Category Archives: HSCIC

A vanquished ghost returns as details of distress required in NHS opt out

It seems the ugly ghosts of care.data past were alive and well at NHS Digital this Christmas.

Old style thinking, the top-down patriarchal ‘no one who uses a public service should be allowed to opt out of sharing their records. Nor can people rely on their record being anonymised,‘ that you thought was vanquished, has returned with a vengeance.

The Secretary of State for Health, Jeremy Hunt, has reportedly  done a U-turn on opt out of the transfer of our medical records to third parties without consent.

That backtracks on what he said in Parliament on January 25th, 2014 on opt out of anonymous data transfers, despite the right to object in the NHS constitution [1].

So what’s the solution? If the new opt out methods aren’t working, then back to the old ones and making Section 10 requests? But it seems the Information Centre isn’t keen on making that work either.

All the data the HSCIC holds is sensitive and as such, its release risks patients’ significant harm or distress [2] so it shouldn’t be difficult to tell them to cease and desist, when it comes to data about you.

But how is NHS Digital responding to people who make the effort to write directly?

Someone who “got a very unhelpful reply” is being made to jump through hoops.

If anyone asks that their hospital data should not be used in any format and passed to third parties, that’s surely for them to decide.

Let’s take the case study of a woman who spoke to me during the whole care.data debacle who had been let down by the records system after rape. Her NHS records subsequently about her mental health care were inaccurate, and had led to her being denied the benefit of private health insurance at a new job.

Would she have to detail why selling her medical records would cause her distress? What level of detail is fair and who decides? The whole point is, you want to keep info confidential.

Should you have to state what you fear? “I have future distress, what you might do to me?” Once you lose control of data, it’s gone. Based on past planning secrecy and ideas for the future, like mashing up health data with retail loyalty cards as suggested at Strata in November 2013 [from 16:00] [2] no wonder people are sceptical. 

Given the long list of commercial companies,  charities, think tanks and others that passing out our sensitive data puts at risk and given the Information Centre’s past record, HSCIC might be grateful they have only opt out requests to deal with, and not millions of medical ethics court summonses. So far.

HSCIC / NHS Digital has extracted our identifiable records and has given them away, including for commercial product use, and continues give them away, without informing us. We’ve accepted Ministers’ statements and that a solution would be found. Two years on, patience wears thin.

“Without that external trust, we risk losing our public mandate and then cannot offer the vital insights that quality healthcare requires.”

— Sir Nick Partridge on publication of the audit report of 10% of 3,059 releases by the HSCIC between 2005-13

— Andy WIlliams said, “We want people to be certain their choices will be followed.”

Jeremy Hunt said everyone should be able to opt out of having their anonymised data used. David Cameron did too when the plan was  announced in 2012.

In 2014 the public was told there should be no more surprises. This latest response is not only a surprise but enormously disrespectful.

When you’re trying to rebuild trust, assuming that we accept that ‘is’ the aim, you can’t say one thing, and do another.  Perhaps the Department for Health doesn’t like the public answer to what the public wants from opt out, but that doesn’t make the DH view right.

Perhaps NHS Digital doesn’t want to deal with lots of individual opt out requests, that doesn’t make their refusal right.

Kingsley Manning recognised in July 2014, that the Information Centre “had made big mistakes over the last 10 years.” And there was “a once-in-a-generation chance to get it right.”

I didn’t think I’d have to move into the next one before they fix it.

The recent round of 2016 public feedback was the same as care.data 1.0. Respect nuanced opt outs and you will have all the identifiable public interest research data you want. Solutions must be better for other uses, opt out requests must be respected without distressing patients further in the process, and anonymous must mean  anonymous.

Pseudonymised data requests that go through the DARS process so that a Data Sharing Framework Contract and Data Sharing Agreement are in place are considered to be compliant with the ICO code of practice – fine, but they are not anonymous. If DARS is still giving my family’s data to Experian, Harvey Walsh, and co, despite opt out, I’ll be furious.

The [Caldicott 2] Review Panel found “that commissioners do not need dispensation from confidentiality, human rights & data protection law.

Neither do our politicians, their policies or ALBs.


[1] https://www.england.nhs.uk/ourwork/tsd/ig/ig-fair-process/further-info-gps/

“A patient can object to their confidential personal information from being disclosed out of the GP Practice and/or from being shared onwards by the HSCIC for non-direct care purposes (secondary purposes).”

[2] Minimum Mandatory Measures http://www.nationalarchives.gov.uk/documents/information-management/cross-govt-actions.pdf p7

care.data listening events and consultation: The same notes again?

If lots of things get said in a programme of events, and nothing is left around to read about it, did they happen?

The care.data programme 2014-15 listening exercise and action plan has become impossible to find online. That’s OK, you might think, the programme has been scrapped. Not quite.

You can give your views online until September 7th on the new consultation, “New data security standards and opt-out models for health and social care”  and/or attend the new listening events, September 26th in London, October 3rd in Southampton and October 10th in Leeds.

The Ministerial statement on July 6, announced that NHS England had taken the decision to close the care.data programme after the review of data security and consent by Dame Fiona Caldicott, the National Data Guardian for Health and Care.

But the same questions are being asked again around consent and use of your medical data, from primary and secondary care. What a very long questionnaire asks is in effect,  do you want to keep your medical history private? You can answer only Q 15 if you want.

Ambiguity again surrounds what constitutes “de-identified” patient information.

What is clear is that public voice seems to have been deleted or lost from the care.data programme along with the feedback and brand.

People spoke up in 2014, and acted. The opt out that 1 in 45 people chose between January and March 2014 was put into effect by the HSCIC in April 2016. Now it seems, that might be revoked.

We’ve been here before.  There is no way that primary care data can be extracted without consent without it causing further disruption and damage to public trust and public interest research.  The future plans for linkage between all primary care data and secondary data and genomics for secondary uses, is untenable without consent.

Upcoming events cost time and money and will almost certainly go over the same ground that hours and hours were spent on in 2014. However if they do achieve a meaningful response rate, then I hope the results will not be lost and will be combined with those already captured under the ‘care.data listening events’ responses.  Will they have any impact on what consent model there may be in future?

So what we gonna do? I don’t know, whatcha wanna do? Let’s do something.

Let’s have accredited access and security fixed. While there may now be a higher transparency and process around release, there are still problems about who gets data and what they do with it.

Let’s have clear future scope and control. There is still no plan to give the public rights to control or delete data if we change our minds who can have it or for what purposes. And that is very uncertain. After all, they might decide to privatise or outsource the whole thing as was planned for the CSUs. 

Let’s have answers to everything already asked but unknown. The questions in the previous Caldicott review have still to be answered.

We have the possibility to  see health data used wisely, safely, and with public trust. But we seem stuck with the same notes again. And the public seem to be the last to be invited to participate and views once gathered, seem to be disregarded. I hope to be proved wrong.

Might, perhaps, the consultation deliver the nuanced consent model discussed at public listening exercises that many asked for?

Will the care.data listening events feedback summary be found, and will its 2014 conclusions and the enacted opt out be ignored? Will the new listening event view make more difference than in 2014?

Is public engagement, engagement, if nobody hears what was said?

Datasharing, lawmaking and ethics: power, practice and public policy

“Lawmaking is the Wire, not Schoolhouse Rock. It’s about blood and war and power, not evidence and argument and policy.”

"We can't trust the regulators," they say. "We need to be able to investigate the data for ourselves." Technology seems to provide the perfect solution. Just put it all online - people can go through the data while trusting no one.  There's just one problem. If you can't trust the regulators, what makes you think you can trust the data?" 

Extracts from The Boy Who Could Change the World: The Writings of Aaron Swartz. Chapter: ‘When is Technology Useful? ‘ June 2009.

The question keeps getting asked, is the concept of ethics obsolete in Big Data?

I’ve come to some conclusions why ‘Big Data’ use keeps pushing the boundaries of what many people find acceptable, and yet the people doing the research, the regulators and lawmakers often express surprise at negative reactions. Some even express disdain for public opinion, dismissing it as ignorant, not ‘understanding the benefits’, yet to be convinced. I’ve decided why I think what is considered ‘ethical’ in data science does not meet public expectation.

It’s not about people.

Researchers using large datasets, often have a foundation in data science, applied computing, maths, and don’t see data as people. It’s only data. Creating patterns, correlations, and analysis of individual level data are not seen as research involving human subjects.

This is embodied in the nth number of research ethics reviews I have read in the last year in which the question is asked, does the research involve people? The answer given is invariably ‘no’.

And these data analysts using, let’s say health data, are not working in a subject that is founded on any ethical principle, contrasting with the medical world the data come from.

The public feels differently about the information that is about them, and may be known, only to them or select professionals. The values that we as the public attach to our data  and expectations of its handling may reflect the expectation we have of handling of us as people who are connected to it. We see our data as all about us.

The values that are therefore put on data, and on how it can and should be used, can be at odds with one another, the public perception is not reciprocated by the researchers. This may be especially true if researchers are using data which has been de-identified, although it may not be anonymous.

