brokers use of our data is creepy, from Julia Angwen showed up in my alert feed this week, and another in ProPublica from last September. As she says,

“Commercial data has become a honeypot that government likes to dip its hand into.”

You can see more on this, in her interview with PBS News:

Our lifetime data is attractive to commercial marketing and all sorts of organisations who wish to understand us and sell to us. The one purpose, possibly the least trusted I have not really touched on. Hospital records have been shared with insurers and used for refining policy. Records have been sold to re-insurers, even since January 2014. And these insurers mine and use data much more deeply than we want to imagine. In fact, as I finish this I see the FT front page tomorrow carries a current story how insurers trawl our Big Data.

FT Insurers trawl Big Data
FT Insurers trawl Big Data

 

 

 

 

 

 

HSCIC Data Sharing Agreements will prevent Data Merger?

IMS Health UK & Ireland’s general manager, Michael Sanvoisin shows that exploiting the different data sets ‘out there’ in Big Data, is kind of the whole point. [17]

“The smartest use of data will be the effective combination of all the various sources of open data and patient information services available in the marketplace, augmented by companies’ own internal information and data from other reliable and reputable sources.”

IMS Health is working in partnership with the MHRA – and in particular the clinical practice research datalink (CPRD) – to help the UK increase its capabilities to build cohorts of patients for clinical trials. This has led to the linkage of IMS Health’s Hospital Treatment Insights (HTI), the aggregation of HES and prescribing data, to the CPRD. This powerful linked dataset enables the identification of specific patient cohorts and allows companies to monitor patient flow between primary and secondary care.

IMS Ardentia’s Costed Care Pathways (CCP) sequences clinical events together with detailed financial information to give a longitudinal view of a particular patient care pathway.” [17]

When these global companies have in addition, bought data from HSCIC, where is the transparency for patients to know what internal practice at these private companies prevents all data becoming one Big Data set,  in identifiable or pseudonymous formats, and sold or shared onwards with others?

The Recent register states explicitly, that IMS will not do this, that the data will not be sold onwardly, but how about the knowledge they create from it?

IMS Health works in partnership with pharma for example:

“ANDromeda is an engagement tool enabling greater market access with a tailored need across all functions within pharmaceutical companies.

And in the UK,  are involved in work shaping our health market: “that may involve looking at how primary care organisations operate or focusing even closer on area-level commissioning, such as GP consortiums.”

Where is our Data being Used?

“The effective combination of IMS Health’s proprietary data assets, in addition to the vast swathes of open data being made available, can help inform key strategic decisions for both the NHS and pharma. Moreover, it can drive an increase in joint working towards shared benefits and therefore transform healthcare services in the UK and beyond.”

“in the UK and beyond.” So I ask myself, which countries outside the UK have received our medical records? Remembering that non-US citizens have no privacy rights in the US, if it landed there, we can say good bye to ever getting control of that knowledge back again.

Indeed HES extracts have been given to places in the US, specifically the University of California, the FOI request I got back confirmed. The Partridge Report contained two examples of data which has gone to Kyoto University. Yes, Japan. And remember, if the data is completely aggregated and anonymised it’s not included in these registers, because it is open, green data. So what exactly went to California, Japan and who knows where else. No one knows 100%. The Report only sample tested 10% of all releases.

IMS received 251 access (which is required for confidential data without consent) for identifiable data extracted from hospital pharmacy systems, sent to HSCIC and linked with HES (hospital records). The main customer for these products will be the pharmaceutical industry. (Lines 101-2).

IMS Health is massive, as is the global health data they hold.
On the IMS One intelligent cloud, the company connects more than 10 petabytes of complex healthcare data on diseases, treatments, costs and outcomes to enable our clients to run their operations more efficiently.

