Whose data is it anyway?

The Government’s plans to share/sell/publish (depending on which newspaper report you’ve read) anonymous health information features prominently in many national newspapers today. The Sunday Telegraph carried the story with a remark that ‘excessive regulation’ is preventing sharing of information.

It is simply laughable to describe Britain’s data protection regime as excessive. Barely existent is closer to the truth. These proposals do little to address privacy concerns, focusing on potential benefits instead of very real civil liberties questions.

The Government, in trailing the story to the media before any detail has been published, is fuelling a fire that could do untold damage to patient confidence in the NHS.

The proposals also carry very real health concerns. It would be an extremely high price to pay if people, because of fears about confidentiality, told their GP less about their illness. Yet there is already evidence that this is happening and it is regretful the Government has announced this proposal without a serious discussion of confidentiality beforehand.

Coming at a time when the NHS is already the worst performing public organisation on data protection – as highlighted by Big Brother Watch’s recent report into data protection in the NHS. Indeed, it was only a few months ago that the Information Commissioner’s Office questioned whether there was a systematic problem in the NHS around data protection.

As highlighted by the Oxford Internet Institute in the British Medical Journal, “the current system of “partial pseudonymisation” is nothing of the sort: it is a euphemism to describe measures that might prevent immediate identification of individual patients by the person using the data but which do not make re-identification impossible or even difficult.” The Government’s assurances around confidentiality and anonymity have not addressed this point.

It should also be noted that at time when patient choice is a central aspect of health reforms, it is strange how this sharing is currently planned to be done without first giving patients the choice of including their own information in the scheme.

We do not doubt that the objectives of this policy are laudable. However it is simply not the case that personal information is adequately protected under the current system. The Deputy Prime Minister recognised this before the election when he said: “government simply cannot be trusted with our precious private information.”

The data protection regime in Britain requires urgent strengthening before anything resembling this kind of policy should be considered. Until then, Government should explain why it wants to share our data and the evidential basis for doing so. Big Brother Watch looks forward to this debate.

(See here for an interesting example of how in the US, anonymous health information was matched to another data source costing $20, and thus identifying every individual concerned.)

We are of course delighted to welcome Andy Burnham MP, the former minister responsible to ID Cards, to the privacy fold. As the man who once said “Once you link personal facts and figures – address, name, date of birth – to a unique personal stamp, people will have much greater control over the issue of their identity” it is refreshing to see he has accepted the error of his ways!


  1. Pix
    5th December 2011

    This must not be allowed to happen.  I do not consent to the government or anyone else being able to make decisions about my health data and who should be able to see it or process it.  Due to numerous and repeated data breaches within the NHS concerning my data I have already opted out of almost all the services of the NHS.  Due to the problems I have experienced regarding lack of confidentiality within the NHS I do not go to my GP unless it is absolutely necessary and even then I will only give the very minimal information. 

    Regarding anonymisation in the NHS – the NHS includes patient postcodes and dates of birth (which makes it easy to identify patients) in the data they claim is anonymised.  They give out identifiable data without patient knowledge and consent all the time.  When you find out about it you then discover that you are entitled to refuse for this to happen – problem is they don’t tell you about these practices unless, like me, you ask directly.  Next problem is that unless you have an inkling that they will use and abuse your data then why would you ask?  The whole situation is diabolical and the ICO is doing nothing about it.

  2. Oldlegs
    6th December 2011

    Given that East Herts Health have already lost my data I could be forgiven for thinking who cares!! However, this is yet further ideological management by this shitty government – making announcements before anyone has even been invovled in any sort of debate. It is further evidence of the government/authorities/elites desire to cleanse the population by virtue of scaremongering and deceit.

    People should wake up to this sort of anti-democratic behaviour and rid themselves of the fascist tendency.

  3. Phil Randome
    7th December 2011

    Lie. I told my surgery several years ago that I was moving & gave a poste restante address. The phone No. I’ve given is my wife’s mobile & I never complete any forms for hospitals & clinics & explain that by doing so I give authoruty for my information to be uploaded. I always insist that it isn’t especially to the Secondary Uses Service. 

  4. Pix
    8th December 2011

    I have just listened to last night’s Moral Maze programme which is available on BBC website.  It was a good debate and raised a number of pertinent issues.  Nick Pickles rightly drew attention to the vitally important issue of the NHS idea that partial anonymity of data is acceptable when in fact many disagree.  This issue should have been explored more deeply on the programme.  I for one do not accept that giving my postcode and date of birth within anonymised data is acceptable.  This is not anonymised as it is easy to trace individuals with this data.  The whole issue of anonymity and the NHS needs to be carefully looked at because the NHS are currently giving out people’s data in a format that could identify them without seeking consent and usually without the knowledge of the people concerned.  Furthermore the vital issue of WHO would make the decisions about what data is shared and how anonymised it would actually be has not been debated yet.  

    The debate from the radio programme comes down on the utilitarian perspective that we should all give up our data for the greater good.  However, using people as a means to an end instead of an end in themselves does not consider the damage done to the individual who does not want their data shared.  As I have said before I am very selective about what I tell my doctor now because of breaches of data within the NHS.  So the advice from Phil Randome seems reasonable – lie (and sign or fill in nothing).

  5. hollister uk
    6th January 2012

    yes,i do