New legislation on the horizon, the Better Use of Data in Government,  intends to fill the [loop]hole between what was legal to share in the past and what some want to exploit today, and emphasises a gap in the uses of data by public interest, academic researchers, and uses by government actors. The first incorporate by-and-large privacy and anonymisation techniques by design, versus the second designed for applied use of identifiable data.

Government departments and public bodies want to identify and track people who are somehow misaligned with the values of the system; either through fraud, debt, Troubled Families, or owing Student Loans. All highly sensitive subjects. But their ethical data science framework will not treat them as individuals, but only as data subjects. Or as groups who share certain characteristics.

The system again intrinsically fails to see these uses of data as being about individuals, but sees them as categories of people – “fraud” “debt” “Troubled families.” It is designed to profile people.

Services that weren’t built for people, but for government processes, result in datasets used in research, that aren’t well designed for research. So we now see attempts to shoehorn historical practices into data use  by modern data science practitioners, with policy that is shortsighted.

We can’t afford for these things to be so off axis, if civil service thinking is exploring “potential game-changers such as virtual reality for citizens in the autism spectrum, biometrics to reduce fraud, and data science and machine-learning to automate decisions.”

In an organisation such as DWP this must be really well designed since “the scale at which we operate is unprecedented: with 800 locations and 85,000  colleagues, we’re larger than most retail operations.”

The power to affect individual lives through poor technology is vast and some impacts seem to be being badly ignored. The ‘‘real time earnings’ database improved accuracy of benefit payments was widely agreed to have been harmful to some individuals through the Universal Credit scheme, with delayed payments meaning families at foodbanks, and contributing to worse.

“We believe execution is the major job of every business leader,” perhaps not the best wording in on DWP data uses.

What accountability will be built-by design?

I’ve been thinking recently about drawing a social ecological model of personal data empowerment or control. Thinking about visualisation of wants, gaps and consent models, to show rather than tell policy makers where these gaps exist in public perception and expectations, policy and practice. If anyone knows of one on data, please shout. I think it might be helpful.

But the data *is* all about people

Regardless whether they are in front of you or numbers on a screen, big or small datasets using data about real lives are data about people. And that triggers a need to treat the data with an ethical approach as you would people involved face-to-face.

Researchers need to stop treating data about people as meaningless data because that’s not how people think about their own data being used. Not only that, but if the whole point of your big data research is to have impact, your data outcomes, will change lives.

Tosh, I know some say. But, I have argued, the reason being is that the applications of the data science/ research/ policy findings / impact of immigration in education review / [insert purposes of the data user’s choosing] are designed to have impact on people. Often the people about whom the research is done without their knowledge or consent. And while most people say that is OK, where it’s public interest research, the possibilities are outstripping what the public has expressed as acceptable, and few seem to care.

Evidence from public engagement and ethics all say, hidden pigeon-holing, profiling, is unacceptable. Data Protection law has special requirements for it, on autonomous decisions. ‘Profiling’ is now clearly defined under article 4 of the GDPR as ” any form of automated processing of personal data consisting of using those data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.”

Using big datasets for research that ‘isn’t interested in individuals’ may still intend to create results profiling groups for applied policing, or discriminate, to make knowledge available by location. The data may have been deidentified, but in application becomes no longer anonymous.

Big Data research that results in profiling groups with the intent for applied health policy impacts for good, may by the very point of research, with the intent of improving a particular ethnic minority access to services, for example.

Then look at the voting process changes in North Carolina and see how that same data, the same research knowledge might be applied to exclude, to restrict rights, and to disempower.

Is it possible to have ethical oversight that can protect good data use and protect people’s rights if they conflict with the policy purposes?

The “clear legal basis”is not enough for public trust

Data use can be legal and can still be unethical, harmful and shortsighted in many ways, for both the impacts on research – in terms of withholding data and falsifying data and avoiding the system to avoid giving in data – and the lives it will touch.

What education has to learn from health is whether it will permit the uses by ‘others’ outside education to jeopardise the collection of school data intended in the best interests of children, not the system. In England it must start to analyse what is needed vs wanted. What is necessary and proportionate and justifies maintaining named data indefinitely, exposed to changing scope.

In health, the most recent Caldicott review suggests scope change by design – that is a red line for many: “For that reason the Review recommends that, in due course, the opt-out should not apply to all flows of information into the HSCIC. This requires careful consideration with the primary care community.”

The community spoke out already, and strongly in Spring and Summer 2014 that there must be an absolute right to confidentiality to protect patients’ trust in the system. Scope that ‘sounds’ like it might sneakily change in future, will be a death knell to public interest research, because repeated trust erosion will be fatal.

Laws change to allow scope change without informing people whose data are being used for different purposes

Regulators must be seen to be trusted, if the data they regulate is to be trustworthy. Laws and regulators that plan scope for the future watering down of public protection, water down public trust from today. Unethical policy and practice, will not be saved by pseudo-data-science ethics.

Will those decisions in private political rooms be worth the public cost to research, to policy, and to the lives it will ultimately affect?

What happens when the ethical black holes in policy, lawmaking and practice collide?

At the last UK HealthCamp towards the end of the day, when we discussed the hard things, the topic inevitably moved swiftly to consent, to building big databases, public perception, and why anyone would think there is potential for abuse, when clearly the intended use is good.

The answer came back from one of the participants, “OK now it’s the time to say. Because, Nazis.” Meaning, let’s learn from history.

Given the state of UK politics, Go Home van policies, restaurant raids, the possibility of Trump getting access to UK sensitive data of all sorts from across the Atlantic, given recent policy effects on the rights of the disabled and others, I wonder if we would hear the gentle laughter in the room in answer to the same question today.

With what is reported as Whitehall’s digital leadership sharp change today, the future of digital in government services and policy and lawmaking does indeed seem to be more “about blood and war and power,” than “evidence and argument and policy“.

The concept of ethics in datasharing using public data in the UK is far from becoming obsolete. It has yet to begin.

We have ethical black holes in big data research, in big data policy, and big data practices in England. The conflicts between public interest research and government uses of population wide datasets, how the public perceive the use of our data and how they are used, gaps and tensions in policy and practice are there.

We are simply waiting for the Big Bang. Whether it will be creative, or destructive we are yet to feel.

*****

image credit: LIGO – graphical visualisation of black holes on the discovery of gravitational waves

References:

Report: Caldicott review – National Data Guardian for Health and Care Review of Data Security, Consent and Opt-Outs 2016

Report: The OneWay Mirror: Public attitudes to commercial access to health data

Royal Statistical Society Survey carried out by Ipsos MORI: The Data Trust Deficit

Thoughts since #UKHC15. UK health datasharing.

The world you will release your technology into, is the world you are familiar with, which is already of the past. Based on old data.

How can you design tools and systems fit for the future? And for all?

For my 100th post and the first of 2016, here is a summary of some of my thoughts prompted by . Several grains of thought related to UK heath data that have been growing for some time.

1000 words on “Hard things: identity, data sharing and consent.” The fun run version.

Do we confuse hard with complex? Hard does not have to mean difficult. Some things seem to be harder than necessary, because of politics. I’ve found this hard to write. Where to start?

The search to capture solutions has been elusive.

The starting line: Identity

Then my first thoughts on identity got taken care of by Vinay Gupta in this post, better than I could. (If you want a long read about identity, you might want to get a hot drink like I did and read and re-read. It says it’ll take an hour. It took me several, in absorption and thinking time. And worth it.)

That leaves data sharing and consent. Both of which I have written many of my other 99 posts about in the last year. So what’s new?

Why are we doing this: why aren’t we there yet?

It still feels very much that many parts of the health service and broader government thinking on ‘digital’ is we need to do something. Why is missing, and therefore achieving and measuring success is hard.

Often we start with a good idea and set about finding a solution how to achieve it. But if the ‘why’ behind the idea is shaky to start with, the solution may falter, as soon as it gets difficult. No one seems to know what #paperless actually means in practice.

So why try and change things? Fixing problems, rather than coming up with good ideas is another way to think of it as they suggested at  #ukhc15, it was a meet-up for people who want to make things better, usually for others, and sometimes that involves improving the systems they worked with directly, or supported others in.

I no longer work in systems’ introductions, or enhancement processes, although I have a lay role in research and admin data, but regular readers know, most of the last two years has been all about the data.  care.data.

More often than not, in #ukhc2015 discussions that focused on “the data” I would try and bring people back to thinking about what the change is trying to solve, what it wants to “make better” and why.

There’s a broad tendency to simply think more data = better. Not true, and I’ll show later a case study why. We must question why.

Why doesn’t everyone volunteer or not want to join in?

Very many people who have spoken with me over the last two years have shared their concrete concerns over the plans to share GP data and they do not get heard. They did not see a need to share their identifiable personal confidential data, or see why truly anonymous data would not be sufficient for health planning, for example.

Homeless men, and women at risk, people from the travelling community, those with disabilities, questions on patients with stigmatising conditions, minorities, children, sexual orientation – not to mention from lawyers or agencies representing them. Or the 11 million of our adult population not online. Few of whom we spoke about. Few of whom we heard from at #ukhc15. Yet put together, these individuals make up not only a significant number of people, but make up a disproportionately high proportion of the highest demands on our health and social care services.