Drawing on information from 100,000 suppliers, and on insights from more than 45+ billion healthcare transactions processed annually, IMS Health’s 9,500+ professionals drive results for over 5,000 healthcare clients globally. Customers include pharmaceutical, medical device and consumer health manufacturers and distributors, providers, payers, government agencies, policymakers, researchers and the financial community.

Another user of our data is Optum UK (formerly United Health Group, and if that sounds familiar it was Simon Stevens [18] last employer). I wonder for example, does that mean it is also used by Optum Insight in the US? This presentation by Christopher M. Blanchette,  shows different data providers of ‘RWE’ real-world evidence and where their data is sourced.

If international companies have NHS England patient data and re-use licence, is it likely in to have been exported around the world or how can we know in which locations it is used? I want to know how often data is given directly to International companies? How often is data given to companies in the UK, who have foreign centres outside the UK, which would routinely share that data with their central systems and therefore export it? It is a basic right of data management to require fair processing for identifiable data, to know who has it for what purpose.

How do we protect consumers’ concerns?

And as US Commissioner Julie Brill’s report shows, in the States there are concerns how this data is used and they are acting on it. Are we doing the same here?

Dr.Neil Bhatia in Hampshire, a GP who founded the non-commercial website care-data.info, asked HSCIC in an FOI request for the data *about him* which was released to these type of intermediaries. He was told, the data controller, the Health and Information Centre, does not know. And he can’t ask for what data is held in pseudonymous format – even though the data is pseudonymous with a key to make it linkable with new identifiable data coming in, so to me, that makes little sense. It is by its nature, re-identifiable.

But if HSCIC won’t release it in a Subject Access Request (SAR), we can then only surmise, whether our individual data was contained in bulk data transfers. So from the released data register, we should look at what types of companies are using pseudonymous (so called ‘amber’ data), and assume our own data was indeed included.

Overseas Data Distribution and Protection

care.data, it was said at the Health Select Committee meeting by Mr.Kelsey in March, was only for use in the UK but the HES/SUS data application form includes a field for use overseas. So, does that mean policy for export has changed for all data, or should they have spoken more precisely meaning only that “GP data extracted in care.data” was only to be used in the UK?

Because IMS, again, already has access to primary data from CPRD and secondary care data according to line 10 from HES. And whilst, it states “[Note added 28/3: The data are onwardly released only in aggregate form] I am curious – where does ‘onward’ mean? There is no Ltd. on the company name, no territory or geography indicated in the register. So if data is released to an American firm, should we assume it sits on US servers and is accessed directly by their US staff? Does onward only restrict them from giving the raw, identifiable data they received, to others outside IMS? Is it availble in non-aggregate form inside the whole of the IMS system? I, in the general public, can’t tell from the register and IMS is hardly going to tell me. We should be able to find out. I’ve found it a challenge, and my FOI request to HSCIC [14] to find out what data may have been given to US or Asian organisations, was tougher than my entire lifetime of dental appointments combined.  It shouldn’t be difficult. Patients should be able to easily ask, to whom did you give my health data and where, for what?

Do we know enough about the plans to use and commercially re-use our data for commercial ‘health purposes’ as being broadly defined in the Care Act? If not, patients should be asking. GPs don’t have time.

Why does it matter? Because legal jurisdiction of data is still (perhaps outdatedly) physically geographic at least in aspects with which I am familiar. When working on global implementations of confidential employment data, we had to gain legal advice from each territory submitting data, on how we should legally properly manage data from over 50 countries in the world and its access by regional and global teams in the US, Europe or Asia.  And on simple terms, we should always handle, process and use data in a way the individual expects and feels common-sensed appropriate to the purpose for which it was submitted. British citizens are not protected by US privacy laws because they apply only to US citizens.

“Existing laws do not sufficiently address data brokers’ handling of sensitive data in marketing or risk mitigation contexts,”

says Julie Brill’s statement. Well they don’t protect us Brits, at all, so I want to know if it’s being used abroad.

