Fair Shares for All

October 2012

Doctor typing on laptopThe BCS Primary Healthcare Specialist Group report ‘Fair Shares for All’ examines patient information governance in the light of stakeholder opinion and practice, relevant law, guidance, recent changes and proposals.

It contains recommendations that support patient data being kept securely and used fully and responsibly for legitimate primary and secondary purposes.

With this in mind Ian Herbert, Deputy Chair, BCS HIF, provides just a taste of a sizeable report on a complex subject, and here only deals with secondary uses of patient data, ignoring report content on primary uses and security.

Why this report now?

Respect for the confidentiality of patient data provided for personal care is the foundation of the trust at the heart of the patient - clinician relationship. Sharing data, as patients expect, creates a virtuous circle and encourages patients to share their data for care and laudable secondary purposes.

The converse undermines public confidence in the NHS and discourages patients from providing data to their clinicians and researchers, clinicians from recording what they are told, and in extreme cases patients from seeking treatment1. It will lead some patients to hold records to which they alone control access for all the wrong reasons.

Government’s and researchers’ commendable desire2 to make the UK a world leader in life sciences research through greater use of NHS patient data, the government’s Open Data3 Initiative and the additional access to confidential patient data provided by the Health and Social Care Act 20124 make this a particularly apposite time to examine patient data governance.

The ‘Information Revolution’ promised in the white papers5 6 preceding the Act requires greater sharing of good quality patient data to succeed. Sharing is becoming easier as more patient data is held digitally.

It is too early to assess the impact of the government’s life science research proposal on patient data confidentiality but the Act is significantly at odds with the assurances about patient control of their data given in the preceding white papers. It abolishes the independent body (the National Information Governance Board - NIGB) that produces advice and guidance on sharing personal information for health and social care.

Although the Act removes two gateways proposed by the Bill for sharing identifiable patient data without patient consent, it still creates significant new routes for doing so, including powers by regulation and direction subject to little and no parliamentary scrutiny respectively before their adoption.

The new Information Centre is also required to publish all the data that it collects in de-identified form, with the consequent risk of re-identification without additional constraints. The government mantra ‘no decision about me without me’ appears not to apply to sharing patient information.

Patient data disclosure will also increase to support the extension of payment by results (PbR) and commissioning in the NHS, including sensitive areas such as mental health. More and more varied public, commercial and third sector bodies will require patient data. Other than between care providers, this should involve sharing the necessary data in an effectively de-identified form.

We are aware of considerable use of uncontested identifiable data for analytical purposes at PCT level which we believe could and should use pseudonymised data. However we also know of exemplary work by projects and bodies inside and outside the NHS that uses and extends best-practice patient information governance.

However privacy-enhancing technology (PET) is increasingly enabling the use of de-identified and pseudonymised data for most secondary purposes, including linking data from different sources, quality control, finding research participants and re-identifying subjects for subsequent contact7.

This is raising the bar that an application to use identifiable patient data without consent must clear before the Ethics & Confidentiality Committee (ECC)8 can approve it. Some secondary users appear to be unaware of this, and not all fully exploit PET. De-identifying data and searching for research subjects are themselves secondary purposes9, and individual data containing NHS numbers are regarded as identifiable.

The risk of re-identifying de-identified data is never zero and depends on the sharing context as well as the data content. It is greatest with rich data shared in 'bird table' mode, where anyone can use it repeatedly for any purpose(s) in association with any other data that they can access.

The risk may be such that the data should be treated as identifiable. In other cases constraints on the sampling frame, the form in which data is shared, with whom and its uses10 will render the risk acceptable. Applying the ‘least principle’ minimises the risk - the least data, copied the least number of times, held for the least time and used by the least number of people necessary for specific purpose(s).

Behind our concerns is an evident mismatch11 between the Act and the ambitions of some secondary users (particularly the research lobby12) on the one hand, and the expectations of patients13, clinicians and NIGB14 on the other. The impact of this mismatch is muted by low public and patient awareness of the secondary uses of their data.

Some of the report’s conclusions

  1. Patients should be better informed beforehand about secondary uses of their data.
  2. Patients should be able to offer or deny their identifiable and/or de-identified data to researchers.
  3. Secondary users should use PET and de-identified data wherever possible: there should be little (and diminishing) use of identifiable data without consent.
  4. Where identifiable data (or high-risk de-identified individual data) is required for a specific secondary purpose by a respected user in well controlled environment, patient consent is preferable but a well-publicised, easy-to-use opt-out may suffice.
  5. Rich long-term general purpose databases of individual patient data should be permitted where they are the only realistic way to answer important questions. The corollary is that they should operate under higher governance standards with heavy (ideally criminal) penalties for data misuse. An informed opt-in (i.e. consent) should be sought from patients.
  6. More needs to be known15 about the government’s life sciences initiative before assessing its impact on patient data confidentiality.
  7. As discussed previously, the need for an independent, authoritative and trusted body, such as NIGB, is greater than ever. Its scheduled abolition is little short of vandalism and should be cancelled.


1 Fairwarning: How Privacy Considerations Drive Patient Decisions and Impact Patient Care Outcomes, New London Consulting, Oct 2011

2 Full Text of David Cameron’s speech of December 5th 2011 on the NHS and the Life Sciences

3 http://data.gov.uk

4 http://www.legislation.gov.uk

5 Equity and excellence: Liberating the NHS HMG, July 2010

6 Liberating the NHS: An Information revolution: a consultation  HMG, October 2010

7See Fair Shares for All, Annex I

8 The ECC moves into the Care Quality Commission in the 2012 Act.

9 However care providers may do both with data in their control.

10Jane Yakowitz Tragedy of the Commons 2011 

11Summary of Responses to the Consultation on the Additional Uses of Patient Data  CfH,27th November 2009 

12A new pathway for the regulation and governance of health research Academy of Medical Sciences, Jan 2011 

13 See ‘Fair Shares for All’, chapter 4

14 For NIGB’s publications see http://www.nigb.nhs.uk/pubs

15See the list of questions in Fair Shares for All’ section 7.5.2

There are no comments on this item

Leave Comment

Post a comment