The inverse care law appears magnified in its potential when applied to digital, and should magnify the importance of thinking about access. How will care.data make things better for them, and how will the risks be mitigated? And are those costs being properly assessed if there is no assessment of the current care.data business case and seemingly, since 2012 at least, no serious effort to look at alternatives?

The finish line? We can’t see what it looks like yet.

The #ukhc2015 event was well run, and I liked the spontaneity of people braver than me who were keen to lead sessions and did it well.  As someone who is white, living in a ‘nice’ area, I am privileged. It was a privilege to spend a day with #UKHC15 and packed with people who clearly think about hard things all the time. People who want to make things better.  People who were welcoming to nervous first-timers at an ‘un’conference over a shared lunch.

I hope the voices of those who can’t attend these events, and outside London, are equally accounted for in all government 2016 datasharing plans.

This may be the last chance after years of similar consultations have failed to deliver workable, consensual public data sharing policies.

We have vast streams of population-wide data stored in the UK, about which, the population is largely ignorant. But while the data may be from 25 years ago, whatever is designed today is going to need to think long term, not how do we solve what we know, but how do we design solutions that will work for what we don’t.

Transparency here will be paramount to trust if future decisions are made for us, or those we make for ourselves are ‘influenced’ by machine learning, by algorithms, machine learning and ‘mindspace’ work.

As Thurgood Marshall said,

“Our whole constitutional heritage rebels at the thought of giving government the power to control men’s minds.”

Control over who we are and who the system thinks we are becomes a whole new level of discussion, if we are being told how to make a decision, especially where the decision is toward a direction of public policy based on political choice. If pensions are not being properly funded, to not allocate taxes differently and fund them, is a choice the current government has made, while the DWP seeks to influence our decison, to make us save more in private pensions.

And how about in data discussions make an effort to start talking a little more clearly in the same terms – and stop packaging ‘sharing’ as if it is something voluntary in population-wide compulsory policy.

It’s done to us, not with us, in far too many areas of government we do not see. Perhaps this consultation might change that, but it’s the ‘nth’ number of consulations and I want to be convinvced this one is intentional of real change. It’s only open for a few weeks, and this meet up for discussion appeared to be something only organised in London.

I hope we’ll hear committment to real change in support of people and the uses of our personal data by the state in the new #UkDigiStrategy, not simply more blue skythinking and drinking the ‘datasharing’ kool-aid.  We’ve been talking in the UK for far too long about getting this right.

Let’s see the government serious about making it happen. Not for government, but in the public interest, in a respectful and ethical partnership with people, and not find changes forced upon us.

No other foundation will be fit for a future in which care.data, the phenotype data, is to be the basis for an NHS so totally personalised.

If you want a longer read, read on below for my ten things in detail.

Comment welcome.

########

Hard things: The marathon version, below.
Continue reading Thoughts since #UKHC15. UK health datasharing.

care.data: delayed or not delayed? The train wreck that is always on time

If you cancel a train does it still show up in the delayed trains statistics?

care.data plans are not delayed (just don’t ask Healthwatch)

Somerset CCG’s announcement [1] of the delay in their care.data plans came as no surprise, except perhaps to NHS England who effectively denied it, reportedly saying work continues. [2] Both public statements may be true but it would have been good professional practice to publicly recognise that a top down delay affects others who are working hard on the ground to contribute to the effective rollout of the project. Causing confusion and delay is hard to work with. Change and technology projects run on timelines. Deadlines mean that different teams can each do their part and the whole gets done. Or not.

Healthwatch [3] has cancelled their planned public meetings.  Given that one of the reasons stated in the care.data CCG selection process was support from local patient groups including Healthwatch, this appears poor public relations. It almost wouldn’t matter, but in addition to the practicalities, the organisation and leadership are trying to prove it is trustworthy. [4]


HW_cancels


Somerset’s statement is straightforward and says it is applies to all pathfinders: 

“Following a speech by Jeremy Hunt, the Secretary of State for Health this week (3-9-15), in which he outlined his vision for the future use of technology across NHS, NHS England has asked the four care.data pathfinder pilots areas in England (Leeds, Blackburn and Derwent, West Hampshire and Somerset) to temporarily pause their activities.” [Sept 4, Somerset statement]


somerset


From when I first read of the GPES IAG concerns [5] I have seen the care.data programme hurtle from one crisis to another. But this is now a train wreck. A very quiet train wreck. No one has cried out much.[6] And yet I think the project,  professionals, and the public should be shouting from the top of the carriages that this programme needs help if it is ever to reach its destination.

care.data plans are not late against its business plan (there is none)

Where’s the business case? Why can’t it define deadlines that it can achieve?  In February 2015, I suggested the mentality that allows these unaccountable monster programmes to grow unchecked must die out.

I can’t even buy an Oyster card if I don’t know if there is money in my pocket. How can a programme which has already spent multi millions of pounds keep driving on without a budget? There is no transparency of what financial and non-financial benefits are to be expected to justify the cost. There is no accountable public measure of success checking it stays on track.

While it may be more comfortable for the organisation to deny problems, I do not believe it serves the public interest to hide information. This is supported by the very reason for being of the MPA process and its ‘challenge to Whitehall secrecy‘ [7] who rated the care.data rollout red [8] in last years audit. This requires scrutiny to find solutions.

care.data plans do not need to use lessons learned (do they?)

I hope at least there are lessons learned here in the pathfinder on what not to do before the communications rollout to 60m people.  In the words of Richard Feynman, “For successful technology, reality must take precedence over public relations.”

NHS England is using the public interest test to withhold information: “the particular public interest in preserving confidential communications between NHS England and its sponsoring department [the DH].”  I do not believe this serves the public interest if it is used to hide issues and critical external opinion. The argument made is that there is “stronger public interest in maintaining the exemption where it allows the effective development of policy and operational matters on an ongoing basis.”  The Public Accounts Committee in 2013 called for early transparency and intervention which prevents the ongoing waste of “billions of pounds of taxpayers’ money” in their report into the NPfIT. [9] It showed that a lack of transparency and oversight contributed to public harm, not benefit, in that project, under the watch of the Department of Health. The report said:

“Parliament needs to be kept informed not only of what additional costs are being incurred, but also of exactly what has been delivered so far for the billions of pounds spent on the National Programme. The benefits flowing from the National Programme to date are extremely disappointing. The Department estimates £3.7 billion of benefits to March 2012, just half of the costs incurred. This saga [NPfIT] is one of the worst and most expensive contracting fiascos in the history of the public sector.”

And the Public Accounts Committee made a recommendation in 2013:

“If the Department is to deliver a paperless NHS, it needs to draw on the lessons from the National Programme and develop a clear plan, including estimates of costs and benefits and a realistic timetable.” [PAC 2013][9]

Can we see any lessons drawn on today in care.data? Or any in Jeremy Hunt’s speech or his refusal to comment on costs for the paperless NHS plans reported by HSJ journal at NHSExpo15?

While history repeats itself and “estimates of costs and benefits and a realistic timetable” continue to be absent in the care.data programme, the only reason given by Somerset for delay is to fix the specific issue of opt out:

“The National Data Guardian for health and care, Dame Fiona Caldicott, will… provide advice on the wording for a new model of consents and opt-outs to be used by the care.data programme that is so vital for the future of the NHS. The work will be completed by January [2016]…”

Perhaps delay will buy NHS England some time to get itself on track and not only respect public choice on consent, but also deliver a data usage report to shore up trust, and tell us what benefits the programme will deliver that cannot already be delivered today (through existing means, like the CPRD for research [10]).

Perhaps.

care.data plans will only deliver benefits (if you don’t measure costs)

I’ve been told “the realisation of the benefits, which serve the public interest, is dependent on the care.data programme going ahead.” We should be able to see this programme’s costs AND benefits. It is we collectively after all who are paying for it, and for whom we are told the benefits are to be delivered. DH should release the business plan and all cost/benefit/savings  plans. This is a reasonable thing to ask. What is there to hide?

The risk has been repeatedly documented in 2014-15 board meetings that “the project continues without an approved business case”.

The public and medical profession are directly affected by the lack of money given by the Department of Health as the reason for the reductions in service in health and social care. What are we missing out on to deliver what benefit that we do not already get elsewhere today?

On the pilot work continuing, the statement from NHS England reads: “The public interest is best served by a proper debate about the nature of a person’s right to opt out of data sharing and we will now have clarity on the wording for the next steps in the programme,” 

I’d like to see that ‘proper debate’ at public events. The NIB leadership avoids answering hard questions even if asked in advance, as requested. Questions such as mine go unanswered::

“How does NHS England plan to future proof trust and deliver a process of communications for the planned future changes in scope, users or uses?”

We’re expected to jump on for the benefits, but not ask about the cost.

care.data plans have no future costs (just as long as they’re unknown)

care.data isn’t only an IT infrastructure enhancement and the world’s first population wide database of 60m primary care records. It’s a massive change platform through which the NHS England Commissioning Board will use individual level business intelligence to reshape the health service. A massive change programme  that commodifies patient confidentiality as a kick-starter for economic growth.  This is often packaged together with improvements for patients, requirements for patient safety, often meaning explanations talk about use of records in direct care conflated with secondary uses.

