They say ‘every little helps’. care.data needs every little it can get.
In my new lay member role on the ADRN panel, I read submissions for research requests for any ethical concerns that may be reflected in wider public opinion.
The driving force for sharing administrative data research is non-commercial, with benefits to be gained for the public good.
So how do we quantify the public good, and ‘in the public interest’?
Is there alignment between the ideology of government, the drivers of policy [for health, such as the commissioning body NHS England] and the citizens of the country on what constitutes ‘the public good’?
There is public good to be gained for example, from social and health data seen as a knowledge base, by using it using in ‘bona fide’ research, often through linking with other data to broaden insights.
Insight that might result in improving medicines, health applications, and services. Social benefits that should help improve lives, to benefit society.
Although social benefits may be less tangible, they are no harder for the public to grasp than the economic. And often a no brainer as long as confidentiality and personal control are not disregarded.
When it comes to money making from our data the public is less happy. The economic value of data raises more questions on use.
There is economic benefit to extract from data as a knowledge base to inform decision making, being cost efficient and investing wisely. Saving money.
And there is measurable economic public good in terms of income tax from individuals and corporations who by using the data make a profit, using data as a basis from which to create tools or other knowledge. Making money for the public good through indirect sales.
Then there is economic benefit from data trading as a commodity. Direct sales.
In all of these considerations, how does what the public feels and their range of opinions, get taken into account in the public good cost and benefit accounting?
Do we have a consistent and developed understanding of ‘the public interest’ and how it is shifting to fit public expectation and use?
Public concern
“The importance of building and maintaining trust and confidence among all stakeholder groups concerned – including researchers, institutions, ethical review boards and research participants – as a basis for effective data sharing cannot be overstated.” [Wellcome blog, April 2015]
If something is jeopardising that public good it is in the public interest to say so, and for the right reasons.
The loss of public trust in data sharing measured by public feeling in 2014 is a threat to data used in the public interest, so what are we doing to fix it and are care.data lessons being learned?
The three biggest concerns voiced by the public at care.data listening events[1] were repeatedly about commercial companies’ use, and re-use of data, third parties accessing data for unknown purposes and the resultant loss of confidentiality.
Question from Leicester: “Are we saying there will be only clinical use of the data – no marketing, no insurance, no profit making? This is our data.” [NHS Open Day, June 2014]
While people are happy for the state to use their data without active consent for bona fide research, they are not for commercial purposes.
Much of the debate and upset caused by the revelations of how our hospital episode statistics were managed in the past centred on the sense of loss of ownership. And with that, the inability to consent to who uses it. This despite acknowledgment that patients own their data.
Significant concern centres on use of the information gleaned from data that patients consider commercial exploitation. For use segmenting the insurance markets. For consumer market research. Using data for individual targeting. And its utter lack of governance.
There is also concern about data being directly sold or exchanged as a commodity.
These concerns were raised meeting after meeting in the 2014 care.data “listening process.”
The idea is becoming increasingly assumed in discussions I have heard, [at CCG and other public meetings] that because patients have given implied consent to sharing their information for their care, that the same data may be shared for other purposes. It is not, and it is those secondary purposes that the public has asked at care.data events, to see split up, and differentiated.
Research uses are secondary uses, and those purposes cannot ethically be assumed. However, legal gateways, access to that data which makes it possible to uses for clearly defined secondary purposes by law, may make that data sharing legal.
That legal assumption, for the majority of people polls and dialogue show [though not for everyone 6b], comes a degree of automatic support for bona fide research in the public interest. But it’s not a blanket for all secondary uses by any means, and it is this blanket assumption which has damaged trust.
So if data use in research assumes consent, and any panel is the proxy for personal decision making, the panel must consider the public voice and public interest in its decision making.
So what does the public want?
In those cases where there is no practicable alternative [to consent], there is still pressure to respect patient privacy and to meet reasonable expectations regarding use. The stated ambition of the CAG, for example, is to only advise disclosure in those circumstances where there is reason to think patients would agree it to be reasonable.
Whether active not implied consent does or does not become a requirement for research purposes without differentiation between kinds, the public already has different expectations and trust around different users.
The biggest challenge for championing the benefits of research in the public good, may be to avoid being lumped in with commercial marketing research for private profit.
Consent package deals mean that the public cannot choose how data are used in what kids of research and if not happy with one kind, may refuse permission for the other.
By denying any differentiation between direct, indirect, economic and social vale derived from data uses, the public may choose to deny all researchers access to their all personal data.
That may be costly to the public good, for public health and in broader research.
A public good which takes profit into account for private companies and the state, must not be at the expense of public feeling, reasonable expectations and ethical good practice.
A state which allows profit for private companies to harm the perception of good practice by research in the public interest has lost its principles and priorities. And lost sight of the public interest.
Understanding if the public, the research community and government have differing views on what role economic value plays in the public good matters.
It matters when we discuss how we should best protect and approach it moving towards a changing EU legal framework.
“If the law relating to health research is to be better harmonised through the passing of a Regulation (rather than the existing Directive 95/46/EC), then we need a much better developed understanding of ‘the public interest’ than is currently offered by law.” [M Taylor, “Information Governance as a Force for Good? Lessons to be Learnt from Care.data”, (2014) 11:1 SCRIPTed 1]
[2] Private Eye – on Tesco / NHS England commercial meetings https://twitter.com/medConfidential/status/593819474807148546
[3] HSCIC audit and programme for change www.hscic.gov.uk/article/4780/HSCIC-learns-lessons-of-the-past-with-immediate-programme-for-change
[4] EU data protection discussion http://www.digitalhealth.net/news/EHI/9934/eu-ministers-back-data-privacy-changes
[5] Joint statement on EU Data Protection proposals http://www.wellcome.ac.uk/stellent/groups/corporatesite/@policy_communications/documents/web_document/WTP055584.pdf
[6] Ipsos MORI research with the Royal Statistical Society into the Trust deficit with lessons for policy makers https://www.ipsos-mori.com/researchpublications/researcharchive/3422/New-research-finds-data-trust-deficit-with-lessons-for-policymakers.aspx
[6b] The ‘Dialogue on Data’ Ipsos MORI research 2014 https://www.ipsos-mori.com/researchpublications/publications/1652/Dialogue-on-Data.aspx – commissioned by the Economic and Social Research Council (ESRC) and the Office for National Statistics (ONS) to conduct a public dialogue examining the public’s views on using linked administrative data for research purposes,
[8] Tesco clubcard data sale https://jenpersson.com/public_data_in_private_hands/ / Computing 14.01.2015 – article by Sooraj Shah: http://www.computing.co.uk/ctg/feature/2390197/what-does-tescos-sale-of-dunnhumby-mean-for-its-data-strategy
[9] Direct Marketing 2013 http://www.dmnews.com/tesco-every-little-bit-of-customer-data-helps/article/317823/
[10] Personalisation in health data plans http://www.england.nhs.uk/iscg/wp-content/uploads/sites/4/2014/01/ISCG-Paper-Ref-ISCG-009-002-Adult-Social-Care-Informatics.pdf
[11] Tim Kelsey Keynote speech at Strata November 2013 https://www.youtube.com/watch?v=s8HCbXsC4z8
[12] Forbes: Illumina CEO on the US$20bn DNA market http://www.forbes.com/sites/luketimmerman/2015/04/29/qa-with-jay-flatley-ceo-of-illumina-the-genomics-company-pursuing-a-20b-market/
Clubcard and the data which deliver customer insights – telling the company who we are, what we buy and how and when we shop using ‘billions of lines of code’ – will clearly continue to play a vital role in the supermarket customer relations strategy, whether its further processing and analysis is in-house or outsourced.
Assuming the business is sold, clubcard shoppers might wonder who will then own their personal data, if not the shoppers themselves? Who is the data controller and processor? Who will inform customers of any change in its management?
“Dunnhumby has functioned as a standalone outfit in the past few years, offering customer information services to other retailers around the world, and could operate in a similar way for Tesco post-acquisition.”
I haven’t seen in the same media that the Dunnhumby speculation turned into a sale. At least not yet.
In contrast to the commercial company managing customer data for those who choose to take part, the company which manages the public’s data for many state owned services, was sold in December.
What value I wondered does the company have of itself, or what value is viewed intrinsic to the data it works with – health screening, the National Joint Registry and more? It formerly managed HES data. What was part of the deal? Are the data part of the package?
Does the public have transparency of who manages our data?
Northgate has, according to their website, worked with public data, national and local government administrative data since 1969, including the development and management of the NNADC, “the mission critical solution providing continuous surveillance of the UK’s road network. The NADC is integrated with other databases, including the Police National Computer, and supports more than 3 million reads a day across the country.”
Northgate manages welfare support payments for many local authorities and the Welsh Assembly Government.
Data are entrusted to these third parties by the commercial or public body, largely without informing the public.
One could argue that a ‘named owner and processor’ is irrelevant to the public, which is probably true when things are done well.
But when things go wrong or are changed, should ‘the supplier’ of the data, or rather the public whose data it is, not be told?
If so, citizens would be informed and know who now accesses or even owns our public data that Northgate had in the past. Different firms will have different levels of experience, security measures and oversight of their practices than others. To understand how this works could be an opportunity for transparency to create trust.
Trust which is badly needed to ensure consensual data sharing continues.
So what will the future hold for these systems now owned by a private equity firm?
We hear few details of plans available in the public domain about the NHS vision for data management and its future in public research.
We generally hear even less about the current management of the public’s data unless it is in a crisis, as front page stories will testify to over the last year. care.data has been in good company generating anger, with HMRC, the electoral register and other stories of legal, but unexpected data use of citizens’ data.
As a result we don’t know what of our public data is held by whom.
The latest news reported by the DM [3] will not be popular either given that 2/3rds of people asked in research into public trust over the governance of data [4] have concerns about public data in the hands of private firms:
“Controversial plans to give private companies such as Google responsibility for storing people’s private personal health data could be revived, a minister has suggested.”
Could there ever be privatisation plans afoot for HSCIC?
It’s going to be interesting to see what happens next, whoever is making these decisions on our behalf after May 7th.
Certainly the roadmap, business plan, SIAM goals, and framework agreement [5] have given me cause to consider this before. The framework agreement specifically says change to its core functions or duties would require further primary legislation.”
[HSCIC DH framework agreement]
Changes to the HSCIC core remit, such as privatising the service, would require a change in legislation which would by default inform parliament.
Should there not be the same onus to inform the public whose data they are? Especially with “protection of patients being paramount”. One could say protections should apply to our consumer data too.
Regardless of whether data are managed in-house or by another third party, by the state or commercial enterprise, if third parties can be outsourced or even sold, should consumers not always know who owns our data and of any changes in that guardianship?
Taking into account the public mistrust of commercial companies’ data management I would like to think so.
Further privatising the workings of our state data without involving the public in the process would certainly be a roadmap to driving public confidence on data sharing into the ground.
So too, when it comes to public trust, we might find when the commercial sale of consumer Clubcard data goes ahead, every little does not help.
****
Refs:
[1] Computing 14.01.2015 – article by Sooraj Shah: http://www.computing.co.uk/ctg/feature/2390197/what-does-tescos-sale-of-dunnhumby-mean-for-its-data-strategy
[2] Northgate sale to Cinven http://www.northgate-is.com/press-release-nps.html / http://www.northgatepublicservices.co.uk/
[3] On the future of data handling http://www.dailymail.co.uk/news/article-3066758/Could-Google-look-NHS-data-Controversial-plans-revived-minister-says-technology-firms-best-placed-look-information-securely.html
[4] Ipsos MORI research with the Royal Statistical Society into the Trust deficit with lessons for policy makers https://www.ipsos-mori.com/researchpublications/researcharchive/3422/New-research-finds-data-trust-deficit-with-lessons-for-policymakers.aspx
“The government takes the view that transparency is vital to healthy public services. It has created a new Statistics Commission to improve the quality of information collected (and to end arguments about “fiddling” figures).” [Tim Kelsey, New Statesman, 2001] [1]
In a time of continuing cuts to budgets across the public sector the members of the public have every right and good sense to question, how is public money spent and what is its justification.[#NHS2billion]
For the flagship data extraction care.data programme, it is therefore all the more surprising, that for the short and long term there is [2]:
a) no public proof of how much the programme is costing,
b) little around measurable tangible and intangible benefits,
c) or how the risks have been evaluated.
The Woolly Mammoth in the Room
The care.data programme has been running under its ‘toxic’ [3] brand in a similar form now, for two years.
When asked directly on costs at the Health Select Committee last month, the answer was, at best, woolly.
“Q655 Rosie Cooper: While I appreciate that, can you give us any rough figures? What would a CCG be contributing to this?
Tim Kelsey: I cannot answer that question, but we will very rapidly come back to you with the CCGs’ own estimates of the costs of the programme and how much of that cost is being met by the programme.” [Hansard January 2015][4]
I had imagined there was reticence in making it public.
I had imagined, the numbers may be vague.
I hadn’t imagined it just didn’t exist at all.
For the programme whose watchword is transparency, this is more than a little surprising. A plan had to be drafted to drive transparency, after the FOI was received [which I believe fails section 22 refusal criteria, as the decision to publish was made after the FOI]
Why does the business case and cost/risk analysis matter? What is the future of our data ownership?
Because history has a habit of repeating itself and there is a terrible track record in NHS IT which the public cannot afford [22] to allow to repeat, ever again.
The mentality that these unaccountable monster programmes are allowed to grow unchecked, must die out.
Of the NPfIT, Mr Bacon MP said: “This saga is one of the worst and most expensive contracting fiascos in the history of the public sector.”
Last autumn, a new case history [23] examined its rollout, including why local IT systems fail to deliver patient joined up digital records.
Yet, even today, as we hear that IT is critical to the digital delivery of NHS care and we must all be able to access our own health records, we read that tech funds are being cut.
Where is common sense and cohesion of their business planning?
These Big Data programmes do not stand alone, but interact with all sorts of other programmes, policies, and ideas on what will be done and what is possible in future for long term data purposes.
The public is not privvy to that to be able to scrutinise , criticise and positively contribute to plans. That seems short-sighted.