Few in England, will expect their data to have been made as freely available at identifiable individual pathway level, as it appears to have been in recent years. Do I at least have the chance to protect my children’s future data privacy, if not my own now?

Surely we can trust Data Protection Laws?

Because of the legal status of data which is deemed “de-identified” or “anonymized”, it is claimed they don’t violate our rights to health information privacy – Data Protection law accords us only the right to fair processing, not to prevent its processing, due to the the Health and Social Care Act 2012 which requires its extraction — but if it’s possible to re-identify longitudinal data sets – and if the whole point of getting these data sets together is to combine them, surely common sense would say, it may be legal, but that doesn’t make it right. There are other DPA expectations which HSCIC also fails to meet. The Minimum data required, for example. Deletion. Accuracy. I am guessing that every single one of the eight Principles have been broken by our data extracted before the HSC Act 2012. Yet, everyone seems to be ignoring this.

When it comes to Data Protection, identifiable data is treated differently from anonymous data. Amber individual level ‘pseudonymous’ data, is not the same as aggregated anonymous statistics and the care.data privacy impact assessment [19] confirms the risk of re-identification, yet the data is being treated as if it is anonymous. I can’t believe people working in the field believe themselves these data groups should be looked on as being equal. In my opinion, it’s not so much a case of wearing rose-tinted spectacles, it’s more like a blindfold on the wise monkeys; hear no evil, see no evil. [20]

I can quite clearly state on behalf of many, we feel that our rights to privacy have been and continue to be violated, no matter what the letter of the law says.

Whilst HSCIC may see only its own data sharing practices in a silo, that’s not how the impact of its sharing works in real life. It’s a join the dots between different data sets from different sources.

Can Good Governance Give us Confidence?

We are told that data-sharing agreements make it illegal for the data to be combined with other data held by the recipient, to make it identifying. But if the Data Controller doesn’t know what data the company already has, and doesn’t even keep track of what data has been given to them already, it must be impossible for individuals within these massive corporations to know the impact of adding their piece of the jigsaw puzzle. Over time, they will not track either, what from their company has already gone into creating the Big Data picture.

We could only rely on release controls and good governance, but for the past ten years reported in HSJ and the Partridge Review, it appears some datasets have been inappropriately shared without audit, which would have spotted the mistake.  Governance is simply inadequate. In my opinion, not with malicious intent. Rather, simply, the data sharing strategy has been too fast for its own good practices to keep up. Now, it has to catch up fast.

As awareness increases, so too is the push back on the privacy grab. How do we feel about losing our individual rights, the removal of confidentiality and consent, the right to freedom from cold-calling, and to know who has our data for what reasons. And do we feel the same if we lose those rights in the name of commercial or public interests?

The British public is pushing back on banking failures and resents increasingly to see the minority of individuals benefiting commercially at the expense of the many. We resent the paternal state definition of the ‘Public Good’. 

Private vs Public Good?

Business benefit vs the wider public good is in some ways an intangible and unquantifiable, but a debate which needs revisited on an ongoing basis says Dr. Mark Tayor when it comes to health records’ data privacy. [21]

The public interest considered by CAG in reviews of data release applications, must consider protecting both the public interest in research access to confidential patient data and the public interest in a confidential health service. Add to that the public interest of providing a national health service, and its safe to say ‘the public interest’ will be hard to satisfy for all of the people, all of the time and will be subjective.

“that the purpose for which the data will be used should be in the public interest and for the provision of health and care services; [and] that any approved processing must respect and promote the privacy of patients and care service users… ” (Hansard, 10 March 2014, Col.137)

Perhaps even more subjective, is the atmosphere of public interest and how interested the public is, in how how level decisions affect us on the ground. Certainly, Snowden and other data sharing revelations have coloured the muddy backdrop of how our data is gathered and used by others, and increased calls for transparency.