“Without interoperable digital data, high quality effective local services cannot be delivered; nor can we achieve a transformation in patient access to new online services and ‘apps’; nor will the NHS maximise its opportunity to be a world centre in medical science and research.” [NHS England, September 1 2015] 

So who will this transformation benefit? Who and what are all its drivers? Change is expensive. It costs time and effort and needs investment.

Blackburn and Darwen’s Healthwatch appear to have received £10K for care.data engagement as stated in their annual report. Somerset’s less clear. We can only assume that Hampshire, expecting a go live ‘later in 2015’ has also had costs. Were any of their patient facing materials already printed for distribution, their ‘allocated-under-austerity’ budgets spent?

care.data is not a single destination but a long journey with a roadmap of plans for incremental new datasets and expansion of new users.

The programme should already know and be able to communicate the process behind informing the public of future changes to ensure future use will meet public expectations in advance of any change taking place. And we should know who is going to pay for that project lifetime process, and ongoing change management. I keep asking what that process will be and how it will be managed:

June 17 2015, NIB meeting at the King’s Fund Digital Conference on Health & Social Care:

june17

September 2 2015, NIB Meeting at NHS Expo 15:

NIBQ_Sept

It goes unanswered time and time again despite all the plans and roadmaps and plans for change.

These projects are too costly to fail. They are too costly to justify only having transparency applied after the event, when forced to do so.

care.data plans are never late (just as long as there is no artificial deadline)

So back to my original question. If you cancel a train does it still show up in the delayed trains statistics? I suppose if the care.data programme claims there is no artificial deadline, it can never be late. If you stop setting measurable deadlines to deliver against, the programme can never be delayed. If there is no budget set, it can never be over it. The programme will only deliver benefits, if you never measure costs.

The programme can claim it is in the public interest for as long as we are prepared to pay with an open public purse and wait for it to be on track.  Wait until data are ready to be extracted, which the notice said:

…” is thought to remain a long way off.” 

All I can say to that, is I sure hope so. Right now, it’s not fit for purpose. There must be decisions on content and process arrived at first. But we also deserve to know what we are expecting of the long journey ahead.

On time, under budget, and in the public interest?

As long as NHS England is the body both applying and measuring the criteria, it fulfils them all.

*******

[1] Somerset CCG announces delay to care.data plans https://www.somersetlmc.co.uk/caredatapaused

[2] NHS England reply to Somerset announcement reported in Government Computing http://healthcare.governmentcomputing.com/news/ccg-caredata-pilot-work-continues-4668290

[3] Healthwatch bulletin: care.data meetings cancelled http://us7.campaign-archive1.com/?u=16b067dc44422096602892350&id=5dbdfc924c

[4] Building public trust: after the NIB public engagement in Bristol https://jenpersson.com/public-trust-datasharing-nib-caredata-change/

[5] GPES IAG http://www.hscic.gov.uk/media/12911/GPES-IAG-Minutes-12-September-2013/pdf/GPES_IAG_Minutes_12.09.13.pdf

[6] The Register – Right, opt out everybody! hated care.data programme paused again http://www.theregister.co.uk/2015/09/08/hated_caredata_paused_again_opt_out/

[7] Pulse Today care.data MPA rating http://www.pulsetoday.co.uk/your-practice/practice-topics/it/caredata-looks-unachievable-says-whitehall-watchdog/20010381.article#.VfMXYlbtiyM

[8] Major Projects Authority https://engage.cabinetoffice.gov.uk/major-projects-authority/

[9] The PAC 2013 ttp://www.parliament.uk/business/committees/committees-a-z/commons-select/public-accounts-committee/news/npfit-report/

[10] Clinical Practice Research Datalink (CPRD)

***

image source: http://glaconservatives.co.uk/news/london-commuters-owed-56million-in-unclaimed-refunds-by-rail-operators/

 

Public data in private hands – should we know who manages our data?

When Tesco reportedly planned to sell off its data arm Dunnhumby [1] in January this year, it was a big deal.

Clubcard and the data which deliver customer insights – telling the company who we are, what we buy and how and when we shop using ‘billions of lines of code’ – will clearly continue to play a vital role in the supermarket customer relations strategy, whether its further processing and analysis is in-house or outsourced.

Assuming the business is sold,  clubcard shoppers might wonder who will then own their personal data, if not the shoppers themselves? Who is the data controller and processor? Who will inform customers of any change in its management?

“Dunnhumby has functioned as a standalone outfit in the past few years, offering customer information services to other retailers around the world, and could operate in a similar way for Tesco post-acquisition.”

I haven’t seen in the same media that the Dunnhumby speculation turned into a sale. At least not yet.

In contrast to the commercial company managing customer data for those who choose to take part, the company which manages the public’s data for many state owned services, was sold in December.

For an undisclosed value, Northgate Public Services [2] part of NIS was sold in Dec 2014 to Cinven, a European private equity firm.

What value I wondered does the company have of itself, or what value is viewed intrinsic to the data it works with – health screening, the National Joint Registry and more? It formerly managed HES data. What was part of the deal? Are the data part of the package?

Does the public have transparency of who manages our data?

Northgate has, according to their website, worked with public data, national and local government administrative data since 1969, including the development and management of the NNADC, “the mission critical solution providing continuous surveillance of the UK’s road network. The NADC is integrated with other databases, including the Police National Computer, and supports more than 3 million reads a day across the country.”

Northgate manages welfare support payments for many local authorities and the Welsh Assembly Government.

Data are entrusted to these third parties by the commercial or public body, largely without informing the public.

One could argue that a ‘named owner and processor’ is irrelevant to the public, which is probably true when things are done well.

But when things go wrong or are changed, should ‘the supplier’ of the data, or rather the public whose data it is, not be told?

If so, citizens would be informed and know who now accesses or even owns our public data that Northgate had in the past. Different firms will have different levels of experience, security measures and oversight of their practices than others. To understand how this works could be an opportunity for transparency to create trust.

Trust which is badly needed to ensure consensual data sharing continues.

So what will the future hold for these systems now owned by a private equity firm?

The buyer of Northgate Public Services, Cinven, has experience making a profit in healthcare.

We hear few details of plans available in the public domain about the NHS vision for data management and its future in public research.

We generally hear even less about the current management of the public’s data unless it is in a crisis, as front page stories will testify to over the last year. care.data has been in good company generating anger, with HMRC, the electoral register and other stories of legal, but unexpected data use of citizens’ data.

As a result we don’t know what of our public data is held by whom.

The latest news reported by the DM [3] will not be popular either given that 2/3rds of people asked in research into public trust over the governance of data [4] have concerns about public data in the hands of private firms:

Controversial plans to give private companies such as Google responsibility for storing people’s private personal health data could be revived, a minister has suggested.”

Could there ever be privatisation plans afoot for HSCIC?

It’s going to be interesting to see what happens next, whoever is making these decisions on our behalf after May 7th.

Certainly the roadmap, business plan, SIAM goals, and framework agreement [5] have given me cause to consider this before. The framework agreement specifically says change to its core functions or duties would require further primary legislation.”
[HSCIC DH framework agreement]

hscic_DH_framework

 

Changes to the HSCIC core remit, such as privatising the service, would require a change in legislation which would by default inform parliament.

Should there not be the same onus to inform the public whose data they are? Especially with “protection of patients being paramount”.  One could say protections should apply to our consumer data too.

Regardless of whether data are managed in-house or by another third party, by the state or commercial enterprise, if third parties can be outsourced or even sold, should consumers not always know who owns our data and of any changes in that guardianship?

Taking into account the public mistrust of commercial companies’ data management I would like to think so.

Further privatising the workings of our state data without involving the public in the process would certainly be a roadmap to driving public confidence on data sharing into the ground.

So too, when it comes to public trust, we might find when the commercial sale of consumer Clubcard data goes ahead, every little does not help.

****

Refs:

[1] Computing 14.01.2015 – article by Sooraj Shah: http://www.computing.co.uk/ctg/feature/2390197/what-does-tescos-sale-of-dunnhumby-mean-for-its-data-strategy

[2] Northgate sale to Cinven http://www.northgate-is.com/press-release-nps.html / http://www.northgatepublicservices.co.uk/

[3]  On the future of data handling http://www.dailymail.co.uk/news/article-3066758/Could-Google-look-NHS-data-Controversial-plans-revived-minister-says-technology-firms-best-placed-look-information-securely.html

[4] Ipsos MORI research with the Royal Statistical Society into the Trust deficit with lessons for policy makers https://www.ipsos-mori.com/researchpublications/researcharchive/3422/New-research-finds-data-trust-deficit-with-lessons-for-policymakers.aspx

[5] HSCIC DH Framework agreement http://www.hscic.gov.uk/media/13866/Framework-Agreement-between-the-Department-of-Health-and-the-HSCIC/pdf/Framework_Agreement_between_the_Department_of_Health_and_the_Health_and_Social_Care_Information_Cent.pdf

The future of care.data in recent discussions

Questions were raised at two health events this week, on the status of the care.data programme.