And what of previous data-based ventures? Take as a case study the Dr. Foster IC Joint Venture [NAO, February 2007] [24]
“The Information Centre spent £2.5 million on legal and consultancy advice in developing the joint venture, and setting up the Information Centre. The Information Centre contends that £855,000 of the money paid to KPMG was associated with costs for setting up the Information Centre which included business planning.
However, they could not provide an explicit breakdown of these costs […] We therefore calculate that the total cost to the taxpayer of a 50 per cent share is between £15.4 million and £16.3 million.”
“The Information Centre paid £12 million in cash for a 50 per cent share of the joint venture (see Figure 2 overleaf).
The UK plc made a sizeable investment here. The UK state invested UK taxes in this firm – so what’s the current business case for using data? How transparent are our current state assets and risks?
Being a shareholder in one half, it is fair to ask who are we now sharing the investment risk with or was this part sold soon after?[25] Was that investment a long-term one, or always meant to be so short term and are there any implications for the future of HSCIC?
In 2011 this report [26] another investment group, Bamboo holdings [related to other investor companies], wanted but did not succeed in selling its Dr. Foster stock at an acceptable price, said the portfolio introduction due in their words, to ‘poor performance’. [Annual investor review from 2013 [p.5]
So what risks does the market see as a whole which are not made available to the public which affect how data is used and shared?
What of the other parts of Dr. Foster Research and so on, we, the state, went on to buy or sell later? It appears complex.
Is the commercial benefit to be made for private companies, seen as part of the big picture benefit to the UK plc or where does state investment and expectation for economic growth fit in?
What assessment has been made of the app market in the NHS and how patient data is expected in future to be held by the individual, released by personal choice to providers through phones?
Is a state infrastructure being built which in the surprisingly short term, may see few healthy people who store their data in it or will we see bias to exclude those with the money and technology to opt out who prefer to keep their health data in a handheld device?
“Its software and services are used by over 400 UK local authorities, all UK police forces, social housing providers in the UK and internationally, and NHS hospitals. Its IT projects support the sharing of information for criminal intelligence and investigations across UK police forces and the management of health screening records in the UK and in Ireland.”
All the easier to manage – or to manage to sell off?
Is the business plan future-proofed to survive the new age of health data management?
One of the problems with business cases for programmes which drag on and get swamped down in delays, is they become obsolete.
The one year mark has now passed in the announced care.data pause, announced on February 18th 2014.
The spine proposal by medConfidential [30] is one of the best and clearest proposals I have found with practical solutions to the failed opt out 9Nu4 for example.
Is care.data arthritic or going quietly extinct? The last public information made available, is that it is rolling on in the background towards the pathfinders.
“By when will NHS England commit to respect the 700,000 objections to secondary data sharing already logged but not enacted?” [updated ref June 6th 2015]
How is the business plan kept up to date as the market moves on?
Is Big Data in the NHS too big to survive or has the programme learned to adapt and changed?
As Peter Mills asked a year ago, “Is the Government going to take this, as a live issue, into the next general election? Or will it (like the National Programme for IT) continue piecemeal, albeit without the toxic ‘care.data’ banner? “
The care.data programme board transparency agenda in Nov 2014 : “The care.data programme has yet to routinely publish agendas, minutes, highlight reports and finalised papers which arise from the care.data Programme Board.
“This may lead to external stakeholders and members of the public having a lack of confidence in the transparency of the programme.”
We all recognise the problem, but where’s the solution?
In response to a care.data feature in the November Pharma Times Magazine, I wrote a brief reader letter which was published, slightly abbreviated, on p.13 in the December issue.[1]
The November article had given me the impression that legislation in the Care Act from July was considered to have ironed out most patient concerns.
And it said that GPs opting patients out at practice level ‘would be illegal’.
I suggested three things.
1. The importance that legislation would be seen and enacted before the pathfinders to:
a) shore up trust of the broad definition of purposes to rule out commercial [re]use
b) enact an opt out
c) lend any legal weight to the role of National Data Guardian
Public and professional scrutiny and consultation on these changes will be required to ensure much talked of transparency is seen to be meaningful
2. Pathfinders must not only as the article stated intend to “test all aspects of communication and extraction” in the pilot, but have a watertight plan for managing the planned broadening of both scope and access [2]
after all, how can communications be tested and considered effective which tell patients only part of the story how their data is planned to be used in future? Its merger with social care data, just one example.
and
3. a clarification was worth noting on the GP position regards opt out; that with certain conditions, the ICO had said that GPs opting out patients at practice level would be lawful regards their Data Protection obligations.
Data protection laws do not prevent doctors from adopting the approach recommended by the group Patient Concern, practice-wide opt out and offering opt-in at local level, the Information Commissioner’s Office (ICO) had said, providing certain conditions are met.
“If GPs choose to opt out all of their patients, then that is an issue for them and NHS England – the Data Protection Act does not prevent it,” said strategic liaison group manager at the ICO, Dawn Monaghan, according to a report in GP Online and Pulse. [3]
“However, the Data Protection Act would still require patients to be given a full explanation of the options open to them, and why the GP has chosen to opt them out.”
The Health and Social Care Act however requires GPs to release data to the HSCIC so would practices be in non-compliance with the Health and Social Care Act by doing so?
NHS England threatened one practice in November 2013 with penalties for doing just that a year ago. In fact, it was that position and article [4] which first prompted me to join the twitter social media debate, and my very first tweet on care.data.
A full year on, and here we are, still unclear on opt out.
A full year on and our HES and other data is still being released without our consent, or fair processing.
Whilst the GPs may remain unclear if they would be sanctioned for practice wide opt out of care.data even if they maintain data protection compliance, it seems the penalty for data misuse after release is unchanged.
Whilst there was talk of new penalties for data misuse by companies and organisations, no ‘one strike and out’ ever materialised.
Whilst legislation by the Secretary of State promised patients a statutory right to opt out, it hasn’t happened.
However until that opt out for our GP care.data and our A and E, HES, and other data for secondary purposes is on a legal footing, the opt out has no value for patients compared with the weight of the Health and Social Care Act.
When will the Secretary of State follow through on his word?
It appears to date, we lack both legislation and the technical tool to operate the opt out.
This position seems to be in urgent need of clarification for patients to have our opt out rights confirmed for both GP held data and the existing data held by HSCIC. As well as needing clarified for the GPs and HSCIC as data controllers to be clear on their responsibilities.
It’s not enough to tell patients things will be different. We want to see that they are.
We can only trust a system which is underpinned in law particularly at a time when, ahead of a General Election, many promises may have been made and will be made. Ministers move roles. Their word alone is frankly, going to be of little value to many. Experience tells us, promises may not always turn out as expected in practice.
I asked one of my local community leaders what he thought of the current position on the programme and what his reaction would be if in fact the opt out came to naught and health data was to be extracted and used for research without consent. “We’d be out on the streets,” [in protest] was his prompt reply. Whilst many are happy for data to be used in research, the majority want to know about it first; who will access it and for what purpose. Not everyone is happy for their data to be used in research. And over half were happy only with active consent or not at all, according to a survey carried out by Ipsos MORI in June 2014.[7]
The Data Guardian role [8] too, should be a positive addition to underpin the importance of ethical practice in data management but again, can only be truly meaningful with legislative weight behind it.
The recent DH November announcement said this would happen, ‘at the earliest opportunity.’
How much longer will it be before that opportunity?
When can we expect to see the rules around uses, opt out and the oversight role of the Data Guardian published for public and professional consultation and scrutiny?
If we are to rebuild trust in the programme, it must first offer a foundation for doing so.
*
In the same Pharma Times December issue [2] there is also a feature on George Freeman MP and on EU Data sharing. Well worth a read.
My submitted reader letter:
Your November article ‘Taking care of our data’ states proposed changes to the Care Act 2014 will be laid before Parliament in the new year.
It is imperative this is done before the care.data pilots’ launch. Only meaningful changes underpinned in law will provide patients the basis on which to rebuild their trust in the programme.
Data use purposes remain overly broad, the newly appointed role of National Data Guardian has no legal teeth, and the Health Secretary’s word that a patient’s objection will be respected, is not enough.
The rules around access, oversight and opt out must be pinned down.
And parliamentary scrutiny of these changes, open to professional and public consultation, will be fundamental to public confidence.
Pathfinders must not only ‘‘test all aspects of the communication and extraction process” ready for an imminent rollout. New communications must present real improvements and a watertight plan for managing the planned broadening of the future scope and access.
And finally, one clarification worth noting; under certain conditions, the ICO ruled that GPs opting out patients at practice level would be lawful regards their Data Protection obligations.
The investment to date may seem vast if, like me, you are unfamiliar with the amounts of money that are spent in research [in 2011 an £800M announcement, last summer £90M in Oxford as just two examples], and Friday revealed yet more money, a new £300M research package. It is complex how it all adds up, and from mixed sourcing. But the stated aim of the investment is relatively simple: the whole genomes of 75,000 people [40K patients and 35K healthy relatives] are to be mapped by 2017.
Where the boundary lies between participation for clinical care and for research is less clear in the media presentation. If indeed participants’ results will be fed back into their NHS care pathway, then both aims seem to be the intent of the current wave of participants.
“The ultimate aim is to make genomic testing a routine part of clinical practice – but only if patients and clinicians want it.” [Genomics England, how we work]
The infrastructure of equipment is enormous to have these sequences running 24/7 as was indicated in media TV coverage. I’m no maths whizz, but it appears to me they’re building Titantic at Genomics England and the numbers of actual people planned to take part (75K) would fit on the lifeboats. So with what, from whom, are they expecting to fill the sequencing labs after 2017? At Genomics England events it has been stated that the infrastructure will then be embedded in the NHS. How is unclear, if commercial funding has been used to establish it. But at its most basic, there will be no point building the infrastructure and finding no volunteers want to take part. You don’t build the ship and sail without passengers. What happens, if the English don’t volunteer in the desired numbers?
What research has been done to demonstrate the need or want for this new WGS project going forwards at scale, compared with a) present direct care or b) existing research facilities?
I cannot help but think of the line in the film, Field of Dreams. If you build it they will come. So who will come to be tested? Who will come to exploit the research uses for public good? Who will come in vast numbers in our aging population to exploit the resulting knowledge for their personal benefit vs companies who seek commercial profit? How will the commercial and charity investors, make it worth their while? Is the cost/benefit to society worth it?
All the various investors in addition to the taxpayer; Wellcome Trust, the MRC, Illumina, and others, will want to guarantee they are not left with an empty shell. There is huge existing and promised investment. Wellcome for example, has already “invested more than £1 billion in genomic research and has agreed to spend £27 million on a world class sequencing hub at its Genome Campus near Cambridge. This will house Genomics England’s operations alongside those of the internationally respected Sanger Institute.”
Whilst the commercial exploitation by third parties is explicit, there may also be another possibility to consider: would the Government want:
a) some cost participation by the participants? and
b) will want to sell the incidental findings’ results to the participants?
“Regier et al. 345 have estimated the willingness-to-pay (WTP) for a diagnostic test to find the genetic cause of idiopathic developmental disability from families with an affected child. They used a discrete choice experiment to obtain WTP values and found that these families were willing to pay CDN$1118 (95% CI CDN$498-1788) for the expected benefit of twice as many diagnoses using aCGH and a reduction in waiting time of 1 week when compared to conventional cytogenetic analysis.”
“Moreover, it is advisable to minimise incidental findings where possible; health care professionals should not have an obligation to feedback findings that do not relate to the clinical question, except in cases where they are unavoidably discovered and have high predictive value. It follows that the NHS does not have an obligation to provide patients with their raw genome sequence data for further analysis outside of the NHS. We make no judgement here about whether the individual should be able to purchase and analyse their genome sequence independently; however, if this course of action is pursued, the NHS should provide follow-up advice and care only when additional findings are considered to be of significant clinical relevance in that individual…” [13]
How much is that cost, per person to be mapped? What is the expected return on the investment?
What are the questions which are not being asked of this huge state investment, particularly at a time when we are told he NHS is in such financial dire straits?
Are we measuring the costs and benefits?
Patient and medical staff support is fundamental to the programme, not an optional extra. It should not be forgotten that the NHS is a National Service owned by all of us. We should know how it runs. We should know what is spends. Ultimately, it is we who pay for it.
So let’s see on paper, what are the actual costs vs benefits? Where is the overall and long term cost benefit business case covering the multi-year investment, both of tangible and intangible benefits? In my personal research, I’m yet to find one. There is however, some discussion in this document:
“The problem for NGS is that very little ‘real’ information is available on the actual costs for NGS from the NHS perspective and the NHS Department of Health Reference Costs Database and PSSRU, where standard NHS costings are listed, are generally not helpful.” [13 – PHG, 2011]
Where are the questions being asked if this is really what we should be doing for the public good and for the future of the NHS?
Research under good ethics and bona fide transparent purposes is a public asset. This rollout, has potential to become a liability.
To me, yet again it seems, politics has the potential to wreck serious research aims and the public good.
Perhaps more importantly, the unrestrained media hype carries the very real risk of creating unfounded hope for an immediate diagnosis or treatment, for vulnerable individuals and families who in reality will see no personal benefit. This is not to undermine what may be possible in future. It is simply a plea to rein in hype to reality.
Politicians and civil servants in NHS England appear to use both research and the notion of the broad ‘public good’, broadly in speeches to appear to be doing ‘the right thing to do’, but without measurable substance. Without a clear cost-benefit analysis, I admit, I am skeptical. I would like to see more information in the public domain.
I question whether the propositions of the initiative have been grasped by Parliament and society as a whole, although I understand this is not a ‘new’ subject as such. This execution however, does appear at least, massive in its practical implications, not least for GPs if it is to become so mainstream, as quickly as plans predict. It raises a huge number of ethical questions. Not least of which will be around incidental findings, as the Radio 4 interview raised.
