Category Archives: leadership

#caredata, care.data, confidentiality, genomics, HES, HSCIC, leadership, NHSEngland, politics, privacy, Tech, transparency, trust

care.data should be like playing Chopin – or will it be all the right notes, but in the wrong order? [Part two]

How our data sharing performance will be judged, matters not just today, or in this electoral term but for posterity. The current work-in-progress is not a dress rehearsal for a care.data quick talent show, but the preparations for lifetime performance and at world standard.

How have we arrived where we are now, at a Grand Pause in the care.data performance? I looked at the past, reviewed through the Partridge Review meeting in [part one here] the first half of this post from attending the HSCIC ‘Driving Positive Change’ meeting on July 21st. (official minutes are online via HSCIC >>  here.)

Looking forward, how do we want our data sharing to be? I believe we must not lose sight of classical values in the rush to be centre stage in the Brave New World of medical technology. [updated link  August 3rd]* Our medical datasharing must be above and beyond the best model standards to be acceptable technically, legally and ethically, worldwide. Exercised with discipline, training and precision, care.data should be of the musical equivalent of Chopin.

Not only does HSCIC have a pivotal role to play in the symphony that the Government wishes research to play in the ‘health & wealth’ future of our economy, but they are currently alone on the world stage. Nowhere in the world has a comparable health data set over such length of time, as we do, and none has ever brought in all it’s primary care records into a central repository to merge and link, as is planned with care.data. Sir Kingsley Manning said in the current July/August Pharma Times article, data sharing now has to manage its reputation, just like Big Pharma.

reputation
Pharma Times – July/Aug 2014 http://www.pharmatimes.com/DigitalOnlineArea/digitaleditionlogin.aspx

Countries around the world, will be watching HSCIC, the companies and organisations involved in the management and in the use of our data.  They will be assessing the involvement and reaction of England’s population, to HSCIC’s performance. This performance will help shape what is acceptable, works well and failings will be learned from, by other countries, who will want to do the same in future.

Can we rise to the Challenge to be a world leader in Data Sharing?

If the UK Government wants England to be the world leader in research, we need, not only to be exemplary in how we govern the holding, management and release of data, but also exemplary in our ethics model and expectations of each other in the data sharing process.

How can we expect China [1] with whom the British Government recently agreed £14 billion in trade deals, [2] India, the country to which our GP support services are potentially poised to be outsourced through Steria [3] or any other organi Continue reading care.data should be like playing Chopin – or will it be all the right notes, but in the wrong order? [Part two]

#caredata, communications, leadership, Tech, transparency

Appendix F. For successful technology, reality must take precedence over public relations.

Richard Feynman
Richard Feynman via brainpickings.org bit.ly/1q1qWLt

June 6th 1986. Six months after the disaster, the Report to the Presidential Commission was released about The Space Shuttle Challenger.

Just over twenty eight years ago, I, like fellow children and citizens around the world, had watched the recorded images from January 28th 1986. We were horrified to see one of the greatest technological wonders of the world break up shortly after launch and crash into the sea minutes later. The lives of Challenger’s seven crew were lost, amongst them the first ‘ordinary citizen’ and member of the teacher in space project, mother of two, Christa McAuliffe.

As part of the follow up audit and report, Richard Feynman’s personal statement was included as Appendix F. Personal observations on reliability of the Shuttle. You can read his full statement. Below are just his conclusions and valuable lessons learned.

“If a reasonable launch schedule is to be maintained, engineering often cannot be done fast enough to keep up with the expectations of originally conservative certification criteria designed to guarantee a very safe vehicle. In these situations, subtly, and often with apparently logical arguments, the criteria are altered so that flights may still be certified in time.

They therefore fly in a relatively unsafe condition, with a chance of failure of the order of a percent (it is difficult to be more accurate).

Official management, on the other hand, claims to believe the probability of failure is a thousand times less. One reason for this may be an attempt to assure the government of NASA perfection and success in order to ensure the supply of funds. The other may be that they sincerely believed it to be true, demonstrating an almost incredible lack of communication between themselves and their working engineers.

In any event this has had very unfortunate consequences, the most serious of which is to encourage ordinary citizens to fly in such a dangerous machine, as if it had attained the safety of an ordinary airliner.

The astronauts, like test pilots, should know their risks, and we honor them for their courage. Who can doubt that McAuliffe was equally a person of great courage, who was closer to an awareness of the true risk than NASA management would have us believe?

Let us make recommendations to ensure that NASA officials deal in a world of reality in understanding technological weaknesses and imperfections well enough to be actively trying to eliminate them. They must live in reality in comparing the costs and utility of the Shuttle to other methods of entering space. And they must be realistic in making contracts, in estimating costs, and the difficulty of the projects.