The most recent NHS England announcement about the care.data rollout progress, was made in October 2014.

What’s the current status of Public Information?

The IIGOP review in December 2014 [1], set 27 criteria for the programme to address.

The public has not yet seen a response, but according to the GPES minutes one was made at the end of January.

Will it be released in the public domain?

An updated privacy impact assessment “was approved by the care.data programme board and will be published in February 2015.” It has not yet been made public.

Limited and redacted programme board materials were released and the public awaits to see if a business case or more will be released in the public interest.

Risks and issues have been redacted or not released at all, such as the risk register.

There is no business case in place, confirmed page 6 of the October 2014 board minutes – I find that astonishing.

It is hard to know if more material will be made public as recommended in their own transparency agenda.

What is the current state of open questions?

Professionals and public are still interested in the current plan, and discussions this week at the Roy Lilley chat with Dr. Sarah Wollaston MP, again raised some open questions.

1. What happened to penalties for misuse and ‘one strike and out’ ?

Promised  in Parliament by Dr. Dan Poulter,  Parliamentary Under Secretary of State at the Department of Health, a year ago – questions on penalties are still being asked and  without a clear public answer of all that has changed since then and what remains to be done:

care.data penalties are unclear

Poulter on care.data penalties

[Hansard, March 25 2014 ] [2]

Some changes are being worked on [written evidence to HSC]*[7] planned for autumn 2015 – but does it clarify what has happened concretely to date and how it will protect patients in the pathfinder?

“The department is working to table these regulations in Parliament in 2015, to come into force in the autumn.”

Did this happen? Are the penalties proportionate for big multi-nationals, or will other safeguards be introduced, such as making misuse a criminal offence, as suggested?

2. What about promises made on opt out?

One year on the public still has no fair processing of personal data released by existing health providers. It was extracted in the past twenty-five years, the use of which by third parties was not public knowledge. (Data from hospital visits (HES), mental health, maternity data etc).

The opt out of all data sharing from secondary care such as A&E, stored at the HSCIC, was promised by Jeremy Hunt, Secretary of State for Health, a year ago, on February 25th 2014.

It has still not come into effect and been communicated:

Jeremy Hunt on care.data opt out

[Hansard February 25 2014, col 148] [3]

Jeremy Hunt MP

 

In fact the latest news reported in the media was that opt out ‘type 2’ was not working, as expected. [4]

Many in the public have not been informed at all that they can request opt out, as the last public communication attempt failed to reach all households, yet their data continues to be released.

3. What about clarifying the purposes of the Programme?

The public remains unclear about the purpose of the whole programme and data sharing, noted at the Roy Lilley event:

A business case, and a risk benefit analysis would improve this.

Flimsy assurances based on how data may be used in the initial extraction will not be enough to assure the public how their data will be used in future and by whom, not just the next six months or so.

Once released, data is not deleted, so a digital health footprint is not just released for care.data, it is given up for life. How much patients trust the anonymous, pseudonymous, and what is ‘de-identified’ data depends on the individual, but in a world where state-held data matching form multiple sources is becoming the norm, many in the public are skeptical.[5]

The controls over future use and assurances that are ‘rock solid’, will only be trustworthy if what was promised, happens.

To date, that is not the case or has not been communicated.

What actions have been taken recently?

Instead of protecting the body, which in my opinion has over the last two years achieved external scrutiny of care.data and ensuring promises made were kept, the independent assurance committee, the IAG, is to be scrapped.

The data extraction and data release functions are to be separated.

This could give the impression that data is no longer to be extracted only when needed for a specific purpose, but lends weight to the impression that all data is to be “sucked up” and purposes defined later. If care.data is purposed to replace SUS, it would not be a surprise.

It would however contravene fair processing data protection which requires the purposes of use to be generally clear before extraction.  Should use change, it must be fair. [For example, to have had consent for data sharing for direct care, but then use the data for secondary uses by third parties,  is such a significant change, one can question whether that falls under ‘fair’ looking at ICOs examples.]

So, what now, I asked Dr. Poulter after the Guardian healthcare debate on Tuesday evening this week on giving opt out legal weight?
(I would have asked during the main session, but there was not enough time for all questions).

care.data opt out open question

 

He was not able to give any concrete commitment to the opt out for HES data, or care.data, and simply did not give any answer at all.

What will happen next? Will the pathfinders be going live before the election in May? I asked.

Without any precise commitment, he said that everything was now dependent on Dame Fiona’s IIGOP response to the proposals [made by NHS England].

cd_metw2 Dan Poulter MP

 

What has happened to Transparency?

The public has not been given access to see what the NHS England response to the IIGOP/ Caldicott December review was.

The public has no visibility of what the risks are, as seen by the programme board.

The public is still unclear on what the expected benefits are, to measure those risks against.

And without a business case, the public does not know how much it is costing.

Without these, the public cannot see how the care.data board and DH is effectively planning, measuring progress, and spending public money, or how they will be accountable for its outcomes.

The sad thing about this, is that transparency and “intelligent grown up debate” as Sir Manning called for last year, would move this programme positively ahead.

Instead it seems secretive, which is not building trust.  The deficit of that trust is widely recognised and still needs solidly rebuilt.

Little seems to have been done since last year to make it so.

“Hetan Shah, executive director of the Royal Statistical Society said, ‘Our research shows a “data trust deficit”. In this data-rich world, companies and government have to earn citizens’ trust in how they manage and use data – and those that get it wrong will pay the price.” [Royal Statistical Society, 22 July 2014][6]

Shame.

Care.data is after all, meant to be for the public good.

care.data purposes are unclear
It would be in the public interest to get answers to these questions from recent events.

 

refs:

1. IIGOP care.data report December 2014 https://www.gov.uk/government/publications/iigop-report-on-caredata

2. Hansard March 25th 2014: http://www.publications.parliament.uk/pa/cm201314/cmhansrd/cm140325/halltext/140325h0002.htm

3. Hansard February 25th 2014: http://www.publications.parliament.uk/pa/cm201314/cmhansrd/cm140225/debtext/140225-0001.htm

4. NHS England statement on Type 2 opt out http://www.england.nhs.uk/2015/01/23/data-opt-out/

5. Ipsos MORI June 2014 survey: https://www.ipsos-mori.com/researchpublications/researcharchive/3407/Privacy-and-personal-data.aspx

6. Royal Statistical Society on the ‘trust deficit’ http://www.statslife.org.uk/news/1672-new-rss-research-finds-data-trust-deficit-with-lessons-for-policymakers

7. *additional note made, Sun 15th incl. reference HSC Letter from HSCIC

care.data related December news you may have missed in the holiday

January looks like it’s going to be a busy NHS news month and December set out a very information rich programme.

Do you need a catch up from the holidays time? I know I could do with going back to September really, I blinked and missed the last quarter. But lots of news came in at the end of year, in typical holiday time, which is relevant to care.data, health data sharing and its backdrop:

[1] December 18th:  The Independent Information Governance Oversight Panel report raises questions about the preparation for a pilot stage of the care.data programme.

A very thorough and  most significant report. I considered this is more detail here.

[2] December 22nd: The Primary Care Support (PCS) Services procurement. Launched in November 2014 interested suppliers were asked to respond to a Pre-Qualification Questionnaire (PQQ).

“Members of our Stakeholder Group, staff from the PCS Service and experts in the procurement team have been evaluating the responses received from the PQQ. We have now produced a short list of suppliers to invite to the next stage of the procurement. We will be announcing the shortlisted suppliers in January 2015.”

How will this affect primary care records’ management and is that unknown being factored into current decision making?

[3] December 28th The Guardian reported the delayed Rose Report would be out in January and say the NHS is hampered by poor management structure.

[4] December 30th Poulter announces DWP prescription check “The government is planning to give High Street pharmacists access to Department of Work and Pensions IT systems to check whether patients in England are entitled to free prescriptions.”

This raises a raft of questions on data protection with implications for patient confidentiality, expected purposes, informed consent and data linkage.

[5] December: a New HSCIC Code of Confidentiality

A longer read and leaves not everyone content it addresses all the needed questions. Opt outs and technical solutions on anonymisation remain two areas of undefined detail relevant for care.data.

[6] January 2nd: IIGOP annual report How health and social care organisations are implementing recommendations about sharing information.

This is a key publication on data sharing as a whole [not only care.data] – snuck in on one of the quietest days of the year perhaps? Some points of particular mention are those which set expectations for legislation change:

“During a debate in the House of Lords in May 2014, in the face of criticism of the care.data programme, the Government said it was sympathetic to calls for IIGOP to be placed on a statutory footing.”

One can only expect then it is a question of when, not if, the IIGOP role will become enshrined in law. Before the next major data sharing step for care.data, the planned pathfinders perhaps?

The second piece of law needing defined and actioned goes back almost a year to February 2014 and Mr. Hunt’s promise of a statutory opt out, which would seem fundamental to any next step step and pilots.