The first I have is consideration of pre-natal testing plans:
“Aside from WGS of individuals, other applications using NGS could potentially be more successful in the DTC market. For example, the use of NGS for non-invasive prenatal testing would doubtless be very popular if it became available DTC prior to being offered by the NHS, particularly for relatively common conditions such as Down syndrome…” [
and then the whole question of consent, particularly from children:
“…it may be almost impossible to mitigate the risk that individuals may have their genome sequenced without their consent. Some genome scan companies (e.g. 23andMe) have argued that the risks of covert testing are reduced by their sample collection method, which requires 2ml of saliva; in addition, individuals are asked to sign to confirm that the sample belongs to them (or that they have gained consent from the individual to whom it belongs). However, neither of these methods will have any effect on the possibility of sequencing DNA from children, which is a particularly contentious issue within DTC genomics.” [13]
“two issues have emerged as being particularly pressing: first is the paradox that individuals cannot be asked to consent to the discovery of risks the importance of which is impossible to assess. Thus from a legal perspective, there is no ‘meeting of minds’ and contractually the contract between researcher and participant might be void. It is also unclear whether informed consent is sufficient to deal with the feedback of incidental findings which are not pertinent to the initial research or clinical question but that may have either clinical or personal significance…” [PHG page 94]
“What we don’t want to say is those 10 years you have between 70 and 80, although clearly you are not going to be working, are not going to be valuable to somebody.
Clearly they are. You might be doing all sorts of very useful things for your family or local society. That’s what we are worried about and that’s the problem with the Department of Health’s calculation.
There are lots of people who adopt the fair-innings approach; ‘you’ve had 70 years of life you’ve got to accept that society is going to bias its investments in younger people.”
[14 – see Channel 4] Yet our population is ageing and we need to find a balance of where roles, rules and expectations meet. And question, how do we measure human value, should we, and on what basis are we making cost-based care decisions?
Clinical environment changes make engagement and understanding harder to achieve
All this, is sitting on shifting, fundamental questions on how decision making and accountability will be set, in a world of ever fragmenting NHS structure:
“More problematic will be the use of specific genomic technologies such as NGS in patient pathways for inherited disorders that are delivered outside the clinical genetics services (such as services for FH, haemophilia and sickle cell disease) and NGS that is used for non-inherited disease conditions. These will be commissioned by GP consortia within established care pathways. Such commissioning of companion diagnostics would, in theory be evaluated first by NICE. However, it is not clear what capacity NICE will have across a broad range of uses. In practice it seems likely that GP consortia may make a variety of different decisions influenced by local experts and pressure, funding and different priorities. Particular questions for NGS will include: How will commissioners be provided with the necessary evidence for decision-making and can this be developed and coordinated at a national level? How will commissioners prioritise particularly when it may be necessary to invest early in order to achieve savings later? What (if any) influence may commissioners be able to exert over the configuration of test providers (for example the rationalisation of laboratories or the use of private testing companies)? [13]
Today (August 8th) the public row between Roche and the Government through NICE became apparant on cancer treatment. And again I found myself asking, what are we not funding, whilst we spend on genomics? If you did not you hear Sir Andrew Dillon & the discussion, you can listen again on BBC Radio 2 iPlayer here. [It’s in the middle of the programme, and begins at 01:09.06.]
Questions, in search of an answer
Where has the population indicated that this is the direction of travel we wish our National Health Service to take? What preparation has been made for the significant changes in society it will bring? When was Parliament asked before this next step in policy and huge public spend were signed off and where is the periodic check against progress and public sign off, of the next step? Who is preparing the people and processes for this explosive change, announced with sparklers, at arms length and a long taper? Are the challenges being shared honestly between policy, politicians and scientists, being shared with patients and public: as discussed at the stakeholder meeting at St.Barts London, 3rd October 2013 (a key panel presentation: 45 minute video with slides)? When will that be shared with the public and NHS staff in full? Why does NHS England feel this is so fundamental to the future of the NHS? Must we abandon a scuppered and sinking NHS for personalised medicine on personal budgets and expectations of increased use of private health insurance?
Is genomics really the lifeboat to which the NHS is inextricably bound?
Not everyone may have understood it that way, but if not, I’d like to know what was meant.
I would like to understand what is meant when Genomics England spokespeople say the future holds:
“Increasingly to select most appropriate treatment strategy. In the longer term, potential shift to prevention based on risk-based information.”
or
“Review the role of sequencing in antenatal and adult screening.”
I would welcome the opportunity to fully understand what was suggested at that Board meeting as a result of our shared risk pool, and readers should view it and make up their own mind. Even better, a frank public and/or press board meeting with Q&A could be rewarding.
The ethical questions that are thrown up by this seem yet to have little public media attention.
Not least, incidental findings: if by sequencing someone’s DNA, you establish there is something for their health that they ought to be doing soon, will you go to that patient and say look, you should be doing this…. these are incidental findings, and may be quite unexpected and separate from the original illness under investigation in say, a family member, and may also only suggest risk indicators, not clear facts.
If this is expected to be mainstream by 2018, what training plans are in place as indicated needed as a “requirement for professionals across the NHS to be trained in genetics and its implications”? [presentation by Mark Bale, DoH, July 2014]
When will we get answers to these questions, and more?
Because there is so much people like me don’t know, but should, if this is our future NHS under such fundamental change as is hyped.
Because even the most esteemed in our land can get things wrong. One of them at the St.Bart’s events quotes on of my favourite myths attributed wrongly to Goethe. It cannot be attributed to him, that he said, ” “Whatever you can do or dream you can, begin it. Boldness has genius, power and magic in it.” You see, we just hear something which sounds plausible, from someone who seems to know what they are talking about. It isn’t always right.
Because patients of rare disease in search of clinical care answers should be entitled to have expectations set appropriately, and participants in research know to what they, and possibly family members indirectly, are committed.
Because if the NHS belongs to all of us, we should be able to ask questions and expect answers about its planning, how we choose to spend its budget and how it will look in future.
These are all questions we should be asking as society
Fundamentally, in what kind of society will my children grow up?
With the questions of pre-natal intervention, how will we shape our attitudes towards our disabled and those who are sick, or vulnerable or elderly? Are we moving towards the research vision Mr.Hunt, Cameron and Freeman appear to share, only for good, or are we indeed to look further head to a Gattacan vision of perfection?
How may this look in a society where ‘some cornflakes get to the top‘ and genetic advantage seen as a natural right over those without that ability? In a state where genetics could be considered as part of education planning? [16]
For those with lifelong conditions, how may genetic screening affect their life insurance when the Moratorium expires* in 2017 (*any shift in date TBC pending discussion) ? How will it affect their health care, if the NHS England Board sees a potential effect on equity of access? How will it affect those of us who choose not to have screening – will we be penalised for that?
And whilst risk factors may include genomic factors, lifestyle factors some argue are even more important, but these change over time. How would those, who may have had past genetic screening be affected in future requirements?
After the August 1st announcement, [11] The Wellcome Trust‘s reporting was much more balanced and sensible than the political championing had been. It grasps the challenges ahead:
“Genomics England has ambitious plans to sequence 100,000 genomes from 75,000 people, some of whom will also have cancer cells sequenced. The sheer scale of the plans is pretty daunting. The genetic information arising from this project will be immense and a huge challenge for computational analysis as well as clinical interpretation. It will also raise a number of issues regarding privacy of patient data. Ensuring that these genetic data can be used maximally for patient benefit whilst protecting the rights of the individual participant must be at the heart of this project.
At the beginning of the Human Genome Project, scientists and funders like the Wellcome Trust knew they were on a journey that would be fraught with difficulties and challenges, but the long-term vision was clear. And so it is with the plans for Genomics England, it will most certainly not be easy…”
Managing change
Reality is that yet again, Change Management and Communications have been relegated to the bottom of the boarding priorities list.
This is not only a research technology or health programme. Bigger than all of that is the change it may bring. Not only in NHS practice, should the everyday vision of black boxes in GP surgeries become reality, but for the whole of society. For the shape of society, in age and diversity. Indeed if we are to be world leaders, we have potential to start to sling the world on a dangerous orbit if the edges of scope are ill defined. Discussing only with interested parties, those who have specific personal or business interests in genomic research and data sharing, whilst at Board meetings not clearly discussing the potential effects of risk stratification and personalisation on a free at the point of delivery health service is in my opinion, not transparent, and requires more public discussion.
After all, there are patients who are desperate for answers, who are part of the NHS and need our fair treatment and equity of access for rare disease. There is the majority who may not have those needs but knows someone who does. And we all fund and support the structure and staff in our world class service, we know and love. We want this to work well.
Future research participation depends on current experience and expectations. It is the latter I fear are being currently mishandled in public and the media.
Less than a month ago, at the NHS England Board Meeting on July 3rd, Lord Adebowale very sensibly asked, “how do we lead people from where we are, and how we take the public with us? We need to be a world leader in engaging all the public”
Engagement is not rocket science. But don’t forget the ethics.
If this project is meant to be, according to MP George Freeman [George 2], akin to Kennedy launching the Space Race, then, by Fenyman [12], why can they not get their public involvement at big launches sorted out?
Is it because there are such large gaps and unknowns that questioning will not stand up to scrutiny? Is it because suggesting a programme will end the NHS as we know it, would be fatal for any politician or party who supports that programme in the coming year? Or do the leading organisations possibly paternalistically believe the public is too dim or uninterested or simply working to make ends meet to care [perhaps part of the 42% of the population who expected to struggle as a result of universal welfare changes, one in three main claimants (34 per cent) said in 2012 they ‘run out of money before the end of the week/month always or most of the time’] ? But why bother will the big press splash, if it should not make waves?
“Let us make recommendations to ensure that NASA officials deal in a world of reality in understanding technological weaknesses and imperfections well enough to be actively trying to eliminate them. They must live in reality in comparing the costs and utility of the Shuttle to other methods of entering space. And they must be realistic in making contracts, in estimating costs, and the difficulty of the projects.
Only realistic flight schedules should be proposed, schedules that have a reasonable chance of being met.
If in this way the government would not support them, then so be it. NASA owes it to the citizens from whom it asks support to be frank, honest, and informative, so that these citizens can make the wisest decisions for the use of their limited resources. For a successful technology, reality must take precedence over public relations… [June 6th 1986. Six months after the disaster, the Report to the Presidential Commission (Appendix F)]
The key is not the landing, it’s understanding why we launched in the first place.
Space may not be the most significant final frontier out there in the coming months that we should be looking at up close. Both in health and science. Our focus in England must surely be to examine these plans with a microscope, and ask what frontiers have we reached in genomics, health data sharing and ethics in the NHS?
[10] November 2013 ISCG – political pressure on genomics schedule http://www.england.nhs.uk/iscg/wp-content/uploads/sites/4/2014/01/ISCG-Paper-Ref-ISCG-009-001-ISCG-Meeting-Minutes-and-Actions-26-November-2013-v1.1.pdf
[16] Education committee, December 4th 2013 including Prof. Plomin From 11.09:30 education and social planning http://www.parliamentlive.tv/Main/Player.aspx?meetingId=14379
*****
For avoidance of confusion [especially for foreign readership and considering one position is so new], there are two different Ministers mentioned here, both called George:
Five months after the most recent delay to the care.data launch, I’ve come to the conclusion that we must seek long-term excellence in its performance, not content ourselves with a second-rate dress rehearsal.
“Sharing our medical records, is like playing Chopin. Done well, it has the potential to demonstrate brilliance. It separates the good, the bad and the ugly, from the world-class players. But will we get it right, or will we look back at repeat dire performances and can say, we knew all the right notes, but got them all in the wrong order?”
The vast majority were from organisations which are data users, some names familiar from the care.data press coverage in spring, [Beacon Consulting, Harvey Walsh] plus many university and charity driven researchers.
Sir Kingsley Manning, Sir Nick Partridge and Andy Williams [The CEO since April 2014] all representing HSCIC, spoke about the outcomes of the PWC audit, which sampled 10% of the releases of identifiable or pseudonymous data sharing agreements for closer review, and what is termed ‘Back Office’ access (by the police, Home Office, court orders) in the eight years as the NHS IC prior to the HSCIC rebrand and changes on April 1st, 2013.
“The standard PwC methodology was adopted for sample testing data releases with the prevailing governance arrangements. Samples were selected for each of the functional areas under review. Of the total number of data releases identified (3,059); approximately a 10% sample was tested in total.” (Report, Data Release Review June 2014)
I believe it is of value to understand how we got here as well as the direction in which the HSCIC is moving. This is what the meeting sought to do, to first look back and then look forward. They are Data Controller and Processor of our health records and personal identifiable data. As care.data pathfinder pilots approach at a pace, set for ‘autumn’, the changes in the current processes and procedures for data handling will not only effect records which are already held, from our hospital care and other health settings‘, but they will have a direct effect on how our medical records extracted from GP practices will be treated, for care [dot] data in the future.
Data Management thus far has failed to meet the standards of world class delivery; in collection, governance and release
It made me think, that sharing our medical records, is like playing Chopin. Done well, it has potential for brilliance. It separates the good, the bad and the ugly, from the world-class players. Even more so, when played as part of suite, where standards are understood and interoperable . Data sharing demands technical precision, experience and discipline. Equally, gone wrong, we can look back at past performances and say, we had world class potential and knew all the right notes, but got them all in the wrong order. Where did we fail? Will we learn, or let it repeat?
The 2.5 hour event, focused more on the attendees’ main interest, how they will be affected by any changes in the release process. Some had last received data before the care.data debacle in February put a temporary halt on releases.
As a result of planned changes, will some current data customers find, that they have already received data for the last time, I wonder?
After the initial review of the critical findings in the Partridge report, the discussion centred on listening to suggestions what may be done in England to prevent future fails. But in fact, I think we should be going further. We should be looking at what we are doing in England to be the world-class player that the Prime Minister said he wants.[5]
We are focused on making the best of a bad job, when we could be looking at how to be brilliant.
To me, the meeting missed a fundamental point. Before they decide the finer points of release, they need to ensure there will be data to collect. There was not one mention of the public’s surprise that our data was collected and had been sold or shared with each of them until last spring. So now that the public in part knows about it, the recipients should also consider we are watching them closely.
Data users are being judged as one, by their group performance
What the data recipients may or may not be conscious of, is that they too each are helping to shape the orchestra and will determine the overall sound that is heard outside.
They may not realise that as data recipients, we citizens, the data providers, will see and hear their actions and respond to them all collectively, in terms of what impact it may have on our opt in/out decision.