The Department of Health will be furious with the Home Office I expect this weekend, as they triggered a massive outcry over the perceived lack of transparency and scrutiny afforded to MPs and civil society over the Data Retention and Investigatory Powers Bill.  Even Radio 2 gave it 20 minutes coverage.  [22] (From 01:36.40) This kind of governmental out-of-touchness with the public and the perceived desire to hide something in the rush to the new legislation, is what undermines trust in all areas of the public-state relationship.

It implies a paternal notion, of “we know best, so just trust us little children.” Well, that ain’t gonna fly.  Seahaven is not “the way the world should be.”

Patient empowerment to own our Health Records

This flawed process, within and beyond NHS data sharing, has also created a sense of loss and disempowerment. Whilst presentations are all about ‘patient centred’ care, and ‘personalised medicine’ sounds so about the individual patient, it seems safe to say patients have been left out of the digital decision making and sharing how those decisions will affect the public on the ground. This for care.data, should have been central to plans to ensure support and success. There are still unfilled positions supposed to be filled by patient organisations or patients on the tech board.

It seems endemic to new programmes too. Or have patient organisations been widely involved in the genomic plans for the nation and not told us? Unlikely.

The talk thus far, does not match the walk. Knowledgable patient involvement is as desired by some of those leading parts of NHS patient engagement, as a chocolate teapot is useful. One is documented having said on another programme, “this was not a suitable point for patient involvement.”  Either you want patients involved or not. Involved means from the beginning. Not as the decoration at the end, a way to tick the engagement box.

The notional idea of patient empowerment in this programme is tokenism, if the most basic principle of care, the only thing I can control in my consultation – my patient confidentiality – is treated with such little respect.

Is the public good really defined and does it outweigh the private good and our long established rights of consent and confidentiality? Does it vary depending on circumstance and if so, who decides?
It certainly doesn’t seem to be us, the patients in healthcare. Nor as citizens in any other field of our personal data.

If you don’t pay for the product, you are the product

In general commercial uses of data, I am increasingly learning that if you don’t pay for the product, you are the product. Maybe we need to shout a bit louder, that we are not a product. We do not all want the knowledge of our health & lifestyle to be for sale.

We’ve got used to these third party uses through the recent media revelations and the acceptance that current Government seems to be prepared to sell anything the State has in its possession. I wonder how representative that is of what the people would choose to do?

So at the risk of repetition, let’s not forget the basics:

1. Our health records are for sale without our consent.
2. These companies are some who have bought data in the last year.
3. At these prices.

The list of past customers in the Partridge Review of those who received data before April 2013 shows the extent of what was hidden from us for twenty years.

Should we be asking, what may be hidden still?

By stretching the scope of the potential discussion around the ‘industrialisaton’ and use of our health records for secondary purposes, we must not normalise the basics which we at first, found so surprising. We need to get them fixed first. Then, only then, will patients be willing to look at broader future scope. If I can’t trust you to manage my hospital record when I broke an ankle, why would I want to trust you with my genomes in future? It reveals a complete disconnect at NHS England level with the public in care.data thinking.

Come back to reality and listen to patients’ real concerns. We don’t want our data given to third parties, these data brokers and intermediaries or to continue re-use licenses. Even if it’s for ‘the promotion of health’ the purposes in the Care Bill.

And honestly? NHS England and the Department of Health  shouldn’t want that acceptable in policy either, because they need to know who has our data, to govern it to make sure it is acceptable. As Sir Nick says in his report, the future data governance must be:

“meticulous, fool-proof and solid as a rock”

One more big mistake in who received our data in the future, and all cards will be off the table.  For this to work, you need to properly manage it. And all this at the time where NHS England has now decided to outsource population wide databases, through the Steria outsourcing. Ha. Get that outsourcing security wrong, and for all your future programmes, as Truman would say, “Good morning, and in case I don’t see ya: Good afternoon, good evening, and good night!”

In the words of more Americans for whom I have a respect & love of their self-determined own words,  Simon and Garfunkel, ‘Slow down, you move too fast.’