On opt out IIGOP said:

“It is the view of IIGOP that progress at a nationwide level in achieving appropriate sharing of information for direct care will not be satisfactory until core building blocks are in place, including agreement on terminology, clarity on consent and consistency of arrangements for objection and “opt out.”

That opt out refers to all medical data sharing, not only that for care.data, which comes in for criticism but notes some positive side effects:

“The unintended consequence of care.data was a positive cycle of change.”

Most positively, the report notes the changed attitude to public awareness and expectations around personal data management:

“Over the past year, the subject of information governance has moved from the backwaters of organisational management into the mainstream of public discussion. Debate about when it is right to share people’s care data is no longer restricted to policymakers, technical experts and medical ethicists.”

[7] January 5th: The Health and Social Care Information Centre will launch a secure data lab for viewing sensitive patient data in March, allowing it to support the pathfinder stage of NHS England’s controversial care.data programme.

What about opt out – technical feasibility and the Ministers promises to put it into legislation, still not done yet?

[8] Public health commissioning in the NHS 2015 to 2016 plan

Everything connected to everything in the market matters in the bigger picture. See [2], [4] and consider commercial data uses.

[9] Predictions from professionals for 2015 via EHI Insider: A clear direction for NHS IT was set in 2014; but could be disrupted by the general election due on 7 May, according to experts asked for their predictions for healthcare IT in 2015.

So, this quarter is getting off to an information-rich start with the December releases of reports and news having laid an interesting foundation for the coming quarter. And election purdah at the end of March…

[10] My own care.data wish list – no more surprises please  – what will care.data plans hold for 2015?

 

****

References:

[1] IIGOP care.data report https://www.gov.uk/government/publications/iigop-report-on-caredata

[2] Primary Care support services outsourcing / transformation http://www.england.nhs.uk/commissioning/wp-content/uploads/sites/12/2014/12/Final_Stakeholder_Update_December_2014-.pdf

[3] The Rose Report http://www.theguardian.com/society/2014/dec/28/nhs-management-system-complex-rose-report

[4] www.ehi.co.uk/news/EHI/9813/poulter-announces-dwp-prescription-check

[5] HSCIC code of confidentiality http://systems.hscic.gov.uk/infogov/codes/cop/code.pdf

[6] IIGOP Annual Report: https://www.gov.uk/government/publications/iigop-annual-report-2014

[7] HSCIC secure data lab news: http://www.ehi.co.uk/news/primary-care/9815/hscic-data-lab-to-launch-in-march

[8] Commissioning plans: https://www.gov.uk/government/publications/public-health-commissioning-in-the-nhs-2015-to-2016

[9] 2015 Predictions: http://www.ehi.co.uk/news/primary-care/9800/coming-up-in-2015

[10] My own wish list fior care.data in 2015:  https://jenpersson.com/care-data-2015-list/

Oh, and my New Year’s Resolution, I’m cutting my posts in half. Nothing over 1000 words.

Patient questions on care.data – an open letter

Dear NHS England Patients & Information Directorate,

We’ve been very patient patients in the care.data pause. Please can we have some answers now?

I would like to call for greater transparency and openness about the promises made to the public, project processes & policies and your care.data communication plans.

In 2013, in the Health Service Journal Mr. Kelsey wrote:

“When patients are ignored, they are most at risk; that was the central conclusion of the report by Robert Francis into Stafford hospital.

Don Berwick, in his safety review, said the NHS should be “engaging, empowering and hearing patients and their carers all the time.

“That has been my mission since I started as National Director for Patients and Information: to support health and care services transform transparency and participation.

HSJ, 10th December 2013

It is time to walk-the-talk for care.data under this banner of transparency, participation and open government.

Response to the Listening exercises

The care.data listening phase, introduced by the pause announced on February 18th, has captured a mass of questions, the majority of which still remain unaddressed.

At one of these sessions, [the 1-hr session on June 17th Open House, linking ca. 100 people at each of the locations in Basingstoke, Leicester, London, and York] participants were promised that our feedback would be shared with us later in the summer, and posted online. After the NHS AGM on Sept 18th I was told it would happen ‘soon’. It is still not in the public domain.

At every meeting all the unanswered questions, on post-it notes, in table-group minutes or scribbled flipcharts, were gathered ‘to be answered at a later date’. When will that be?

To date, there has been no published information which addresses the unanswered event questions.

Transparency of Process, Policies and Approach

The care.data Programme Board has held meetings to plan the rollout process, policies and approach. The minutes and materials from which have not been published. I find this astonishing when one considers that the minutes of the care.data advisory group, NIB (new), CAG, GPES advisory or even NHS England Board itself are in the public domain. I believe the care.data Programme Board meeting materials should be too.

It was acknowledged through the Partridge Review of past use of our hospital records that this HES data is not anonymous. The extent of its sale to commercial third-parties and use by police and the Home Office was revealed. This is our medical data we gave to hospitals and in our wider medical use for our care. Why are we the last to hear it’s being accessed by all sorts of people who are not at all involved in our clinical care?

Even for commissioning purposes it is unclear how these datasharing reasons are justified when the Caldicott Review said extracting identifiable data for risk stratification or commissioning could not be assumed under some sort of ‘consent deal’?

“The Review Panel found that commissioners do not need dispensation from confidentiality, human rights and data protection law…” [The Information Governance review, ch7]

The 251 approval just got extended *again* – until 30th April 2015. If you can’t legally extract data without repeat approvals from on high, then maybe it’s time to question why?

The DoH, NHS England Patients and Information Directorate, HSCIC, and indeed many data recipients, all appear to have normalised an approach that for many is still a shock. The state centralised and passed on our medical records to others without our knowledge or permission. For years. With financial exchange. 

Amazingly, it continues to be released in this way today, still without our consent or fair processing or publicised way to opt out.

“To earn the public’s trust in future we must be able to show that our controls are meticulous, fool-proof and solid as a rock.”  said Sir Nick Partridge in his summary review.

Now you ask us to trust in care.data that the GP data, a degree more personal, will be used properly.

Yet you ask us to do this without significant changes in legislation to safeguard tightly defined purposes who can access it and why, how we control what future changes may be made without our knowledge and without a legally guaranteed opt out.

There is no information about what social care dataset is to be included in future, so how can we know what care.data scope even is yet?

Transparency cannot be a convenient watch word which applies with caveats. Quid pro quo, you want our data under an assumed consent process, then guarantee a genuinely informed public.

You can’t tell patients one approach now, then plan to change what will be said after the pilot is complete, knowingly planning a wider scope to include musculoskeletal or social care data and more.  Or knowing you plan to broaden users of data [like research and health intelligence currently under discussion at IAG ] but only communicate a smaller version in the pilot. That is like cheating on a diet. You can’t say and do one thing in public, then have your cake and eat it later when no one is looking. It still counts.

In these processes, policies and approach, I don’t feel my trust can be won back with lack of openness and transparency. I don’t yet see a system which is, ‘meticulous, fool-proof or solid as a rock’.

‘Pathfinder’ pilots

Most recently you have announced that four areas of CCGs will pilot the ‘pathfinder’ stage in the rollout of phase one. But where and when remains a  mystery. Pathfinder communications methods may vary from place to place and trial what works and what fails. One commendable method will be a written letter.

However even given that individual notice intent, we cannot ignore that many remaining questions will be hard to address in a leaflet or letter. They certainly won’t fit into an SMS text.

Why pilot communications at all which will leave the same open questions unanswered you already know, but have not answered?

For example, let’s get a few of the missing processes clarified up front:

  • How will you communicate with Gillick competent children, whose records may contain information about which their parents are not aware?
  • How will you manage this for elderly or vulnerable patients in care homes and with diminished awareness or responsibility?
  • What of  the vulnerable at risk of domestic abuse and coercion?
  • When things change in scope or use, how will we be given the choice to change our opt out decision?

I ask you not to ignore the processes which remain open. They need addressed BEFORE the pilot, unless you want people to opt out on the basis of their uncertainty and confusion.

What you do now, will set the model expectations for future communications. Patient online. Personalised medicine. If NHS health and social care is to become all about the individual, will you address all individuals equally or is reaching some less important than others?

It seems there is time and effort in talking to other professionals about big data, but not to us, whose data it is. Dear Patients & Information Directorate, you need to be talking to us, before to others about how to use us.

In March, this twelve point plan made some sensible suggestions.

Many of them remain unaddressed. You could start there. But in addition it must be clear before getting into communications tools, what is it that the pathfinders are actually piloting?

You can’t pilot communications without clearly defined contents to talk about.

Questions of substance need answers, the ten below to start with.

What determines that patients understand the programme and are genuinely informed, and how will it be measured?

Is it assumed that pilots will proceed to extraction? Or will the fair processing efforts be evaluated first and the effort vs cost be taken into account whether it is worth proceeding at all?

Given the cost involved, and legal data protection requirements, surely the latter? But the pathfinder action plan conflates the two.

Citizen engagement

Let’s see this as an opportunity to get care.data right, for us, the patients. After all, you and the rest of the NHS England Board were keen to tell us at the NHS AGM on September 18th, how valuable citizen engagement is, and to affirm that the NHS belongs to us all.