I heard on Monday one or two shriller voices from global data intermediaries claiming that others had been receiving data whilst their own requests had been overlooked. As of last Friday, HSCIC said 627 requests were on standby, waiting for review and to know whether or not they would receive data. Currently HSCIC is getting 70 new requests a month. Bearing in mind the attendees were mostly data users, they can be forgiven that they were mostly concerned about data release and use, but they did in part also raise the importance of correct communication, governance and consent of extraction. They realise without future public trust, there is no future data store.
One consultancy however, seemed to want to blame all the other players for their own past mistakes, though there was no talk of any blame in any discussion otherwise. They asked, what about the approvals process for SUS (Secondary Uses Service data), how are those being audited and approved, is it like HES? How about HSCIC getting their act together on opt out, putting power back in the hands of patients, they asked. What about the National Cancer Registries, ONS (Office of National Statistics), all the data which is not HES, will there be one entrance point to access all these data stores for all requests? And as for insurance concerns by patients, the same said, people were foolish to be concerned. Why, “if they don’t get our health data then all the premiums will go up.”
My my, it did feel a little like a Diva having a tantrum at the rest of the performers for messing up her part. And she would darn well pull the rest of them into the pit with her if she was going to get cancelled. In true diva style, I’m sure that company didn’t even realise it.
But all those data recipients are in the same show now – if one of them screws up badly, the critics will slam them all. And with it, their providers of data, we patients, will not share our data. Consent and confidentiality are golden tickets and will not be given up lightly. If all the data-using players perform well, abide by the expected standards, and treat both critics, audience and each other with proper etiquette, then they will get their pay, and get to stay in the show. But it won’t be a one time deal. They will need to learn continuously, do whatever the show conductor asks, and listen and learn from the critics as they perform in future, not slacking off or getting complacent.
Whilst the meeting discussed past failings in the NHS IC, I hope the organisations will consider what has truly shocked the public is some of the uses to which data has been put. How the recipients used it. They need to examine their own practices as much as HSCICs.
The majority of the attendees were playing from the same score, asking future questions which I will address in detail in part two.
The vast majority asked, how will the data lab work? And other Research users asked many similar and related questions. [This from medConfidential [6] whilst on the similar environment for accredited safe havens, goes some way to explaining the principle of a health research remote data lab (HRRDL).]
Governance questions were raised. Penalties were an oft recurring theme and local patient representative group and charity representatives, asked how the new DAAG lay person appointments process would work and be transparent.
Other questions on past data use, were concerned with the volume of Back Office data uses. The volume of police tracing for example. How person tracing by the border agency, particularly with reference to HIV and migrant health, which may reveal data to border agencies which would not normally be shared by the patients’ doctors. “If people are going to have confidence in HSCIC, this was a matter of policy which needed looking at in detail. ” The HSCIC panel noted that they also understood there were serious concerns on the quantity of intra-government departments sharing, the HMRC, Home and Cabinet Offices getting mentions. “There was debate to be had”, he said.
They’re collectively recovering from unexpected and catastrophic criticism at the start of the year. It is still having a critical effect on many organisations because they don’t have access to the data exactly as they used to, with a backlog built up after a temporary stop on the flow which was restarted after a couple of months. HSCIC has reviewed themselves, in part, and any smart attendees on Monday will know how each of their organisations have fared. The audit has found some of their weaknesses and sought to address them. There is a huge number of changes, definitions and open considerations under discussion and not yet ready to introduce. They realise there is a great amount of work still to be done, to bring the theory into practice, test it out, edit and get to a point where they are truly ready for a new public performance.
But none of the truly dodgy sounding instruments have been kicked out yet. I would suggest there are simply organisations which are not themselves of the same standards of ethics and physical best practices which deserve to manage our data. They will bring down the whole, and need rejected – the commercial re-use licenses of commercial intermediaries. And the playing habits of the data intermediaries need some careful attention, drawing the line between their clinical support work and their purely commercial purposes. The pace may have slowed down, but data is still flowing out, and there was no recognition that this may be without data protection permission or best practice, if individuals aren’t aware of their data being used in this way. The panel conducted a well organised and orderly discussion, but there were by far more open questions, than answers ready to be given.
What we do now, sets the future stage of all data sharing, in the UK and beyond – to be brilliant, will take time to get right
How HSCIC puts into action and implements the safeguards, processes and their verbal plans to manage data in the short and medium term, will determine much for the future of data governance in England, and the wider world. Not only in terms of the storage and release of data – its technical capability and process governance, but in the approach to data extraction, fair processing, consent, communication and ongoing management.
This is all too important to rush, and I hope that the feedback and suggestions captured on the day will be incorporated into the production. To do so well, will need time and there is no point in some half-ready dress rehearsal when so much is yet to be done.
The next Big Thing – care.data
When it came to care.data, Andy Williams said it had been a serious failing to not recognise that patients view their GP records quite, totally differently, from the records held at a hospital. Sharing their HES data.
“And it is their data, at the end of the day,” he recognised.
So to conclude looking back, I believe where data sharing has reached, is leaps and bounds ahead of where it was six months ago. The Partridge Review and its recommendations recognises there are problems and makes 9 recommendations. There is lots more the workshop suggested for consideration. If HSCIC wants to achieve brilliance, it needs to practise before going out on a public stage again. The excellence of Chopin’s music does not happen by chance, or through passion alone. To achieve brilliance we cannot follow some romantic notion of ‘it will all be alright on the night’. Hard edged, technical experience knows world-class delivery demands more.
So rolling out care.data as a pathfinder model in autumn before so much good preparation can possibly be done, is in my opinion, utterly pointless. In fact, it would be damaging. It will be like pushing a grade 5 school boy who’s not ready into the limelight, and just wishing him luck, while you wait whistling in the wings. But what will those in charge say?
[9] Classic comedy Morecambe & Wise, with Andre Previn – all the right notes, but not necessarily in the right order https://www.youtube.com/watch?v=-zHBN45fbo8
[10] Blog post part two: care.data is like playing Chopin – or will it be all the right notes, but in the wrong order? [Part two – future]
“That November farewell, given in aid of a Polish charity, came at the end of a difficult six-month British sojourn, which had included concerts in Manchester (one of the largest audiences he ever faced), Glasgow and Edinburgh, where the non-religious Chopin had unwillingly endured Bible readings by a pious patroness anxious to convert him to the Church of Scotland. Finally back in London, the composer-pianist spent three weeks preparing for what turned out to be his final recital by sitting wrapped in his coat in front of the fire at St James’s Place, attended by London’s leading homeopath and the Royal Physician, a specialist in tuberculosis. A week after the concert, he was on his way home to Parisian exile and death the following year.”
Born Zelazowa Wola, Poland of a French emigrant father and Polish mother, he left Poland aged 20, never to return. Well known and by some controversially for his long romantic liaison with novelist George Sand (Aurore Dudevant) after they separated his health failed and in 1848 he paid a long visit to Britain where he gave his last public performance at the Guildhall. He died in Paris.
How our data sharing performance will be judged, matters not just today, or in this electoral term but for posterity. The current work-in-progress is not a dress rehearsal for a care.data quick talent show, but the preparations for lifetime performance and at world standard.
How have we arrived where we are now, at a Grand Pause in the care.data performance? I looked at the past, reviewed through the Partridge Review meeting in [part one here] the first half of this post from attending the HSCIC ‘Driving Positive Change’ meeting on July 21st. (official minutes are online via HSCIC >> here.)
Looking forward, how do we want our data sharing to be? I believe we must not lose sight of classical values in the rush to be centre stage in the Brave New World of medical technology. [updated link August 3rd]* Our medical datasharing must be above and beyond the best model standards to be acceptable technically, legally and ethically, worldwide. Exercised with discipline, training and precision, care.data should be of the musical equivalent of Chopin.
Not only does HSCIC have a pivotal role to play in the symphony that the Government wishes research to play in the ‘health & wealth’ future of our economy, but they are currently alone on the world stage. Nowhere in the world has a comparable health data set over such length of time, as we do, and none has ever brought in all it’s primary care records into a central repository to merge and link, as is planned with care.data. Sir Kingsley Manning said in the current July/August Pharma Times article, data sharing now has to manage its reputation, just like Big Pharma.
Countries around the world, will be watching HSCIC, the companies and organisations involved in the management and in the use of our data. They will be assessing the involvement and reaction of England’s population, to HSCIC’s performance. This performance will help shape what is acceptable, works well and failings will be learned from, by other countries, who will want to do the same in future.
Can we rise to the Challenge to be a world leader in Data Sharing?
If the UK Government wants England to be the world leader in research, we need, not only to be exemplary in how we govern the holding, management and release of data, but also exemplary in our ethics model and expectations of each other in the data sharing process.
I looked in two previous posts at the background theory [1] to commercial uses of our data, then, the background to my concerns of commercial use with data intermediaries. [2] This is now part three, my glimpse into commercial use in real-world practice. It’s become rather a saga.
Here’s the short version: “In general commercial uses of data, I am increasingly learning that if you don’t pay for the product, you are the product. We need to shout a bit louder, that we are not a product for sale. It’s not only that there is an increased risk in a move of our health records from binder to byte and broadening access to them. We take issue with the change of approved purposes from care, to commercial use.”
At the Health Select Committee on July 1st, [3] I believe Sir Manning misses the key issue the public has with care.data and health record sharing, when he gave a response to Q562 to David Tredinnick MP:
‘We made big mistakes over the last 10 years’
“I am saddened by some of the comments that have been made this afternoon about the lack of trust and also by the impugning of our motivation. […]
We made big mistakes over the last 10 years, and we have a once-in-a-generation chance to get it right. I am absolutely clear that we have to engage the public in an open debate about the balance of risks and benefits. There will always be risks with data. There were risks with the Lloyd George envelope; notes were lost, they flew and went all over the place. There will always be risks, but those risks and the benefits are both enhanced by the technology.”
Whilst I applaud Sir Manning’s apology, and his call for open debate, I think he misses here the fundamental point of disagreement the public has with the HSCIC current practice. Selling our health data.
It’s not only that there is an increased risk in a move from binder to byte and broadening their access.We take issue with the change of approved purposes from care, to commercial use.
And these commercial (ab)uses in current form must stop if we are to trust the governance system in future.
Health Records for Commercial sale
HSCIC currently sells our health records for commercial purposes, to intermediaries with commercial re-use licenses, and had no consent nor our permission for this in the past, it continues to do so in the present and appears to have no concern or intention to stop doing so, for the future.
Mr. Kelsey added at the HS Committee,
“We have a very big job to do, and I hope that you will hold us to account in delivering it.”
To which I can only reply, it is you who say it. But who is accountable? The Open Debate which Sir Manning calls for has not been taken up by NHS England. We are told this is a programme of national importance, one which Mr. Kelsey has repeatedly said, including to the Health Select Committee previously, on which the entire future of the NHS depends. Why then, no national discussion, no news since the pause and a focus on updated communications of the current plan. The current plan with flaws in consent collection, scope determination, confusion of purposes.
There are so many ways this could be improved and gotten right, but not by November and without public debate.
How can you insist a programme so vital for the entire future of the NHS yet encourage no public discussion? This seems to be a theme in NHS England recent programmes. [4] The decision to outsource the GP support services was taken in private sessions, not available to the public like the rest of the Board Meetings [5]. Other programmes, pilot and actual plans for implementation go on without public discussion.
There’s been no apology for the data sharing policy developed since 2010 which has encouraged commercial trading and enabled this erosion of security, confidentiality and trust in the data management system of our nation’s health records. No one at the Department of Health has said, we got this policy wrong. No one at NHS England, the same people if under a different label. Poor Sir Manning at the Information Centre who carried out their policy, has been left to say there were ‘big mistakes’ made. But not by him since July 2013.
Trust and care.data off course
That our trust now lies in tatters, is not the fault of the Health Select Committee member to whom Sir Manning says, he is saddened and disappointed. It’s not Joe Public’s fault who had no idea this was going on, until six months ago. Where did these policies and plans since 2010 come from? Where did the use of our data go so astray and why is flagship care.data now so terribly off course? Mr. Cameron outlined it in 2011. What happened in the three years?
Health records for sale
As I wrote in a previous post,
“Some of that data goes back into our health market as business intelligence, both for NHS and private use, for benchmarking, comparisons and making commercial decisions. In our commissioning based marketplace, this re-use of data is now becoming normalised.”
But should it be normal that our medical records are for sale?
When celebrity Michael Schumacher’s notes are for sale, [6] being offered concretely to the media, we all see that is wrong. Just imagine 70 million copies of Schumi’s record, each with our own name on it, being offered to anyone outside of those who need it for our care. Offered to these commercial for-profit data intermediaries. It’s not a theory – this is what is happening to our records, today. Don’t accept the ‘anonymised’ statements, they’re simply not true. Identifiable data and pseudonymous data has been sold. The register confirms it, and that was only a 10% sample.
“To earn the public’s trust in future, we must be able to show that our controls are meticulous, fool-proof and solid as a rock.”
I think banning data sharing for commercial use and re-use would be a good start.
What is it to be used for and why?
When we think of our health records being used by others, we need to separate the uses of the data, in order to understand different ways it is used, who uses it and why. Data once it is processed becomes knowledge which is used as Business Intelligence. It is common in discussion to conflate use in care with care.data. It’s even in the name. But the uses of care.data are secondary. Not to be used by clinicians caring for us, not replacing hospital notes to give to consultants when we are referred for a hospital stay. Not providing discharge papers. It’s only approved for commissioning and sketchily [imo] approved for risk stratification. [ref p.5 ] [8]
care.data extracted from GP surgeries, is not even approved for research purposes, but to read all the recent debates you’d think research depended on it. Research using GP extracted patient data, is not an approved use of care [dot] data. Research using GP extracted patient data is not an approved use of care [dot] data. Repeat, ad nauseaum.
What is already being done, and what is used legitimately i research such as public health (albeit without our past knowledge or consent), is with our hospital data, HES, SUS, Mental Health data, usually with CAG review, and through 251 approval sometimes through DAAG review at HSCIC – it is available and is on sale to all sorts of other non-care providers. And that is planned to continue.
