Did We Learn Nothing from the Last NHS Health Data Grab?
Robin Burgess, who witnessed the chaos of the ‘care.data’ scheme eight years ago, sees the same lack of consent, trust and engagement in its most recent incarnation
From 2013 to 2015, I was at the heart of the implementation of the ‘care.data’ programme as NHS England’s regional head of intelligence for London.
Care.data was the first, failed and disastrous attempt to harvest the public’s healthcare data without proper planning, consultation or engagement with people.
The current attempt to grab NHS patients’ GP records is repeating all of the same mistakes, including the core problem: the failure to gain the trust of both healthcare professionals and the public through properly communicating with them.
Care.data was horribly rushed and driven on at a furious and incoherent pace by the then lead for data at NHS England, Tim Kelsey. A history graduate and former journalist, he was a data harvesting man and the co-founder of Dr Foster – a commercial enterprise later sold to the NHS, but the purpose of which was to use big data sets, not for commercial gain but for healthcare planning purposes.
Dr Foster sold NHS data back to the NHS for profit after analysis. It may have been designed for improvements in healthcare, but the profit was still made in the commercial sector.
It was understood internally from the start that there was a possible commercial purpose for care.data. The gains to healthcare were always vague and poorly defined. In practice, most NHS research, or quality improvement of real clinical value, is designed by clinical researchers and consented to with proper information given to patients because it is part of a clearly communicated research programme whereby everyone understands what the data is being used for.
This was never the case with care.data and it does not appear to be the case with the latest programme. At the heart of both is a failure on the part of Government in explicitly setting out what the value is of this scale of data extraction and how patient care will benefit as a result.
As care.data raced to be commenced in 2014, it was clear to most of us inside the programme that public communication about the programme was simply inadequate and that data-sharing had to be a joint enterprise based on trust. The first implementation delay was driven by the conviction many of us had, that we had a duty to consult and engage, not simply send out a hopelessly inadequate leaflet.
I remember the frenetic drafting and redrafting as Kelsey demanded the programme launch. Patient consultation, what they thought, their concerns, were all sidelined in the desperate pressure to get it done.
The current programme needs to go the way of care.data and the Caldicott requirement for proper consultation be put back into place
Ultimately, we managed to get public consultation built-in and, from the spring through to Christmas 2014, I personally undertook this in London – criss-crossing the capital to speak day and night at patient engagement events and surgeries, with doctors and patient groups in nearly every borough. I spoke to ordinary people in the Docklands, a Vietnamese community project in Rotherhithe, a group that contained the retired former head of data at the Department of Health in Putney, and angry crowds in public meetings in Hackney and Wandsworth, along with dozens more. I gave people an opportunity to speak and recorded their voices, reassuring them where I could, and channelled their views back to HQ.
Both doctors and patients I spoke to were unequivocal in their views: nobody wanted patients’ data to be sold to commercial organisations; they wanted control and to be informed. The same views emerged in other equivalent consultations carried out in other regions.
In the end, due to furore – which also found publicity in the mainstream media – the programme was effectively scrapped and a review put in place. The late Fiona Caldicott, the NHS Data Guardian, played a key role and endorsed the need to consult the public over use of patient data.
Her letter to the Department of Health in 2016 was crystal clear in setting out the key things required: public trust, proper information, and a partnership of respect between patients and the NHS:
“The National Data Guardian recommends that there needs to be a much more extensive dialogue with the public about how their information will be used, and the benefits of data-sharing for their own care, for the health and social care system, and for research. She suggests that there should be a full consultation on her proposals, as a first step in beginning that debate.”
Care.data was a shoddy and poorly thought-through programme that collapsed because of failures in management and communications. But, compared to its current incarnation, it is clear that this time the handling is even worse. The Government has produced no public information campaign – no public events, no meaningful guarantees about controls over use of their data. Instead, the programme contains the same lack of safeguards about how supposedly unidentifiable data can, in practice, always be unlocked and shared.
The creeping privatisation of the NHS and concerns about data harvesting and its misuse has resulted in people becoming ever warier of big data and its motivations. The current programme needs to go the way of care.data and the Caldicott requirement for proper consultation put back into place.
Robin Burgess is former regional head of intelligence for the NHS England London region