Only realistic flight schedules should be proposed, schedules that have a reasonable chance of being met.

If in this way the government would not support them, then so be it. NASA owes it to the citizens from whom it asks support to be frank, honest, and informative, so that these citizens can make the wisest decisions for the use of their limited resources. For a successful technology, reality must take precedence over public relations, for nature cannot be fooled.”

Richard Feynman, 1918 -1988

“The Challenger accident has frequently been used as a case study in the study of subjects such as engineering safety, the ethics of whistle-blowing, communications, group decision-making, and the dangers of groupthink. It is part of the required readings for engineers seeking a professional license in Canada and other countries.” [Wikipedia]

Feynman’s Appendix F: Personal Observations on Reliability of the Shuttle is well worth a read in full.

From a business management point of view, Lessons Learned are integral to all projects and there is no reason why they cannot apply across industries. But they are frequently forgotten or ignored, in a project’s desire to look only ahead and achieve future deliverables on time.

Lessons learned can make a hugely important contribution to positive change and shaping outcomes. Assessing what worked well and how it can be repeated, just as important as learning from what went wrong or what was missing.

Public relations efforts which ignore learning from the past, and which fail to acknowledge real issues and gloss over reality doom a project to failure through false expectation. Whether due to naivety, arrogance, or under leadership pressure, it can put a whole project in jeopardy and threaten its successful completion.  Both internal and external stakeholder management are put at unnecessary risk .

In the words of Richard Feynman, “For successful technology, reality must take precedence over public relations.”

#caredata, care.data, communications, leadership, transparency, words

Care.Data – Raw Highlights from The Health Select Committee

Words from The Health Select Committee 8th April 2014 – created via Wordle

From the Health Select Committee hearing on Tuesday April 8th, I have waded through all the words to come out with what I think are raw highlights of the key learnings and issues raised. The original in context, is here. The image is an indication of the emphasis of who spoke about what, based on word count alone.

Highlights from the Health Select Committee Members:

“…because what was happening in that meeting was that a lot of wriggling was going on”
“But you wrote to us, Mr Jones, with Mr Kelsey. Following on from my colleagues, we are not quite sure that the answers are very helpful. Could you turn to the letter and I will ask you for some information? This is very concerning and I hope this will be published on someone’s website—either yours or certainly the Health Committee’s website—so that people can see some of these answers and follow them up.”
“When things go wrong, as they appear to have done, we are entitled to ask you questions. I am absolutely appalled. I think the majority of us are, which is why you are back here again to try to work out why you don’t know what is going on in your organisation. This is a simple thing. It is either in the agreement, or it is not. “
“If we go back to the insurance actuaries—the Staple Inn Actuarial Society—these comments are from the report that it produced on the use of 188 million records taken from HES. It talked about the data as being “highly detailed”. We get an answer back saying that the data are in aggregated and anonymised form. Don’t forget that the HES database started off as an admin database for handling payments and information about patients. It was never set up to feed into the insurance industry, was it? After it had run all the things that it wanted for commercial reasons against hospital data, it said that HESID “does allow all periods of care for” a patient “to be identified and linked””
“Well, there is, because normally in the civil service, when there is a debate about something, civil servants will prepare a report, and find out the information and give it to the Minister, so that the Minister tells Parliament the correct position. That is not happening here, is it? A Minister can go into the Chamber and say something that is totally wrong…”
“We need to know what is out there now. There is a very strong feeling—I subscribe to it—that this data is not protected enough and has been let go. It is out there. You mentioned that there were 249 commercial reuse licences, of which 112 are left, but some of the ones I mentioned are also selling it on to other people. We have had lots of examples.”
“I looked at this [HES & other systems opt out] form and I found it difficult. We have been navigating around this system. After all these quite intrusive demands for information, we get on to an explanation of what happens if you request your patient information to be removed or anonymised. It states that “your data will be anonymised rather than removed”, but it goes on to say that there is a further step where you can request removal of your records from the NHAIS. Then it says this most damning thing: if you do that, your GP would no longer wish to have you on their list, and you would not be called for screening for things such as aortic abdominal aneurysm, which is a serious condition. Effectively, that is saying to people, “Yes, we can remove your records, but your GP wouldn’t want you on his list, and you wouldn’t be called for quite serious medical screening.” Surely there is something that falls short of that where a person can say, “I don’t want my records sold to these commercial companies, or to be used by insurance actuaries or comparison websites; I just want them used for my care.” I have asked the Minister this. You have produced a form that, I have to tell you, is quite scary. It is quite intrusive and it is quite scary. It says that if you fill it right to the end—it is quite confusing as to whether there are different steps here—your GP would no longer wish to have you on their list, and you wouldn’t be called for screening for serious medical conditions.” [note this is not the care.data opt out, but an additional choice]
“What we are talking about is audit. Can you audit? There are apparently going to be audits. Can you audit all the data releases? Can you say for all the HES data where it has gone, who is using it and for what?”
“there is a real difference from your pronouncements of what you say is the situation with data and what the people out there—commercial organisations that have HES data and already have large databases—are saying.”
“You have been seeking to demonstrate to us that you believe that the control regime you apply is effective for HES data, but now we are saying that for GP data, the control regime in future will be fundamentally different.”
“You said it would be treated differently “at its launch”. What changes do you anticipate? In other words, are we actually saying that we will pretend to give you additional security until we get that information from the public and the GPs, and after that we will subject it to different tests? In other words, this is a con job isn’t it? Dick Turpin with or without a mask is still Dick Turpin.”
“We don’t. There is actually no right to opt out in law. The Secretary of State has agreed that any objection will be dealt with, but we do not have a legal right.”
“That is CPRD, isn’t it? Is there any plan to bring CPRD under the HSCIC?”
“But the question I put to the Minister, which we do not seem to be getting to, is that I think there is a very strong drive for people to say, “I want my individual health records to be used for my care, and even for commissioning that care, but not for all these other uses.”  I think that is a very powerful desire. Why shouldn’t people ask for that?  The data is about them.”
“The implied consent model breaks down at the point at which people’s data starts to be used for marketing purposes.”
“It is different if your data is being used by researchers and academics, and by people who have built up a career and have integrity.”
“A lot of people are not comfortable that their data are used for such things, and nor am I.  You say that, constitutionally, you cannot make that distinction, but that is the point at which we lose confidence in the consent that was always there.”
““Without pseudonymisation, you risk substantial levels of patient and citizen objections. Without pseudonymisation, you lose data and devalue your dataset. Without pseudonymisation, the GP patient relationship is damaged and care may be impaired.” I must say, I think the patient reasons are a lot more compelling than the IT management reasons.”
“would it not be prudent to wait until you have that report on cyber-security before we press ahead with the data extraction?”