The records extracted so far, when not used for research appear in recent years increasingly used for comparison, the concept of ‘ranking and spanking’ professionals and providers of healthcare. They are also used in commissioning, payment validation and understanding costs and spending. But beyond that, there are all sorts of others who still come under the umbrella of ‘health purposes’ but don’t directly benefit the NHS or individual patients. What is their demand and what are they being supplied?
In the newly created NHS marketplace, customers at individual level are patients, or at a market level they could be any part of the healthcare buying structure, a GP practice, a Clinical Commissioning Group, a Hospital Trust.
The challenge of any demand and supply chain process, is that you need a market willing to pay at the price you are prepared to sell. And you need to offer what they want to buy. For that, the buyers must see a value in the data they want to obtain. Where is the value for these areas of use: Generic NHS Business Intelligence, Generic Commercial Intelligence and Pharmaceutical intelligence?
Health records as Business Intelligence
Some companies take data and process it before selling it to NHS and other health providers in England. This provides a third party service and skill set which the HSCIC nor the NHS Trust for example, has themselves, such as IMS Health.
So business intelligence used for the benefit of the NHS, makes sense and is necessary to a greater or lesser degree depending on your attitudes to comparison websites, green/red flagging professionals and commissioning. Benchmarking was provided by Tribal until that part of their business was bought out by Capita.
These companies’ experience and market is healthcare. The kind of knowledge they can give to the NHS is highlighted in their case studies.
So for clinical care, and for commissioning at individual organisations, these tools are clearly useful and use individual patient level data. [9]
Al sorts of other places and individuals perform these services. They include a wide range of commercial organisations, small and large.
Health records as Commercial Marketing Intelligence
Commercial buyers however, can include wanting data for identity verification, fraud prevention and background checks. Services such as Experian offer. These may be what the loose definition in the Care Act would say are now banned, but are they? What is to say that a company which offers the use of private health services, healthy eating or pharmaceutical marketing is not providing information to others, for the promotion of health?
“Experian employs more than 12,500 people in 34 countries worldwide, supporting clients in more than 60 countries. Annual sales are $3.1 billion (£1.7bn/ v2.5bn).”
Identity verification can be done, matching data across a biographic footprint, ” in databases, established for 45 million UK citizens and hold in excess of 1 billion records.”
“Experian public sector currently works with 380 plus local authorities, 52 police and investigatory bodies, as well as central government agencies including DVLA, HMRC, DWP and the Cabinet Office.” [10]
There is clearly a lot of data sharing in the public sector, about which we may understand very little. But mostly the buyers of data want to sell something. Companies buy lists of people to use in marketing campaigns, who might be interested in what they’re selling — and companies also want to learn more about their current customers.
This is where I find the level of detail and what is done with our data, more than a little freaky.
Every UK consumer is classified into one of 22 types, aggregated into six groups. The 22 types are linked to six decision-making styles, providing insight into consumers’ motivations when using different media and the processes they go through in deciding about products and services.
I don’t know what segment I am in. But I know that I will have data stored in many of those different data sources they mention. So do they actually know more about my habits and inclination, that I have self-awareness? If their tool has over 850 million input sources which they process, it’s more than likely. 34 million email addresses, 20 million mobile phone numbers, 49.7m names and addresses.
Experian may well have much of this data from the electoral roll (unless like me, you opted out of these uses) but in the HSCIC January-April 2014 register of releases [7] data was given to Experian for use in Mosaic. (see July – 132kb right of page)
“Mosaic is Experian’s powerful cross-channel consumer classification designed to help you understand the demographics, lifestyles, preferences and behaviours of the UK adult population in extraordinary detail.” [12]
That they understand and track my behaviours probably better than I do, and at such detailed level, I find surprising and invasive. In fact, I find it threatening in a similar vein to the visceral reaction that the Facebook experiment generated this week online.
As SF Gate reported,
“Using unsuspecting members as human guinea pigs is repugnant. And when the biggest social network on the planet does it, can its leaders be trusted with their own technology?”
This idea that just because one can and the technology permits it, does not mean that one should. It just feels wrong to find out others may manipulate our thinking and behaviours in such a targeted way. Just as Experian does with consumer data:
“Within rural areas we are able to pick out the individual households that are likely to be commuting to towns and cities nearby…”[12]
Individual households? Understanding my behaviours, gives them information which they use to nudge or influence my decision making. Understanding our behaviour ‘in extraordinary detail’ helps companies market and sell more to customers.
There are other re-uses even for health purposes, which seem less transparent and more about us as general consumers, rather than for our health. For example, the use of HES data is in social marketing targeting:
“In this way, companies who process data such as Beacon Dodsworth received data in the last year and offered it for commercial exploitation by others “HES data may be used by pharmaceutical companies “to improve [their] social marketing / media awareness campaigns”. Others included OmegaSolver and Harvey Walsh.”
These companies have re-use licenses for data. what that means is better explained here by medconfidential. [14]
How will HSCIC know how data will be used after release and how will it be audited and how often? When it comes to human tissue, the HTA only audits tissue banks in the UK once every three years. That’s a long time in between audits if something has gone horribly wrong in best practice.
Health records as Commercial Pharmaceutical Intelligence
To global pharma it is again not the data itself which is of value, but in the knowledge it reveals. The pharma business intelligence. It can show at an individual level what is being prescribed or show any gaps it reveals, which will allow pharma, to address ‘unmet clinical need.’ The data already compares hospital prescribing and reports make recommendations used by NICE on what drugs to use and recommend. My concern is that to treat the worried well who have cash to spend, will deflect attention from the needs of the sick and poor and that even if only at postcode level, we will be targeted for pharmaceutical marketing.
“The parties will initially look at how anonymised, integrated health data can be used to identify unmet clinical need in patients with diabetes. In the UK, diabetes affects approximately 2.9 million adults overall, with more than 90% of these patients having type 2 diabetes. This makes diabetes one of the most common chronic medical conditions and represents a significant strain on U.K. health services.”
Astra has another Memorandum with IMS Health. So we, whose data it is, have zero transparency and can request no accountability for the use of our data once it has left the HSCIC.
And it matters because when there are data breaches in these companies, we should know whether our data has been involved.
In January 2012 AstraZeneca signed a three year partnership with IMS MOU[16] and stated it builds on AstraZeneca’s existing ‘real-world’ data and research partnership with HealthCore in the US, the health outcomes research subsidiary of WellPoint. Wellpoint which had a massive breach a year ago, July 2013. So how do we know where our data was stored, and if it were involved or not? Here is what pharma use data for, to analyse “unmet clinical need.”
“The partnership with IMS Health will give AstraZeneca access to pre-existing anonymised electronic health records, which include clinical outcome, economic and treatment pattern data. In addition, the companies will jointly develop a customised research and data analysis platform. The information will provide a deeper insight into how medicines that are already on the market are working in real-world settings across Europe, painting a picture of unmet needs …”
We can look at this more than one way. Some feel strongly commercial use should exclude Big Pharma. On the one hand, the State and Government does not own manufacturing of drugs nor medical products. Though we used to do both. Recently, that we did own, has been increasingly sold to commercial buyers or venture capitalists.
The State and pharma work together, often through University research, to create future health solutions, drugs and the drive towards personalised medicine and diagnostic tests. When companies which own our data are sold and bought internationally what happens to our data they own? Boots Alliance bought data from HSCIC, and they are about to be bought by US Walgreens. So many questions.
Those more informed than me will know all about the challenges of pharmaceutical companies, the patent cliff, mergers and diversification. IP, diagnostic tests and generics in the market. Big Pharma and the State are working together in much research to find solutions and discoveries to current and future medical issues.
How far does cooperation stretch and when does it become inappropriate? Is commercial interest supportive of State practice or driving decision making policy? Should commercial companies fund any costs at our NGOs? And do those which buy the most data, get a bigger slice of the influence of what conclusions reports using the data, reach? Whilst there is a public move to #Alltrials I believe we should demand #Allreports in the public interest as well. I would like to have transparency at HSCIC how their reports are funded, when working with partners which are frequently commercial pharma partnerships.
Mr. Hunt recently defended to the Health Select Committee the reasons why a commercially supported pharma lobbying group was used to advise on the NHS Commissioning plan – the Specialised Healthcare Alliance. Supported by 14 pharma companies, these corporate members are contributing £12,000 each towards the costs of the Alliance for 2014.
Are we really seeing transparency on who is driving change in our health service?
The Richness of our records open for Exploitation
The value of Big Data is only extracted by exploiting its richness. And these days, with mobile phones, social media and shopping habits tracked by the minute, the average citizen like me, it seems can’t easily avoid being part of it, whether we want to be or not.
But if we don’t even have the right to control and own our data and we can’t control the knowledge generated from it, how can we control who knows what about us and what they use it for? If we’re unaware of its existence, how can we understand its impact on our life to make free and uninfluenced choices in what we buy, for example? Or understand how we may be segmented and discriminated against. And this is aside from the assumption that the data held is accurate and that as a result, no mistaken judgements are being made about us.
As for our health data, how can we control its use by these massive data managers if we don’t even know who they are at the end of a chain of re-use licenses?
Put Business Intell, Commercial Intell and Pharma together
The vast amounts of data already held and analysed to the nth degree by these data intermediaries, means that making even more data available to them is going to increase the segmentation and risk of identification. They already have data on individuals and is it not enough that they make analysis at household level as shown by Mosaic? Individual health level data seems that they could put a final piece in the puzzle and know exactly who in which house had which ailments, their lifestyle risk factors could be refined and these data brokers would be able to look inside our very bodies.
One which fits data together, we do know from the HSCIC data release register, and press reports in March, is Harvey Walsh. The company tracks individuals pathway data, over time and the website now says:
“Harvey Walsh use non-sensitive and non-identifiable HES data for patient pathway mapping that is used by the healthcare industry with the NHS to improve the quality of healthcare management and service delivery by better understanding how patient cohorts move around the healthcare system.”
[Harvey Walsh’s system] “AXON holds non identifiable and non-sensitive HES (Hospital Episode Statistics) data and other sources of data including GP Practice Prescribing, QOF, Demographic and NHS personnel data sets.”
Data snapshots combine to give a Picture over a Lifetime
So now, not only can these companies understand us in infinite detail, but can do so over our lifetime. We are tracked over time and anaylsed not as a snapshot, but as a living album of snaps, moving across time. They know what we do commercially, in our lifestyle and how it interacts with our health and what may affect our consumer habits and help nudge our decision making. Put them together, and it starts to feel like I’m on The Truman Show.
I’d like to know though, once the data is processed, what happens to the new combined knowledge set, it creates? The original raw data as extracted may not be given to others, but is it the same product and protected, if it now shows up as a small piece, in a bigger jigsaw?
Omega Solver took their product offline this year, after privacy campaigners identified the risk of identifying individuals.
Acxiom as a world data leader example, is a company which provides consumer data and analytics for marketing campaigns and fraud detection. Its databases contain information about 700 million consumers worldwide.
“For more than 40 years, Acxiom has been a leader in harnessing the powerful potential of data.”
It seems others share my concerns, as this article on how data brokers use of our data is creepy, from Julia Angwen showed up in my alert feed this week, and another in ProPublica from last September. As she says,
You can see more on this, in her interview with PBS News:
Our lifetime data is attractive to commercial marketing and all sorts of organisations who wish to understand us and sell to us. The one purpose, possibly the least trusted I have not really touched on. Hospital records have been shared with insurers and used for refining policy. Records have been sold to re-insurers, even since January 2014. And these insurers mine and use data much more deeply than we want to imagine. In fact, as I finish this I see the FT front page tomorrow carries a current story how insurers trawl our Big Data.
HSCIC Data Sharing Agreements will prevent Data Merger?
IMS Health UK & Ireland’s general manager, Michael Sanvoisin shows that exploiting the different data sets ‘out there’ in Big Data, is kind of the whole point. [17]
“The smartest use of data will be the effective combination of all the various sources of open data and patient information services available in the marketplace, augmented by companies’ own internal information and data from other reliable and reputable sources.”
IMS Health is working in partnership with the MHRA – and in particular the clinical practice research datalink (CPRD) – to help the UK increase its capabilities to build cohorts of patients for clinical trials. This has led to the linkage of IMS Health’s Hospital Treatment Insights (HTI), the aggregation of HES and prescribing data, to the CPRD. This powerful linked dataset enables the identification of specific patient cohorts and allows companies to monitor patient flow between primary and secondary care. IMS Ardentia’s Costed Care Pathways (CCP) sequences clinical events together with detailed financial information to give a longitudinal view of a particular patient care pathway.” [17]
When these global companies have in addition, bought data from HSCIC, where is the transparency for patients to know what internal practice at these private companies prevents all data becoming one Big Data set, in identifiable or pseudonymous formats, and sold or shared onwards with others?
The Recent register states explicitly, that IMS will not do this, that the data will not be sold onwardly, but how about theknowledge they create from it?
“ANDromeda is an engagement tool enabling greater market access with a tailored need across all functions within pharmaceutical companies.
And in the UK, are involved in work shaping our health market: “that may involve looking at how primary care organisations operate or focusing even closer on area-level commissioning, such as GP consortiums.”
Where is our Data being Used?
“The effective combination of IMS Health’s proprietary data assets, in addition to the vast swathes of open data being made available, can help inform key strategic decisions for both the NHS and pharma. Moreover, it can drive an increase in joint working towards shared benefits and therefore transform healthcare services in the UK and beyond.”
“in the UK and beyond.” So I ask myself, which countries outside the UK have received our medical records? Remembering that non-US citizens have no privacy rights in the US, if it landed there, we can say good bye to ever getting control of that knowledge back again.
Indeed HES extracts have been given to places in the US, specifically the University of California, the FOI request I got back confirmed. The Partridge Report contained two examples of data which has gone to Kyoto University. Yes, Japan. And remember, if the data is completely aggregated and anonymised it’s not included in these registers, because it is open, green data. So what exactly went to California, Japan and who knows where else. No one knows 100%. The Report only sample tested 10% of all releases.
IMS received 251 access (which is required for confidential data without consent) for identifiable data extracted from hospital pharmacy systems, sent to HSCIC and linked with HES (hospital records). The main customer for these products will be the pharmaceutical industry. (Lines 101-2).
IMS Health is massive, as is the global health data they hold.