How valued is our engagement in reality, if it is ignored? How will involvement continue to be promoted in NHS Citizen and other platforms, if it is seen to be ineffective? How might this negatively affect future programmes and our willingness to get involved in clinical research if we don’t trust this basic programme today?

This is too important to get wrong. It confuses people and causes concern. It put trust and confidence in jeopardy. Not just for now, but for other future projects. care.data risks polluting across data borders, even to beyond health:

“The care.data story is a warning for us all. It is far better if the industry can be early on writing standards and protocols to protect privacy now rather than later on down the track,” he said. [David Willets, on 5G]

So please, don’t keep the feedback and this information to internal departments.

We are told it is vital to the future of our NHS. It’s our personal information.  And both belong to us.

During one Health Select Committee hearing, Mr. Kelsey claimed: “If 90 per cent opt out [of care.data], we won’t have an NHS.”

The BMA ARM voted in June for an opt in model.

ICO has ruled that an opt in model by default at practice level with due procedures for patient notification will satisfy both legal requirements and protect GPs in their role as custodians of confidentiality and data controllers. Patient Concern has called for GPs to follow that local choice opt in model.

I want to understand why he feels what the risk is, to the NHS and examine its evidence base. It’s our NHS and if it is going to fail without care.data and the Board let it come to this, then we must ask why. And we can together do something to fix it. There was a list of pre-conditions he stated at those meetings would be needed before any launch, which the public is yet to see met. Answering this question should be part of that.

It can’t afford to fail, but how do we measure at what cost?

I was one of many, including much more importantly the GPES Advisory Group, who flagged the shortcomings of the patient leaflet in October 2013, which failed to be a worthwhile communications process in January. I flagged it with comms teams, my MP, the DoH.

[Sept 2013 GPES Advisory] “The Group also had major concerns about the process for making most patients aware of the contents of the leaflets before data extraction for care.data commenced”.

No one listened. No action was taken. It went ahead as planned. It cost public money, and more importantly, public trust.

In the words of Lord Darzi,

“With more adroit handling, this is a row that might have been avoided.”

Now there is still a chance to listen and to act. This programme can’t afford to pilot another mistake. I’m sure you know this, but it would appear that with the CCG announcement, the intent is to proceed to pilot soon.  Ready or not.

If the programme is so vital to the NHS future, then let’s stop and get it right. If it’s not going to get the participation levels needed, then is it worth the cost? What are the risks and benefits of pressing ahead or at what point do we call a halt? Would it be wise to focus first on improving the quality and correct procedures around the data you already have – before increasing the volume of data you think you need? Where is the added intelligence, in adding just more information?

Is there any due diligence, a cost benefit analysis for care.data?

Suggestions

Scrap the ‘soon’ timetable. But tell us how long you need.

The complete raw feedback from all these care.data events should be made public, to ensure all the questions and concerns are debated and answers found BEFORE any pilot.

The care.data programme board minutes papers and all the planning and due diligence should be published and open to scrutiny, as any other project spending public funds should be.

A public plan of how the pathfinders fit into the big picture and timeline of future changes and content would remove the lingering uncertainty of the public and GPs: what is going on and when will I be affected?

The NHS 5 year forward view was quite clear; our purse strings have been pulled tight. The NHS belongs to all of us. And so we should say, care.data  can’t proceed at any and at all costs. It needs to be ‘meticulous, fool-proof and solid as a rock’.

We’ve been patient patients. We should now expect the respect and response, that deserves.

Thank you for your consideration.

Yours sincerely.

 

Addendum: Sample of ten significant questions still outstanding

1. Scope: What is care.data? Scope content is shifting. and requests for scope purposes are changing already, from commissioning only to now include research and health intelligence. How will we patients know what we sign up to today, stays the purposes to which data may be used tomorrow?

2. Scope changes fair processing: We cannot sign up to one thing today, and find it has become something else entirely tomorrow without our knowledge. How will we be notified of any changes in what is to be extracted or change in how what has been extracted is to be used in future – a change notification plan?

3. Purposes clarity: Who will use which parts of our medical data for what? a: Clinical care vs secondary uses:

Given the widespread confusion – demonstrated on radio and in press after the pathfinders’ announcement – between care.data  which is for ‘secondary use’ only, i.e. purposes other than the direct care of the patient – and the Summary Care Record (SCR) for direct care in medical settings, how will uses be made very clear to patients and how it will affect our existing consent settings?

3. Purposes definition: Who will use which parts of our medical data for what?  b) Commercial use  It is claimed the Care Act will rule out “solely commercial”purposes, but how when what remains is a broad definition open to interpretation? Will “the promotion of health” still permit uses such as marketing? Will HSCIC give its own interpretation, it is after all, the fact it operates within the law which prescribes what it should promote and permit.

3. Purposes exclusion: Who will use which parts of our medical data for what?  c) Commercial re-use by third parties: When will the new contracts and agreements be in place? Drafts on the HSCIC website still appear to permit commercial re-use and make no mention of changes or revoking licenses for intermediaries.

4a. Opt out: It is said that patients who opt out will have this choice respected by the Health and Social Care Information Centre (i.e. no data will be extracted from their GP record) according to the Secretary of State for Health  [col 147] – but when will the opt out – currently no more than a spoken promise – be put on a statutory basis? There seem to be no plans whatsoever for this.

Further wider consents: how patients will know what they have opted into or out from is currently almost impossible. We have the Summary Care Record, Proactive care in some local areas, different clinical GP systems, the Electronic Prescription Service and soon to be Patient Online, all using different opt in methods of asking and maintaining data and consent, means patients are unsurprisingly confused.

4b. Opt out: At what point do you determine that levels of participation are worth the investment and of value? If parts of the population are not represented, how will it be taken into account and remain valuable to have some data? What will be statistically significant?

5. Legislation around security: The Care Act 2014 is supposed to bring in new legislation for our data protection. But there are no changes to date as far as I can see – what happened to the much discussed in Parliament, one strike and out. Is any change still planned? If so, how has this been finalised and with what wording, will it be open to Parliamentary scrutiny?  The Government claim to have added legal protection is meaningless until the new Care Act Regulations are put in front of Parliament and agreed.

6. What of the Governance changes discussed?

There was some additional governance and oversight promised, but to date no public communication of changes to the data management groups through the HRA CAG or DAAG and no sight of the patient involvement promised.

The Data Guardian role remains without the legal weight that the importance of its position should command. It has been said this will be granted ‘at the earliest opportunity.’ Many seem to have come and gone.

7. Data security: The planned secure data facility (‘safe setting’) at HSCIC to hold linked GP and hospital data is not yet built for expanded volume of data and users expected according to Ciaran Devane at the 6th September event. When will it be ready for the scale of care.data?

Systems and processes on this scale need security designed, that scales up to match in size with the data and its use.

Will you proceed with a pilot which uses a different facility and procedures from the future plan? Or worse still, with extracting data into a setting you know is less secure than it should be?

8. Future content sharing: Where will NHS patients’ individual-level data go in the longer term? The current documentation says ‘in wave 1’ or phase one, which would indicate a future change is left open, and indicated identifiable ‘red’ data is to be shared in future?  “care.data will provide the longer term visions as well as […] the replacement for SUS.

9.  Current communications:

    • How will GPs and patients in ‘pathfinder’ practices be contacted?
    • Will every patient be written to directly with a consent form?
    • What will patients who opted out earlier this year be told if things have changed since then?
    • How will NHS England contact those who have retired or moved abroad recently or temporarily, still with active GP records?
    • How will foreign pupils’ parents be informed abroad and rights respected?
    • How does opt out work for sealed envelopes?
    • All the minorities with language needs or accessibility needs – how will you cater for foreign language, dialect or disability?
    • The homeless, the nomadic,  children-in-care
    • How can we separate these uses clearly from clinical care in the public’s mind to achieve a genuinely informed opinion?
    • How will genuine mistakes in records be deleted – wrong data on wrong record, especially if we only get Patient Online access second and then spot mistakes?
    • How long will data be retained for so that it is relevant and not excessive – Data Protection principle 3?
    • How will the communications cater for both GP records and HES plus other data collection and sharing?
    • If the plan is to have opt out effective for all secondary uses, communications must cater for new babies to give parents an informed choice from Day One. How and when will this begin?

No wonder you wanted first no opt out, then an assumed consent via opt out junk mail leaflet. This is hard stuff to do well. Harder still, how will you measure effectiveness of what you may have missed?

10. Pathfinder fixes: Since NHS England doesn’t know what will be effective communications tools, what principles will be followed to correct any failures in communications for any particular trial run and how will that be measured?

How will patients be asked if they heard about it and how will any survey, or follow up ensure the right segmentation does not miss measuring the hard to reach groups – precisely those who may have been missed?  i.e. If you only inform 10% of the population, then ask that same 10% if they heard of care.data, you would expect a close to 100% yes. That’s not reflective that the whole population was well informed about the programme.

If it is shown to have been ineffective, at what point do you say Fair Processing failed and you cannot legally proceed to extraction?