Highlights from the Health and Social Care Information Centre (HSCIC) Max and Manning:
“we have inherited the duties and responsibilities of the information centre and its 500 people, although they have been rewritten in the Act, but that is one part of what is now an organisation of 2,200 people”
“if you can demonstrate where we have not acted within the current law and the current regulations…”
“We need to be much more transparent about that.”
“The security threat and the volume of data are much greater, and the public’s confidence in public bodies to handle data—not just us, but across the whole public sector—has significantly changed. ”
“When I became chairman last June, it was clear that the approaches that had been adopted by the information centre were no longer entirely appropriate, given both the degree of data we were able to collect and a change in public expectations. It was also clear that some of the processes that the previous information centre had been operating were not as transparent or as consumer-friendly, if you like.”
“We think that, as of April 2013, there were 249 organisations that had extant data-sharing agreements issued by the NHS information centre…those data-sharing agreements applied to where we are issuing pseudonymised or identifiable data. This is where there is a theoretical risk of identification, so that is where we have data-sharing or data-reuse agreements in place.  There were 249 in April that had been issued by the NHS IC of which, in April this year, there remain 112, so they are running off as we go forward.”
“One of the areas that we think they should look at is indeed the extent to which we share or should share data with other Government bodies. This is an area where there is a lack of clarity and a great deal of sensitivity. We know from our research, by the way, that one area where we have absolute sensitivity is in this. People are very, very worried about the use of their medical records in any way that might have an impact on their tax returns, their benefits payments, their housing, or any of these things. This is where we would very much welcome the advice of Parliament and CAG—the extent to which this is possible. At the moment, as you know, we have not released any data to DWP or any such body but we absolutely recognise that it is a key issue.”
“The organisation used our logo without coming to us to seek our permission to do so. They were entitled to have access to that data under the agreement which they had..”
“We have an accountable relationship with our sponsor branch within the Department of Health, which results in us having a formal monthly meeting. I meet the permanent secretary on a monthly basis. That is the nature of an arm’s length body. We are accountable, then, through our attempt to be as transparent as possible to the public and Parliament.”
“Government policy has for a long time been to encourage the use of this data to advance both the health and social care system in this country and the economy.”
“.. I have a suspicion that it is because they [GPs] will not get paid if you are not on the list*.  You won’t appear on the register, and if you are not on the register, they won’t get paid.” [*not with reference to care.data but to the ‘third’ opt out form to opt out for other systems stored at HSCIC].
“At its launch it will be fundamentally different, because that was the basis on which the independent advisory group agreed to the extraction going forward. That was the basis, as I understand it, that NHS England negotiated with the RCGP and the BMA and other representatives. I think that is entirely appropriate.”
“As you are probably aware, there is considerable pressure from medical charities and researchers on the limitations—”
“There are no plans that I am aware of. Just for clarity we do handle data on behalf of CPRD to ensure the pseudonymisation process. We act as a contractor for CPRD”
“I cannot answer that question. I do not have that responsibility. You have to address the question to NHS England.”
“We are extremely concerned about the current threats to data security across the whole health and social care system. We will be carrying forward a series of actions, as I said, to significantly increase our surveillance and measures to attempt to get an enhanced level of assurance across the system as a whole.”
“The record of our ability to deliver high-quality technology systems is in the fact that the lights are on and on all the time in the NHS.”
“We are planning [for care.data launch] on the basis of what has been the last announcement, which is that it will be, I think, in October.”
“We have a good record. I used to be part of the Connecting for Health regime. We had a good working relationship with Atos running the choose and book service. Its delivery and performance on this first extract with the GP extraction software over the last few weeks has been encouraging.”