Julie Brill’s Statement made a recommendation in the US:

“A second accountability measure that Congress should consider is to require data brokers to take reasonable steps to ensure that their original sources of information obtained appropriate consent from consumers.”

We should feel that we consent to this mining of our health, wealth and lifestyles and know what is done with that knowledge. I feel disempowered because in finding out how my health data is used, I’ve discovered a brave new world of how my personal data is used. By commercial business. By Government.  By suits and wonks as may be nicknamed.  I am not equipped or informed enough to understand it all, but I’m doing my best to find out.

We need to trust in the people who manage these systems, who drive the policy and who advise the two, to work together and make technology work well for the rest of us. It should work well with privacy and security, and functionally.

Patients must speak up and Ask Questions

Patients must start asking more questions about these commercial uses and re-use licenses, because whilst the commercial intermediaries may access data for the purposes permitted in the Care Act, we are not a partner in patient engagement. Our data is being mined in the name of NHS improvement. Our samples being gathered in the name of science.

We are the product for sale. Our name, and everything else about us.

*****

image source: Time cover 2011

[1] Previous posts: Commercial uses of care.data and

[2] care.data use with intermediaries  

[3] Health Select Committee July 1st, 2014: http://data.parliament.uk/writtenevidence/committeeevidence.svc/evidencedocument/health-committee/handling-of-nhs-patient-data/oral/11192.html

[4] NHS England Board meetings – to outsource support

[5] Decision to outsource Primary Care support services

[6] Schumacher’s health records stolen  http://www.mirror.co.uk/news/world-news/michael-schumachers-medical-files-probe-3823793

[7] The Partridge Review Summary

[8] Risk Stratification guidance issued to CCGs

[9] IMS Health Ardentia http://www.imshealth.com/deployedfiles/imshealth/Global/Content/Technology/Technology%20Platforms/Ardentia/Ardentia_Royal_Free_PLICS.pdf

[10] Experian Public Sector http://www.experian.co.uk/assets/identity-and-fraud/authenticate-for-public-sector.pdf

[11] Experian’s Truetouch http://www.experian.co.uk/business-strategies/truetouch.html

[12] Experian -MOSAIC http://www.experian.co.uk/marketing-services/knowledge/case-studies/mosaic-case-studies.html

[13] HSCIC Data Register of Releases

[14] Medconfidential on commercial re-use licenses and Omega Solver https://medconfidential.org/2014/commercial-re-use-licences-for-hes-disappearing-webpages/

[15] Astrazeneca MOU with HSCIC – http://www.astrazeneca.com/Research/news/Article/121204-astrazeneca-to-collaborate-with-the-hscic

[16] Astrazeneca MOU with IMS http://www.astrazeneca.com/Media/Press-releases/Article/20120111–astrazeneca-and-ims-health

[17] IMS Health using NHS patient data  http://www.imshealth.com/deployedfiles/ims/Global/Content/Solutions/Healthcare%20Analytics%20and%20Services/Healthcare%20Outcomes/IMS_HTI.pdf

[18] HSCIC FOI Request on data sharing with the US & Asia

[19] The Eight Data Protection Principles  via ICO

[20] care.data privacy impact assessment http://www.england.nhs.uk/wp-content/uploads/2014/01/pia-care-data.pdf

[21] Previous post: The Partridge Review

[22] Public vs Private Good – “Information Governance as a Force for Good? Lessons to be Learnt from Care.data”, (2014) 11:1 SCRIPTed 1 http://script-ed.org/?p=1377

[23] Data Retention and Investigatory Powers Bill.  Radio 2.

****

See Wired: for an overview of care.data in general http://www.wired.co.uk/news/archive/2014-02/07/a-simple-guide-to-care-data and what good things should be taken from it when flagship care.data goes down http://www.wired.co.uk/news/archive/2014-03/06/care-data