On the IMS One intelligent cloud, the company connects more than 10 petabytes of complex healthcare data on diseases, treatments, costs and outcomes to enable our clients to run their operations more efficiently.
Drawing on information from 100,000 suppliers, and on insights from more than 45+ billion healthcare transactions processed annually, IMS Health’s 9,500+ professionals drive results for over 5,000 healthcare clients globally. Customers include pharmaceutical, medical device and consumer health manufacturers and distributors, providers, payers, government agencies, policymakers, researchers and the financial community.
Another user of our data is Optum UK (formerly United Health Group, and if that sounds familiar it was Simon Stevens [18] last employer). I wonder for example, does that mean it is also used by Optum Insight in the US? This presentation by Christopher M. Blanchette, shows different data providers of ‘RWE’ real-world evidence and where their data is sourced.
If international companies have NHS England patient data and re-use licence, is it likely in to have been exported around the world or how can we know in which locations it is used? I want to know how often data is given directly to International companies? How often is data given to companies in the UK, who have foreign centres outside the UK, which would routinely share that data with their central systems and therefore export it? It is a basic right of data management to require fair processing for identifiable data, to know who has it for what purpose.
How do we protect consumers’ concerns?
And as US Commissioner Julie Brill’s report shows, in the States there are concerns how this data is used and they are acting on it. Are we doing the same here?
Dr.Neil Bhatia in Hampshire, a GP who founded the non-commercial website care-data.info, asked HSCIC in an FOI request for the data *about him* which was released to these type of intermediaries. He was told, the data controller, the Health and Information Centre, does not know. And he can’t ask for what data is held in pseudonymous format – even though the data is pseudonymous with a key to make it linkable with new identifiable data coming in, so to me, that makes little sense. It is by its nature, re-identifiable.
But if HSCIC won’t release it in a Subject Access Request (SAR), we can then only surmise, whether our individual data was contained in bulk data transfers. So from the released data register, we should look at what types of companies are using pseudonymous (so called ‘amber’ data), and assume our own data was indeed included.
Overseas Data Distribution and Protection
care.data, it was said at the Health Select Committee meeting by Mr.Kelsey in March, was only for use in the UK but the HES/SUS data application form includes a field for use overseas. So, does that mean policy for export has changed for all data, or should they have spoken more precisely meaning only that “GP data extracted in care.data” was only to be used in the UK?
Because IMS, again, already has access to primary data from CPRD and secondary care data according to line 10 from HES. And whilst, it states “[Note added 28/3: The data are onwardly released only in aggregate form] I am curious – where does ‘onward’ mean? There is no Ltd. on the company name, no territory or geography indicated in the register. So if data is released to an American firm, should we assume it sits on US servers and is accessed directly by their US staff? Does onward only restrict them from giving the raw, identifiable data they received, to others outside IMS? Is it availble in non-aggregate form inside the whole of the IMS system? I, in the general public, can’t tell from the register and IMS is hardly going to tell me. We should be able to find out. I’ve found it a challenge, and my FOI request to HSCIC [14] to find out what data may have been given to US or Asian organisations, was tougher than my entire lifetime of dental appointments combined. It shouldn’t be difficult. Patients should be able to easily ask, to whom did you give my health data and where, for what?
Do we know enough about the plans to use and commercially re-use our data for commercial ‘health purposes’ as being broadly defined in the Care Act? If not, patients should be asking. GPs don’t have time.
Why does it matter? Because legal jurisdiction of data is still (perhaps outdatedly) physically geographic at least in aspects with which I am familiar. When working on global implementations of confidential employment data, we had to gain legal advice from each territory submitting data, on how we should legally properly manage data from over 50 countries in the world and its access by regional and global teams in the US, Europe or Asia. And on simple terms, we should always handle, process and use data in a way the individual expects and feels common-sensed appropriate to the purpose for which it was submitted. British citizens are not protected by US privacy laws because they apply only to US citizens.
“Existing laws do not sufficiently address data brokers’ handling of sensitive data in marketing or risk mitigation contexts,”
says Julie Brill’s statement. Well they don’t protect us Brits, at all, so I want to know if it’s being used abroad.
Few in England, will expect their data to have been made as freely available at identifiable individual pathway level, as it appears to have been in recent years. Do I at least have the chance to protect my children’s future data privacy, if not my own now?
Surely we can trust Data Protection Laws?
Because of the legal status of data which is deemed “de-identified” or “anonymized”, it is claimed they don’t violate our rights to health information privacy – Data Protection law accords us only the right to fair processing, not to prevent its processing, due to the the Health and Social Care Act 2012 which requires its extraction — but if it’s possible to re-identify longitudinal data sets – and if the whole point of getting these data sets together is to combine them, surely common sense would say, it may be legal, but that doesn’t make it right. There are other DPA expectations which HSCIC also fails to meet. The Minimum data required, for example. Deletion. Accuracy. I am guessing that every single one of the eight Principles have been broken by our data extracted before the HSC Act 2012. Yet, everyone seems to be ignoring this.
When it comes to Data Protection, identifiable data is treated differently from anonymous data. Amber individual level ‘pseudonymous’ data, is not the same as aggregated anonymous statistics and the care.data privacy impact assessment [19] confirms the risk of re-identification, yet the data is being treated as if it is anonymous. I can’t believe people working in the field believe themselves these data groups should be looked on as being equal. In my opinion, it’s not so much a case of wearing rose-tinted spectacles, it’s more like a blindfold on the wise monkeys; hear no evil, see no evil. [20]
I can quite clearly state on behalf of many, we feel that our rights to privacy have been and continue to be violated, no matter what the letter of the law says.
Whilst HSCIC may see only its own data sharing practices in a silo, that’s not how the impact of its sharing works in real life. It’s a join the dots between different data sets from different sources.
Can Good Governance Give us Confidence?
We are told that data-sharing agreements make it illegal for the data to be combined with other data held by the recipient, to make it identifying. But if the Data Controller doesn’t know what data the company already has, and doesn’t even keep track of what data has been given to them already, it must be impossible for individuals within these massive corporations to know the impact of adding their piece of the jigsaw puzzle. Over time, they will not track either, what from their company has already gone into creating the Big Data picture.
We could only rely on release controls and good governance, but for the past ten years reported in HSJ and the Partridge Review, it appears some datasets have been inappropriately shared without audit, which would have spotted the mistake. Governance is simply inadequate. In my opinion, not with malicious intent. Rather, simply, the data sharing strategy has been too fast for its own good practices to keep up. Now, it has to catch up fast.
As awareness increases, so too is the push back on the privacy grab. How do we feel about losing our individual rights, the removal of confidentiality and consent, the right to freedom from cold-calling, and to know who has our data for what reasons. And do we feel the same if we lose those rights in the name of commercial or public interests?
The British public is pushing back on banking failures and resents increasingly to see the minority of individuals benefiting commercially at the expense of the many. We resent the paternal state definition of the ‘Public Good’.
The public interest considered by CAG in reviews of data release applications, must consider protecting both the public interest in research access to confidential patient data and the public interest in a confidential health service. Add to that the public interest of providing a national health service, and its safe to say ‘the public interest’ will be hard to satisfy for all of the people, all of the time and will be subjective.
“that the purpose for which the data will be used should be in the public interest and for the provision of health and care services; [and] that any approved processing must respect and promote the privacy of patients and care service users… ” (Hansard, 10 March 2014, Col.137)
Perhaps even more subjective, is the atmosphere of public interestand how interested the public is, in how how level decisions affect us on the ground. Certainly, Snowden and other data sharing revelations have coloured the muddy backdrop of how our data is gathered and used by others, and increased calls for transparency.
The Department of Health will be furious with the Home Office I expect this weekend, as they triggered a massive outcry over the perceived lack of transparency and scrutiny afforded to MPs and civil society over the Data Retention and Investigatory Powers Bill. Even Radio 2 gave it 20 minutes coverage. [22] (From 01:36.40) This kind of governmental out-of-touchness with the public and the perceived desire to hide something in the rush to the new legislation, is what undermines trust in all areas of the public-state relationship.
It implies a paternal notion, of “we know best, so just trust us little children.” Well, that ain’t gonna fly. Seahaven is not “the way the world should be.”
Patient empowerment to own our Health Records
This flawed process, within and beyond NHS data sharing, has also created a sense of loss and disempowerment. Whilst presentations are all about ‘patient centred’ care, and ‘personalised medicine’ sounds so about the individual patient, it seems safe to say patients have been left out of the digital decision making and sharing how those decisions will affect the public on the ground. This for care.data, should have been central to plans to ensure support and success. There are still unfilled positions supposed to be filled by patient organisations or patients on the tech board.
It seems endemic to new programmes too. Or have patient organisations been widely involved in the genomic plans for the nation and not told us? Unlikely.
The talk thus far, does not match the walk. Knowledgable patient involvement is as desired by some of those leading parts of NHS patient engagement, as a chocolate teapot is useful. One is documented having said on another programme, “this was not a suitable point for patient involvement.” Either you want patients involved or not. Involved means from the beginning. Not as the decoration at the end, a way to tick the engagement box.
The notional idea of patient empowerment in this programme is tokenism, if the most basic principle of care, the only thing I can control in my consultation – my patient confidentiality – is treated with such little respect.
Is the public good really defined and does it outweigh the private good and our long established rights of consent and confidentiality? Does it vary depending on circumstance and if so, who decides?
It certainly doesn’t seem to be us, the patients in healthcare. Nor as citizens in any other field of our personal data.
If you don’t pay for the product, you are the product
In general commercial uses of data, I am increasingly learning that if you don’t pay for the product, you are the product. Maybe we need to shout a bit louder, that we are not a product. We do not all want the knowledge of our health & lifestyle to be for sale.
We’ve got used to these third party uses through the recent media revelations and the acceptance that current Government seems to be prepared to sell anything the State has in its possession. I wonder how representative that is of what the people would choose to do?
So at the risk of repetition, let’s not forget the basics:
The list of past customers in the Partridge Review of those who received data before April 2013 shows the extent of what was hidden from us for twenty years.
Should we be asking, what may be hidden still?
By stretching the scope of the potential discussion around the ‘industrialisaton’ and use of our health records for secondary purposes, we must not normalise the basics which we at first, found so surprising. We need to get them fixed first. Then, only then, will patients be willing to look at broader future scope. If I can’t trust you to manage my hospital record when I broke an ankle, why would I want to trust you with my genomes in future? It reveals a complete disconnect at NHS England level with the public in care.data thinking.
Come back to reality and listen to patients’ real concerns. We don’t want our data given to third parties, these data brokers and intermediaries or to continue re-use licenses. Even if it’s for ‘the promotion of health’ the purposes in the Care Bill.
And honestly? NHS England and the Department of Health shouldn’t want that acceptable in policy either, because they need to know who has our data, to govern it to make sure it is acceptable. As Sir Nick says in his report, the future data governance must be:
“meticulous, fool-proof and solid as a rock”
One more big mistake in who received our data in the future, and all cards will be off the table. For this to work, you need to properly manage it. And all this at the time where NHS England has now decided to outsource population wide databases, through the Steria outsourcing. Ha. Get that outsourcing security wrong, and for all your future programmes, as Truman would say, “Good morning, and in case I don’t see ya: Good afternoon, good evening, and good night!”
In the words of more Americans for whom I have a respect & love of their self-determined own words, Simon and Garfunkel, ‘Slow down, you move too fast.’
Julie Brill’s Statement made a recommendation in the US:
“A second accountability measure that Congress should consider is to require data brokers to take reasonable steps to ensure that their original sources of information obtained appropriate consent from consumers.”
We should feel that we consent to this mining of our health, wealth and lifestyles and know what is done with that knowledge. I feel disempowered because in finding out how my health data is used, I’ve discovered a brave new world of how my personal data is used. By commercial business. By Government. By suits and wonks as may be nicknamed. I am not equipped or informed enough to understand it all, but I’m doing my best to find out.
We need to trust in the people who manage these systems, who drive the policy and who advise the two, to work together and make technology work well for the rest of us. It should work well with privacy and security, and functionally.
Patients must speak up and Ask Questions
Patients must start asking more questions about these commercial uses and re-use licenses, because whilst the commercial intermediaries may access data for the purposes permitted in the Care Act, we are not a partner in patient engagement. Our data is being mined in the name of NHS improvement. Our samples being gathered in the name of science.
We are the product for sale. Our name, and everything else about us.
[3] Health Select Committee July 1st, 2014: http://data.parliament.uk/writtenevidence/committeeevidence.svc/evidencedocument/health-committee/handling-of-nhs-patient-data/oral/11192.html
[9] IMS Health Ardentia http://www.imshealth.com/deployedfiles/imshealth/Global/Content/Technology/Technology%20Platforms/Ardentia/Ardentia_Royal_Free_PLICS.pdf
[10] Experian Public Sector http://www.experian.co.uk/assets/identity-and-fraud/authenticate-for-public-sector.pdf
[17] IMS Health using NHS patient data http://www.imshealth.com/deployedfiles/ims/Global/Content/Solutions/Healthcare%20Analytics%20and%20Services/Healthcare%20Outcomes/IMS_HTI.pdf
The Partridge Review came out on Tuesday 17th and everyone should read it. But not just the summary. Both the full version and [1] summary are here.
So what is positive about these massive revelations? At long last it appears that the hands have come off the ears and the real issues are being listened to.
My summary: “NHS England cannot now put a hand over its eyes & hope care.data issues are only about communications.”
I feel somewhat relieved that the issues many have been concerned about for the last ten months, have now been officially recognised.
Amongst them, it has confirmed the utter lack of clear, publicly transparent and some quite basic, governance procedures.
It’s no surprise then, that our medical records, on at least two occasions in this sample 10% review of the releases, have gone to undocumented destinations. (Let’s ignore the fact of the other 90%!? of which we have no visibility yet).
At least eight insurers or re-insurers were in this 10% sample, so how many times did such companies get it, in the other 90% which has not been reviewed and we haven’t heard about?
How will ‘promotion of health’ purposes exclude them in future? In my opinion, it won’t.
Why would an insurance company be excluded if it requests data in order to provide health care coverage?
This is the wording of the Act, not ‘for the benefits of the NHS’ or any other more ‘friendly’ patient facing framing.