“Some of the older systems we have within the health and social care system simply cannot handle objections.”
“Patients have the ability to record two types of objection. The first type of objection is to any detailed information about them leaving their GP practice to the HSCIC. “
“The issue regarding what we would call dynamic consent—giving consent for different purposes—is one that we are conscious of. We think that we need to move in that direction.”
“I completely accept that the current consent models are too limited and that the objection process is too complicated. We need to be able to make it reversible as well.”
“the position in terms of care.data is entirely circumscribed.  We have already identified that that data is to be used only for very specific purposes; it will not go beyond that purpose.”
“All Governments have seen that as being a base upon which we can support and promote our health care and pharmaceutical industries. The health care research industry in this country is worth £5 billion a year, which is critical to the UK economy, and it is fundamentally linked to availability of data. The fact that we have that data is critical to the continuation of that research industry in this country. We must therefore balance issues such as privacy, access and the support of the industry. People have to have that debate, but we need to identify benefits from this data, as well as the issues you have raised.”
“Secondly, we have to recognise that we as the HSCIS have an awful lot of other information. When we think about pseudonymisation, we are going to link these data we collect to other data sources”
“We are therefore talking to the research community. It may well be a sensible solution with regard to supporting commissioning, where we may look at the costs and feasibility, to move to a situation where we will effectively provide an analytical service where researchers and others can effectively undertake the research within our data lab. That is something we think is a very good idea. HMRC do it already, and we have looked at that, and also the CMS in the States, which is the equivalent body to ourselves. We think it is very good. I am meeting with the MRC in the near future to discuss it for researchers. “
“In so doing, there was a view taken by the Department of Health and their lawyers that the document that we then produced did not meet the constitutional requirements of being a code of practice. What we did do was publish a guide to confidentiality which meets all the requirements of the code of practice. “
“In terms of your care record, if you opt out of type 1, your data will not be transferred for the purpose of the care.data programme for secondary uses. It won’t affect, by the way, the transfer of data for direct care.  It won’t impact on any direct service to you as a patient.”
“In terms of the number of people who have acted to opt out, [from secondary uses of hospital data, HES] it is 14 over the past four years.”
“we welcome the proposed involvement of the CAG, which would bring precisely that ethical and moral dimension to these decisions. We agree entirely that that dimension has been absent in the past..”
“It does cover HES data. At the moment, the only users of that HDIS service are in the public sector, not the private sector, during the trial period. We also make sure that all individuals who are users have been through individual training.”
“There are always going to be lots and lots of people who want to accumulate lots and lots of data in their own boxes. One of the reasons why we are interested in exploring the idea is because we are getting a plethora of databases being accumulated in universities and various other places. That gives us a technical problem because of the transformation errors that arise. These databases therefore are changed as they go through time.  I suspect that we are always going to have individuals who say, “I want to have my particular database.” We will have to discuss whether that will be feasible; there will always be that tension.”
“I know it is antiquated, but the danger is not the technology, but the people.”
“it deals with security and may include matters that we do not want to have in the public domain, but I am sure we could share it with the Committee on an individual basis. However, I do not want to go through the detail.”
“Our website is incredibly complicated, to say the least—I think we all recognise that. It is extremely good if you plough through it, but if you are unlucky, you will end up downloading 10 million lines of prescribing data.”
“You have raised an interesting point. When somebody says they do not want us to hold their record, do we delete it?”

HSCIC website