> This list doesn’t yet touch on the hundreds of questions generated from public events, on post-its and minutes. But it would be a start.

*******

References for remaining questions:

17th June Open House: Q&A

17th June Open House: Unanswered public Questions

Twelve point plan [March 2014] positive suggestions by Jeremy Taylor, National Voices

6th September care.data meeting in London

image quote: Winnie The Pooh, A.A. Milne

The care.data engagement – is it going to jilt citizens after all? A six month summary in twenty-five posts.

[Note update Sept 19th: after the NHS England AGM in the evening of Sept 18th – after this care.data engagement post published 18hrs earlier – I managed to ask Mr.Kelsey, National Director for Patients and Information, in person what was happening with all the engagement feedback and asked why it had not been made publicly available.

He said that the events’ feedback will be published before the pathfinder rollout begins, so that all questions and concerns can be responded to and that they will be taken into account before the pathfinders launch.

When might that be, I asked? ‘Soon’.

Good news? I look forward to seeing that happen. My open questions on commercial uses and more, and those of many others I have heard, have been captured in previous posts, in particular the most recent at the end of this post. – end of update.]

Medical data has huge power to do good, but it presents risks too. When leaked, it cannot be unleaked. When lost, public trust cannot be easily regained. That’s what broken-hearted Ben Goldacre wrote about care.data on February 28th of this year, ten days after the the pause was announced on February 18th [The Guardian] .

Fears and opinions, facts and analysis, with lots and lots of open questions. That’s what I’ve written up in the following posts related to care.data since then, including my own point-of-view and feedback from other citizens, events and discussions. All my care.data posts are listed here below, in one post, to give an overview of the whole story, and any progress in the six months ‘listening’ and ‘engagement’.

So what of that engagement? If there really have been all these events and listening, why has there been not one jot of public feedback published? This is from September 2014, I find it terrifyingly empty of anything but discussing change in communications of the status quo programme.

I was at that workshop, hosted by Mencap on communicating

with vulnerable and excluded groups the article mentions. It was carefully managed, with little open room discussion to share opinions cross groups (as the Senior Policy Adviser at Signature pointed out.) Whilst we got the NHS England compilation of the group feedback afterwards, it was not published. Maybe I should do that and ask how each concern will be addressed? I didn’t want to stand on the NHS England national comms. toes, assuming it would be, but you know, what? If the raw feedback says from all these meetings, these are our concerns and we want these changes, and none are forthcoming, then the public should justifiably question the whole engagement process.

It’s public money, and the public’s data. How both are used and why, is not to be hidden away in some civil service spreadsheet. Publish the business case. Publish the concerns. Publish how they are to be addressed.

From that meeting and the others I have been to, many intelligent questions from the public remain unanswered. The most recent care.data advisory workshop summarised many from the last year, and brought out some minority voices as well.

 

On the day of NHS Citizen, the new flagship of public involvement, people like me who attended the NHS England Open Day on June 17th, or care.data listening events, may be understandably frustrated that there is no publicly available feedback or plan of any next steps.
care.data didn’t make it into the NHS Citizen agenda for discussion for the 18th. [Many equally other worthy subjects did, check them out here if not attending or watch it online.] So from where will we get any answers? Almost all the comment, question and feedback I have heard at events has been constructively critical, and worthy of response. None is forthcoming.

 

Instead, the article above, this reported speech by Mr.Kelsey and its arguments, make me think engagement is going nowhere. No concerns are addressed. PR is repeated. More facts and figures which are a conflation of data use for clinical treatment and all sorts of other uses, are presented as an argument for gathering more data.

Citizens do not need told of the benefits. We need concrete steps taken in policy, process and practice, to demonstrate why we can now trust the new  system.

Only then is it worthwhile to come back to communications.

How valued is patient engagement in reality, if it is ignored?

How will involvement continue to be promoted in NHS Citizen and other platforms, if it is seen to be ineffective?

How might this affect future programmes and our willingness to get involved in clinical research?

I sincerely hope to see the raw feedback published very soon, which NHS England has gathered in their listening events. How that will be incorporated into any programme changes, as well as  communications, will go a long way to assuring the quantity in numbers and quality of cross-population participation.

The current care.data status is in limbo, as we await to see if and when any ‘pathfinder’ CCGs will be announced that will guinea pig the patient records from the GP practices in a trial rollout, in whatever form that may take. The latest official statements from Mr.Kelsey have been on 100-500 practices, but without any indicator of where or when. He suggests ‘shortly’.

What next for care.data? I’ll keep asking the questions and hope we hear some answers from the NHS England Patients and Information Directorate. Otherwise, what was the [&88!@xY!] point of a six month pause and all these efforts and listening?

Publish the business case. Publish the concerns. Publish how they are to be addressed.

What is there to hide?

After this six-month engagement, will there be a happy ending? I feel patients are about to be left jilted at the eleventh hour.
******

You’ll find my more recent posts [last] have more depth and linked document articles if you are looking for more detailed information.

******

March 31st: A mother’s journey – intro

March 31st: Transparency

April 3rd: Communication & Choice

April 4th: Fears & Facts

April 7th: What is care.data? Defined Scope is vital for Trust

April 10th: Raw Highlights from the Health Select Committee

April 12th: care.data Transparency & Truth, Remit & Responsibility

April 15th: No Security Blanket : why consent packages fail our kids

April 18th: care.data : Getting the Ducks in a Row

April 23rd: an Ode to care.data (on Shakespeare’s anniversary)

May 3rd: care.data, riding the curve: Change Management

May 15th: care.data the 4th circle: Empowerment

May 24th: Flagship care.data – commercial uses in theory [1]

June 6th: Reality must take Precedence over Public Relations

June 14th: Flagship care.data – commercial use with brokers [2]

June 20th: The Impact of the Partridge Review on care.data

June 24th: On Trying Again – Project Lessons Learned

July 1st: Communications & Core Concepts [1] Ten Things Learned at the Open House on care.data and part two: Communications and Core Concepts [2] – Open House 17th June Others’ Questions

July 12th: Flagship care.data – commercial use in Practice [3]

July 25th: care.data should be like playing Chopin – review after the HSCIC Data Sharing review ‘Driving Positive Change’ meeting

July 25th: Care.data should be like playing Chopin – but will it be all the right notes, in the wrong order? Looking forwards.

August 9th: care.data and genomics : launching lifeboats [Part One] the press, public reaction and genomics & care.data interaction

August 9th: care.data and genomics : launching lifeboats [Part Two] Where is the Engagement?

September 3rd: care.data – a Six Month Pause, Anniversary round up [Part one] Open questions: What and Who?

September 3rd: care.data – a Six Month Pause, Anniversary round up [Part two] Open questions: How, Why, When?

September 16th: care.data cutouts – Listening to Minority Voices Includes questions from those groups.

September 16th: care.data – “Anticipating Things to Come” means Confidence by Design

October 30th: patient questions on care.data – an open letter

November 19th: questions remain unanswered: what do patients do now?

December 9th: Rebuilding trust in care.data

December 24th: A care.data wish list for 2015

2015 (updated after this post was published, throughout the year)

January 5th 2015: care.data news you may have missed

January 21st 2015: care.data communications – all change or the end of the line?

February 25th 2015: care.data – one of our Business Cases is Missing.

March 14th 2015: The future of care.data in recent discussions

March 26th 2015: Wearables: patients will ‘essentially manage their data as they wish’. What will this mean for diagnostics, treatment and research and why should we care? [#NHSWDP 3]

May 10th 2015: The Economic Value of Data vs the Public Good? [1] care.data, Concerns and the cost of Consent

The Economic Value of Data vs the Public Good? [2] Pay-for-privacy, defining purposes

The Economic Value of Data vs the Public Good? [3] The value of public voice.

May 14th 2015: Public data in private hands – should we know who manages our data?

June 20th 2015: Reputational risk. Is NHS England playing a game of public confidence?

June 25th 2015: Digital revolution by design: building for change and people (1)

July 13th 2015: The nhs.uk digital platform: a personalised gateway to a new NHS?

July 27th 2015: care.data : the economic value of data versus the public interest? (First published in StatsLife)

August 4th 2015: Building Public Trust in care.data sharing [1]: Seven step summary to a new approach

August 5th, 2015: Building Public Trust [2]: a detailed approach to understanding Public Trust in data sharing

August 6th 2015: Building Public Trust in care.data datasharing [3]: three steps to begin to build trust

August 12th 2015: Building Public Trust [4]: “Communicate the Benefits” won’t work for care.data

August 17th 2015: Building Public Trust [5]: Future solutions for health data sharing in care.data

September 12th 2015: care.data: delayed or not delayed? The train wreck that is always on time

****

Questions, ideas, info & other opinions continue to be all welcome. I’ll do my best to provide answers, or point to source sites.

For your reference and to their credit, I’ve found the following three websites useful and kept up to date with news and information:

Dr. Bhatia, GP in Hampshire’s care.data info site

HSCIC’s care.data site

medConfidential – campaign for confidentiality and consent in health and social care – seeking to ensure that every flow of data into, across and out of the NHS and care system is consensual, safe and transparent