At the NHS Open Day on Tuesday, the same day as the release, a panel spokesperson stated that commercial information intermediaries [2] will continue to be approved recipients. Gah – why this is such a bad idea, I wrote about here. [3]
The Partridge review said there had been no complaints. [4] MedConfidential pointed out an example of those of which they know. Kingsley Manning told the Health Select Committee [5] on 8th April, there had been seventeen opt outs of Hospital Episode Statistics, ever. Fourteen in 2013 and three prior to 2013.
“Q377Chair: There is not an opt-out rate for care.data yet, presumably.
Kingsley Manning: No, not on that, but in terms of the number of people who have acted to opt out, it is 3 opt-outs up until April 2013 and a further 14 opt outs since 1 April 2013.”
Would I be wrong to suspect each was accompanied by a complaint? You don’t usually opt out of something you are happy with.
The reason for these low numbers of both complaints and opt out in the wider public? WE DID NOT KNOW. The public didn’t know we had anything to be unhappy about. Many still do not.
As soon as I fully understood the commercial selling of my family’s patient records, this below is the query for advice / complaint I made in January to ICO, before the launch was postponed.
I wanted some guidance from an outside body, because I was being told the law permitted this extraction, so what good would a further complaint to HSCIC do? I had already written to my MP and had a response from the Secretary of State / Department of Health (which tried to tell me patient identifiable data was not shared with third parties), as well as feedback to my concerns raised by email with HSCIC, all of which only tried to reassure me. I had no one to otherwise raise concerns with. The ICO advisor I spoke to told me at that time, that they had had many similar complaints.
I’ll be blunt and say now, especially since the Open Day [more on that later, especially on the content of care.data FAQs we received], I think it’s fair to say I am far better informed about care.data than most in the public. When Mr. Kelsey asked for a show of hands, how many had heard of care.data, all put their hands up. Bearing in mind the rooms were full of highly involved people, NHS England staff, CCG and PPG leaders, and few ‘ordinary patients’ like me, and the agenda contained a section on care.data, it’s unsurprising we had heard of it. When Mr.Kelsey asked, “how many of you understand what it is?” the response was around 50%. I’d dispute also, that all of those 50% truly do.
Some of the comms material we were given is factually incorrect, for example, around research. Currently, GP held data planned for care.data extraction and its merger with HES, into Care Episode Statistics (CES), is approved for commissioning purposes but not for research by the GPES group. It’s not approved for research purposes, so its no good telling us how good it is to have it for the benefit of research. What has already been released for research, and continues to be so, is what was already extracted in the past, with or without consent, and informing patients.
Records will not be deleted which raises all sorts of historical reporting concerns if mistakes are identified in retrosepct.
I have spoken with several NHSE Communications people who genuinely asked me, or left me asking the question for them in my own mind, “If I don’t understand it, then how is the public expected to?”
The concerns I had now almost five months ago, seem vindicated by the report. The actions taken since, the loose wording of the Care Act 2014, and little evidence of intention to make any change which is binding i.e. the opt out is only granted at the whim of the Secretary of State, it’s not statutory and that there is no independent governance to be put in place , have done nothing to bolster my confidence these gaps have been filled.
Simon Denegri,Chair of INVOLVE – the UK’s national advisory group on public involvement – and NIHR National Director for Public Participation and Engagement in Research, wrote a response on his blog [6]. I agree with the spirit of his post, and positivity, [he also writes excellent haiku] but where I disagree I outline below. There is room for positive hope for care.data, but first, let’s properly address the past.
“I am sure that many better informed people than I will pore over the detail. Others will use it to strengthen their case that we should put a stop to any manner of data sharing.”
Perhaps most key, I disagree with his fears the report could be used by ‘others.’ I don’t know anyone who wants to see a stop to ‘any manner’ of data sharing, including me. It’s the *how* and *why* and *with whom* that still needs work. Some of us may not want it without active consent, but that is part of the how, not if. It’s not *any* manner that I object to, it’s *this* manner specifically.
I have read the Review in detail and whilst there is much positive in attitude in the Review, the reality of what difference this will make with any real bite, is hard to find.
For example, “The HSCIC will plan a new ‘data laboratory’ service which will protect the public’s information by allowing access to it in a safe environment with HSCIC managed networks and facilities.” But this is with caveats, as it’s the “default,” Tim Kelsey said on Tuesday to the NHSE Open House. It does not mean *all* and if global third party intermediaries and business intelligence companies are still to receive data, then I can’t imagine the global likes of IMS Health, or Experian, or Harvey Walsh will send someone along to Leeds every time they want to extract data. Who will be given special permissions and how will they be decided and recorded, how will it be documented what data they access, if they get a free pass?
Unknown others have direct access to the HES system now through HDIS. Public Health should rightly use our health data, but a transparent list of all approved organisations here too, would be a positive step.
Simon’s post continues,
“As you would expect from a previous Chair of INVOLVE, Nick Partridge, has secured fundamental changes in the governance of HSCIC and data releases going forward. These include patients and the public sitting on the main committees reviewing data releases, open publication of data releases and a programme of ‘active communication’ with the public”.
Patients and public on the DAAG committee. If they are informed about data governance law and good practices, yes, if it’s just ‘representative’, not so useful. But DAAG is HSCIC staffed, and HSCIC has a legal and policy remit from the Department of Health and in its roadmap to distribute data, and will create ‘a vibrant market of data intermediaries’, as it would be wrong to exclude private companies simply on ideological grounds. So the concept of ‘independent’ is flawed. Where are the teeth needed to reject an application, if it’s in the interest of the reviewing body, to accept it?
“It’s my view that the Partridge review, its recommendations, and the swift response from the Health and Social Care Information Centre (HSCIC), offers us the opportunity of a fresh start with the public on this issue.” [S.D.]
This could be used as an opportunity to brush the past aside and say time for a fresh start, but it can only be so if there is confidence of change.
NHS England cannot now put a hand over its eyes and hope the issues go away or that it’s only about communications.
The past needs fisking, issue by issue, to avoid they happen again. And the real risks need addressed, not glossed over. Why?
Because let’s assume the public all thinks it’s fine, and none of us opt out. Then through these still flawed process holes, a huge data leak. The public loses trust all over again, and the opportunity for the care.data benefits is lost forever.
Get it right now, and you build a trustworthy and seaworthy future, for the future public good.
There are other more detailed questions I would raise, [I previously worked in functional database design amongst other things] and I will believe these recommendations will have an effect, if and when I see the words become actions. The Review by PwC and Sir Nick Partridge is a positive listening and speaking exercise, but the plans must become reality with actions, some under legislation, in my view.
And perhaps the simplest, unspoken point seems to being deliberately ignored as if just not seen, unmentioned, except by data protection gurus [7]. There is legal obligation to provide information to citizens before their data is released, in a transparent way, to whom and for what purpose. What happened to Fair Processing? [8] Past and present?
Sir Kingsley Manning, Chair of HSCIC, asked in the Guardian on 22nd January [9] that we have ‘intelligent, grown up debate’ about data sharing. Well my hand is certainly off my mouth. I wrote a feature in my local paper and I’m still speaking to anyone I can to promote fact-based informed decision making. But wider Public Debate is still sorely lacking [BBC Question Time anyone?] Through it, I’d like to encourage wider knowledge of the why, who and what of secondary purposes of data sharing and to ensure we can get it done transparently and safely.
Why?
To ensure we, as patients, continue to trust telling our GPs and hospital consultants all the information that we need to, and have no fear it will be held against us by an insurer or others.
We need to trust we will not be penalised whether through disclosure, by stigma and exclusion from policy or care; or whether by opting out, we could be penalised for not participating and not get ‘advantages’ offered to others, just like store loyalty cards.
We may think the insurance debate is irrelevant, if like me, we are not ‘self-payers’ or don’t use a private insurer. With a £30bn gap in planned budget and needed spend over the next five years, someone is still going to be paying for our healthcare.
If it’s not the State, then who? The risk more of us will pay for our own care in future is real. If not for us, for our kids, and their privacy will be a whole different ball game if genomics gets involved.
Meanwhile, we are told for care.data identifiable personal data is crucial for patient safety tracking. In my opinion, patient safety will be harmed if confidence in confidentiality fails. The relationship between clinician and patient will be harmed. And no number of Dr. Foster Intelligence reports by tracking quality or safety, will be able to fix those failures which it has helped create.
Perhaps most tellingly, NHS England is still to make a statement on the Review. There is no news yet here.
It still seems to me the NHS England leadership and its data sharing policy carried out through IC past and present, wants to continue without grown up debate under the PR motto ‘it’s all going jolly well’, and to act with the attitude of a teenager, who with a shrug of the shoulders will tell you:
‘It’s easier to ask for forgiveness than permission.’
***********
January 25th, 2014 – my ICO complaint / guidance request
{abbreviated only to show issues I feel still need addressed}
Dear ICO
I would like to ask for your urgent advice.
I am a mother of X children under 12. […] Our confidential patient data is being extracted via care.data to the HSCIC. Until my recent research to understand what this was all about, I did not know that HSCIC stored all our patient confidential health data from all sorts of health providers: Hospitals, Mental Health, National Child Measurement Programme, [10] Immunisations and Health visitors.
I have not knowingly given my permission for our data to be stored or transmitted to or from HSCIC in any format in the past. If by signing a consent form for treatment I also signed consent for sharing with this central body, it was without my knowledge and therefore without informed consent.
I have significant concerns over its use, now that I understand how widely our patient data may be used and now even shared abroad. [11] […]
There is no public information on :
1. How long our data will be stored for – data retention and data deletion and cross border governance
2. There is no opportunity for health record deletion of anything which was simply a mistake i.e.: recorded on the wrong record, or a misinformed opinion on lifestyle entered by the GP, not fact
3. How will future governancebe assured that it will not be slackened to allow less strict pseudonymisation, and identifiable releases; for example to US firms who establish themselves in the NHS England healthcare market?
I do not believe that the legal rights created through the Health and Social Care Act are sufficient justification to overrule the Common Law of Confidentiality, and the Data Protection Act 1998. [And the data shared before 2012 was not covered by the Act which did not exist and was not retrospective.] Even if the dissent codes are applied, patient data has been or will be extracted to the HSCIC (without my permission) and it will contain identifiable items such as clinician name, practice and CCG locations, and referral dates which may be used as identifiers to connect with HES data stored at HSCIC – since HSCIC also holds data in the Personal Demographics Service [PDS], [12] I believe they may also link the data [13] then to my personal demographic identifiers. Just an undefined or internal governance procedure to suggest that they would not, when it is technically possible, is not sufficient oversight. […]
I do not consent for the use of our [hospital HES or other] data in health research – because it has not been explained to me, what that term means and the implications of this assumed consent.
I cannot know what the other future uses will be for our health information stored today. I do not feel that I can apply any fair processing to their health records due to the lack of publicly available information and scope of the full uses of their data today and in future. […]
[5] Health Select Committee 8th April 2014 http://data.parliament.uk/writtenevidence/committeeevidence.svc/evidencedocument/health-committee/handling-of-nhs-patient-data/oral/8416.html
[6] Simon Denegri’s blog response to the Partridge Review http://simondenegri.com/2014/06/17/partridge-reviews-elegant-demolition-of-past-practice-on-personal-data-offers-opportunity-for-fresh-start-with-the-public/
[7] Information Rights and Wrongs – Jon Baines’ blog http://informationrightsandwrongs.com/2014/06/18/the-partridge-review-reveals-apparently-huge-data-protection-breaches/
[11] Data use in the USA Memorandum between DH, HSCIC and the US Dept of Health and Human Services to include exploring secondary stores http://www.healthit.gov/sites/default/files/hhsnhs_mou_final_jan_21.pdf
[13] Data Linkage Service at HSCIC to manage the requests for data which is stored in different silos and brought together on request http://www.hscic.gov.uk/dles
Image courtesy of an interesting post on the history of the featured monkeys: http://frontiersofzoology.blogspot.co.uk/2013/04/why-are-three-wise-monkeys-usually-apes.html
“If our health records should sail off in the flagship care.data programme, on the sea of commercial Big Data, are we confident that there is consent, fair processing, transparency, accountability, security and good governance? We must know that these basic mainstays are in place, to give it our support.”
“He that filches from me my good name, robs me of that which not enriches him, and makes me poor indeed.” William Shakespeare, Othello
I read this Shakespeare quote last week, not in the original but in the statement Data Brokers: A Call for Transparency and Accountability by US Commissioner of the Federal Trade Commission Julie Brill, May 27 2014. [1] . Since then I have tried to piece together a lay consumer understanding, of how this commercial data market works and how our health records fit in. Experts in data markets and many others will undoubtedly see how naïve it is. But by sharing my ordinary understanding as a mother who is thinking about the impacts of my shopping habits and upcoming care.data decision will have on my children’s future, perhaps I can highlight how trusting we are, and why those governing our data need to ensure the processes around our data are worthy of that trust.
The Commissioner begins:
“Data brokers gather massive amounts of data, from online and offline sources, and combine them into profiles about each of us. Data brokers examine each piece of information they hold about us – where we live, where we work and how much we earn, our race, our daily activities (both off line and online), our interests, our health conditions and our overall financial status – to create a narrative about our past, present and even our future lives. Perhaps we are described as “Financially Challenged” or instead as “Bible Lifestyle.”
Perhaps we are also placed in a category of “Diabetes Interest” or “Smoker in Household.” Data brokers’ clients use these profiles to send us advertisements we might be interested in, an activity that can benefit both the advertiser and the consumer. But these profiles can also be used to determine whether and on what terms companies should do business with us as individual consumers, and could result in our being treated differently based on characteristics such as our race, income, or sexual orientation. If data broker profiles are based on inaccurate information or inappropriate classifications, or used for inappropriate purposes, the profiles have the ability to not only rob us of our good name, but also to lead to lost economic opportunities, higher costs, and other significant harm.”
In other words, organisations, which we may not know store our personal, sensitive or confidential data, use it to classify, segment and label us. In this environment when third parties it seems know more about us than we may know ourselves, it would seem prudent to want to control and understand what data is held by whom and how they use it. Especially, if in her words, “the profiles have the ability to not only rob us of our good name, but also to lead to lost economic opportunities, higher costs, and other significant harm.”
This is why it matters what is being done at break-neck pace to extract and share our health records in England.
I believe we are not yet sufficiently aware of how our data is used by these intermediaries, and if we were, we’d be horrified. We are complicit consumers in how our data is used with minimal understanding. We’re prepared to unwittingly trade a little privacy with the supermarket, to get our discount vouchers through the post. But we don’t look beyond that to understand what price we are paying and how our commercial interests may be harmed, in much more significant ways than £10 discount or a Legoland entry may compensate. Just like our food, the public are complicit [2] in our own downfall, accepting the marketing spin. We don’t understand credit ratings [3] and risk scores, and even if we do, most consumers don’t know data brokers offer companies scores for other purposes unrelated to credit in an onward chain of reselling. Data can be inaccurate, we are unaware of how to manage or correct it, how we are labelled by it, what opportunities it may restrict as highlighted in the report. We should be better informed.
I’ve recently learned how these, “powerful cross-channel consumer classifications help companies understand the demographics, lifestyles, preferences and behaviours of the UK adult population in extraordinary detail.” [4] demonstrated by Experian.
That they understand and track my behaviours probably better than I do, and at such detailed level, I find surprising and invasive. “Within rural areas we are able to pick out the individual households that are likely to be commuting to towns and cities nearby…” I’ll go more into that later.
It has come to the attention of the general public, only in the last 6 months, that our hospital episode statistics (HES) and data from other secondary care sources, have been on sale in this consumer market. As I said in a previous post [5], a year ago, in April 2013, The ‘Health and Social Care Transparency Panel’ discussion on sharing patient data with information intermediaries stated at that time, there was no legitimate or statutory basis to share at least ONS data [6] in that way for commercial purposes:
“The issues of finding a legitimate basis for sharing ONS death data with information intermediaries for commercial purposes had been a long running problem…The panel identified this as a significant barrier to developing a vibrant market of information intermediaries.”
The HSCIC at that time saw a “vibrant market of information intermediaries, for commercial purposes” using our personal records as desirable and indeed, as Sir Kingsley Manning’s comments to the Health Select Committee demonstrate, in their DH handed-down policy remit.
In this way, companies who process data such as Beacon Dodsworth received data in the last year and offered it for commercial exploitation by others “HES data may be used by pharmaceutical companies “to improve [their] social marketing / media awareness campaigns”. Others included OmegaSolver [7] andHarvey Walsh [8].
Some of that data goes back into our health market as business intelligence, both for NHS and private use, for benchmarking, comparisons and making commercial decisions. In our commissioning based marketplace [9], now becoming normalised.
Through the press earlier this year, and the first data release register [10] we have come to understand in part, who is using it and at least in part, how. Aside from bone fide public health planners and health researchers, and the intermediaries using data for commissioning support tools, recipients include these commercial companies and third-party intermediaries exploiting the data as a commodity. Organisations which may buy raw data and sell it on, or process it and sell that data mined information onwards. Organisations after which, Chair Kingsley Manning told the Health Select Committee, [11] we have no idea whom all the end users may be. He indicated the progress that is needed and that HSCIC is already working on improvements, stating the view that “the process HSCIC inherited was no longer robust. ” Q285
“Kingsley Manning: I realise that, and may I come back to that? That is why, specifically with regard to the sets of data that are covered by data-sharing agreements, I took the view that the process that we inherited was no longer robust. We have therefore been in the process of changing the management and the processes, and we have voluntarily adopted a process of being much more transparent about the process and about the data releases we have made.
Q286Barbara Keeley: But what I was trying to get to was the concern. We are just looking for transparency and honesty here. On all the data that was previously released through these commercial reuse licences where there are end users—the question that the Committee wanted to put to you—you are unable to say what are the uses to which the data release under those licences may be put, what controls are in place and what information is provided—you don’t know. With the whole 13 years of the HES database and however many million records have gone out to one of these providers that then provides on to others—in the United States, this has involved putting up the data on Google cloud, and we are not sure of the security of that—you can’t say. You should admit it now. If you can’t tell us where all that data is and what all its uses are, it seems you can’t. You have already admitted that entirely commercial market uses—
Kingsley Manning: The control is through both the overriding regulations established within the Data Protection Act and the data-sharing agreements that we enter into with people, which specifically allow the reuse of data with safeguards with regard to anonymity.
Q287Barbara Keeley: So you have no idea who the end user is. You have no idea if they are using it properly because there is no audit.
Kingsley Manning: And that is in accordance with the law and the regulations as they stand today.
Q288Barbara Keeley: So, just to be clear, audit is not going to be possible for all the uses and all the end users. The data is out there. You have licensed people to use it and other people to buy it, and there is no control over that—it is just out there.
Kingsley Manning: I don’t accept there is no control. There is control established in accordance with law and the regulations as they are today.
Q289Barbara Keeley: But you are not able to say who is using it and for what reason. You are not able to say that. There are end users out there.
Kingsley Manning: No, because we have a large range of organisations that we have been encouraging. Government policy has for a long time been to encourage the use of this data to advance both the health and social care system in this country and the economy. If, for example, we supply pseudonymised data to a drug company to help it to develop a new drug, we do not know the end users beyond that organisation, but that is perceived as being a task and a function that we have. It is done in such a manner that the data is safe and secure, and is not identifiable back to an individual.
You may wish to change the base upon which we act. We absolutely welcome the suggestion that we should submit these to the confidentiality advisory group. We have identified a number of cases where we think its guidance would be very helpful, including in this area. We would absolutely welcome that, but I am afraid we cannot make up the rules that we act by.”
This is what concerns me, if the purposes and permissions granted for care.data are to be defined by the reason why recipients get data for the “promotion of health ” [12] and that their worthiness to receive data is based on, a wooly, undefined notion of whether it will improve care or promote health. It cannot be transparently judged if many users of data are intermediaries with re-use licences, if even the HSCIC doesn’t know who all the end users are, and does not routinely audit them. Nor can anyone know how identifiable therefore the accumulated data sets may be.
If HSCIC does not track each release, each time, each recipient receives data, how do they know every time a new request is granted, how much of the jigsaw puzzle for any given individual, is left to complete?
If you don’t know who they are, how can you govern them and what they do with our data? How on earth can anyone judge how they will be for purposes in the Care Bill 2014 of:
(a)the provision of health care or adult social care, or
(b)the promotion of health.
How can the data controllers judge whether that release, together with all the data these companies already hold, will not do us ‘significant harm’ in the words of Commissioner Brill, of the Federal Trade Commission? Will it not by its nature of labels discriminate against segments of our society, whom the data owners select, based on information beyond our visibility or control? Is society which is segmented and stratified at risk of every increasing inequality? Disability groups for example, may feel at increased risk of stigma or exclusion. David Gillon [13] addresses this in his post here. How can individuals determine if releasing our data to these companies is in our own, or the public interest [14]?
Impossible if we don’t know who they are, and we don’t know what they already hold. A model which is hardly transparent nor conducive to trust.
Dr.Neil Bhatia in Hampshire, a GP who founded the non-commercial website care-data.info, asked HSCIC in an FOI request for the data *about him* which was released to these type of intermediaries. He was told this week, that the data controller, the Health and Information Centre, does not know. We can then only surmise, if our individual data was contained in pseudonymous bulk data transfers in which there remains ‘a latent risk’ of identification. So from the released data register, we should look at what types of companies are using pseudonymous data. We are also told that penalties may be imposed, or even ‘one strike and you’re out’ for misuse of data. Until now at least without robust audit procedures, I believe we’d never know. So how could data be better secured?
There is talk of a ‘fume cupboard’ access, [15] or giving customers data only in query format, instead of giving out raw chunks of the database. But the Care Bill certainly didn’t legislate for any changes in those types or indeed any governance procedures. We can only wait and see if talk becomes reality and how we can trust it becomes a secure policy and stays so, after we entrust our data. There is no delete button after all.
The Secretary of State wrote on April 25th [16], asking to ensure current practices are up to the task, but as polite as it is, a letter is no form of governance. On June 12th, HSJ [17] reported that the HSCIC has ordered a significant number of trusts to “promptly” delete a series of datafields, which it claims could put patients at risk of being identified, because some of the information in “secondary uses service” that they had submitted to the agency had been entered in an incorrect way over ten years. The good news in this, is it would appear progress is being made in audit, and these errors are being addressed.
However, it highlights the issue created when you release raw data beyond your control. It will mean that organisations who should not have received data, did. How now is that data to be removed from information into which it has become? It will now no longer be raw numbers, but be in graphs, comparative studies and have been inexorably merged with other data. Unlike Cinderella’s carriage, it’s not an automatic process that the raw materials, the data, returns to its previous state after it has become enhanced, turned into business intelligence. The raw files may be traced, removed and deleted, but the knowledge it has turned into, will be almost impossible to find and delete. The links between the two may have disappeared into thin air. Harder to find, than the owner of the glass slipper. An impossible audit trail.
An audit process on leaving the trusts and upon arrival at HSCIC and on leaving HSCIC – at least a three place checkpoint – is what I would have been familiar with in the past for payroll & personal data. It seems that audit procedures for our health records, have just not kept up with the speed at which the data has been sent out on the open seas, and there has been no audit.
“Q287Barbara Keeley: So you have no idea who the end user is. You have no idea if they are using it properly because there is no audit.
Kingsley Manning: And that is in accordance with the law and the regulations as they stand today.”
It’s not to say there are no controls. We are told that data sharing agreements prevent data provided being matched with other data held, which prevents making individuals identifiable. However, as I’ll look at in my next post, I don’t think it even has to get the the person level to be sufficiently identifiable as to be discriminatory. The segmenting of society at group level, at household level, with detailed understanding of our behaviours, is sufficient, aside from the identifiable individual level data these companies hold for identity verification and so on. When companies extract and store raw data, we have no idea where and with whom it lands up. I’ve been completely surprised by what I have learned in the last few weeks how these third parties use our data.
The current controls around and governance of our health data remains unchanged by the Care Bill. Through policy, law and directions the HSCIC has
…”licensed people to use it and other people to buy it, and there is no control over that.” [12]
As Sir Manning said,
…”because we have a large range of organisations that we have been encouraging. Government policy has for a long time been to encourage the use of this data”
Controls may be in line with policy and the law, but I believe it simply hasn’t kept up with the functional need for a decent governance framework.
Julie Brill’s Statement made a recommendation:
“A second accountability measure that Congress should consider is to require data brokers to take reasonable steps to ensure that their original sources of information obtained appropriate consent from consumers.”
Accountability in the UK of these data brokers seems quite absent in real terms, unknown to the public at large.
The same core issue identified by Julie Brill in the US, lack of informed consent. If we don’t know you have it, how can we ask to check if it’s correct or who uses it? In an era of borderless electronic data transfers, we should seek to put in place the highest standards as common denominators, and in terms of privacy, there are lessons worth learning from the US actions post Snowden which in the UK, we have not yet begun.
If our health records should sail off in the flagship care.data programme, on the sea of commercial Big Data, are we confident that there is consent, fair processing, transparency, accountability, security and good governance? We must know that these basic mainstays are in place, and will stay so in future, to give it our support. Well governed data is more likely to get our trust, therefore our consent and be of better quality for buyers.
We must also not forget to clarify why it is our records are needed in the broad and undefined care.datascope that we still have not seen pinned down. Is the public good really defined for care.data and does it outweigh the private long established rights of consent and confidentiality? Do we trust these commercial company uses to do “no harm” as the US Commissioner of the Federal Trade Commission examined?
…”the profiles have the ability to not only rob us of our good name, but also to lead to lost economic opportunities, higher costs, and other significant harm.”
When we visit a medic we are vulnerable, ill or in need of help. We entrust our knowledge in confidence, and trust it will be used for our care. A whole hotchpotch of other indirect uses, including commercial exploitation is not what we expect. We need to trust the data we give away to local staff, is processed appropriately all the way up the data chain, when it is stored, when it is released and beyond. For now at least, it appears citizens can only control the one point at which we first give our data up. After that, we have faith that those governing our data ensure the processes around its management are worthy of that trust. The governance processes that go beyond the HSCIC control, will directly influence that trust, and our care.data decision to object, or not.
For citizens to see this still precarious commercial hull, and trust that our innermost confidences should be safe within it, is stretching our trust, just a little too far. The knowledge of our health and lifestyle should not be commercially exploited in this uncontrollable marketplace by data brokers without our knowledge and consent. Health data is on the cusp of including more widespread biomedical data. In my children’s lifetime that may be a whole new era of data management to contend with. For now, all this intensive data mining may be much more than we already imagined and we should carefully consider how society will be affected if it includes every aspect of our health and lifestyle data. It may be yet another aspect of individual surveillance more than society can stand.[18]
The care.data storm may not yet be over.
*****
In part three on commercial uses, I’m going to explore, from my lay perspective, on how some of these intermediaries and data processing companies, use data concretely in practice. As Julie Brill says how these intermediaries, “create a narrative about our past, present and even our future lives.”
[2] Food Marketing film by Catsnake with Actress Kate Miles via Upworthy http://www.upworthy.com/no-one-applauds-this-woman-because-theyre-too-creeped-out-at-themselves-to-put-their-hands-together
[7] 17th March Omega Solver in the Guardian, by Randeep Ramesh http://www.theguardian.com/technology/2014/mar/17/online-tool-identify-public-figures-medical-care
[8] 16th March Harvey Walsh in the Sunday Times by Jon Ungoed-Thomas ‘healthcare intelligence company, has paid for a database’ http://www.thesundaytimes.co.uk/sto/news/uk_news/Health/article1388324.ece
[14] Public vs Private interest – Dr. M Taylor, “Information Governance as a Force for Good? Lessons to be Learnt from Care.data”, (2014) 11:1 SCRIPTed
[17] Health Service Journal, June 12th, Nick Renaud-Komiya, http://www.hsj.co.uk/news/trusts-ordered-to-delete-incorrect-data/5071902.article?blocktitle=News&contentID=8805
[18] John Naughton, Observer 8th June, http://www.theguardian.com/technology/2014/jun/08/big-data-mined-real-winners-nsa-gchq-surveillance