Harringay, Haringey - So Good they Spelt it Twice!
Govt plan to sell your GP records
Hi,
As a concerned citizen I thought many of you might be interested to learn that the Government is preparing for the "biggest data grab" in the history of the NHS, giving patients little information or warning about the planned transfer of medical records from GP surgeries in England to a central store for research purposes – and with no prospect of the data being deleted.
For me this is shocking behaviour yet apparently there is a way to opt out - but you must hand a physical form to your GP by 23 Jun 2021 - 1 month away. The Govt are making it difficult by insisting on a physical form even though we live in a digital age. More skulduggery. My doctor's surgery knew nothing about this plan or the fact that they were expected to process patient's dissent forms! Madness.
See the links below for me details in general about what is happening and what you can do.
I have written to the MP for Haringey to complain and I recommend that you do the same.
The Byline Times - The Government Wants to Sell Your GP Medical Rec...
NHS Digital - General Practice Data for Planning and Research (GPDPR)
It has not gone unnoticed that the mainstream media has not picked up on this story!
Best of luck
Rob
PS: Spread the word!
Replies to This Discussion
-
Permalink Reply by adamvietnam on
-
According to one of the links...
NHS Digital - General Practice Data for Planning and Research (GPDPR)
The data is going to be pretty much anonymised.
Assuming they're telling the truth about that is this so bad?
-
Permalink Reply by Rob on
-
Hi mate,
Please see my comments to Classical Contrarian.
One thing though, you refer to the official NHS Digital site. Why not do your research and see what other sources say?
Best of luck
-
Permalink Reply by Classical Contrarian on
-
I was initially worried, but given you links and reading them over an hour, I'm actually pretty well assured that there's no reckless 'selling' of the data.
Any data shared is annonymous.
Any data being shared is agree by an independent board.
Data has been shared before to help with scientific studies.
Data will only be shared for scientific reasons and development of science.
One can clearly and easily opt out.
If it means we can have access to better scientific understanding or the development of new drugs, let's go!
-
-
Good morning,
I am glad the links help you to understand and allay your fears but let me address each of your points below.
Any data shared is anonymous - if something can anonymised then it can be de-anonymised. There are no certainties with this process and it is not 100% fool proof.
Any data being shared is agree by an independent board - this is not how data protection works. Who are these independent board members? Where is the Data Protection Impact Assessment to clarify any potential issues and demonstrate security?
Data has been shared before to help with scientific studies - when? Was consent given? What was the legal justification for sharing such data and has said data been securely disposed? Basic Data Protection conditions must have been met to do this.
Data will only be shared for scientific reasons and development of science - same as above. Legal justification and/or consent?
One can clearly and easily opt out - one cannot actually easily opt out. We are talking about a physical piece of paper. Why not an online form? This creates a lot of effort for patient and practice. Also, UKGDPR clearly states that people must opt in themselves - why is everyone involuntarily opted in for this scheme?
The key issues here are scrutiny and oversight.
Why is this so hush hush?
Why do the doctor's practice know nothing about it?
Where is the public consultation?
Where is the Data Protection Impact Assessment (DPIA)?
Why is it not in the media for discussion?
This is not paranoia - this is simply flagging what seems like a dubious process, which contravenes current legislation, to access seriously sensitive personal data.
-
-
Hi Rob,
When you say " if something can anonymised then it can be de-anonymised" I can assure you that that is not correct. I say this as someone who has had experience in this field.
The process of anonymising data specifically removes those aspects that allow a reverse mapping.
As I said before, this assumes the anonymising is done reasonably competently and that the NHS is being truthful in its statements. If it isn't then of course all bets are off - but that is a different issue.
As regards opting in vs opting out, your points are fair but maybe it's like organ donation which changed from opt-in to opt-out for the good of society.
-
-
I think Rob is correct about de-anonymisation.
In the NHS page (https://digital.nhs.uk/data-and-information/data-collections-and-da...) it's clearly explained that "This process is called pseudonymisation and means that patients will not be identified directly in the data. NHS Digital will be able to use the software to convert the unique codes back to data that could directly identify patients in certain circumstances, and where there is a valid legal reason."
This implies that, unless there's a clear and verifiable data policy for handling the de-anonymisation keys and process, there's no guarantee that someone other than the NHS could be able to reverse it (eg. through data breaches) nor that the NHS may want to provide de-anonymisation as a service service to other parties for a fee.
I'm not saying that's going to happen, just that it's a possibility since there doesn't seem to be any guarantee around that.
Disclaimer: I also work in the field.
-
-
Thank you Piero,
I wasn't going to continue with this conversation - just let people make their own minds up (dangerous as that can be) - but I will flag my key point again, for anyone already in this conversation:Whether Govt have the best anonymisation techniques in the world or not;
whether they have the best means to migrate data;
whether they have the best and most secure capabilities to safely house such (sensitive) data;
whether they have the most up to date and sophisticated security protection;
whether they have the best data analytics teams in the world;
whether they will only use such sensitive data for the reasons set out (rather vaguely) on a NHS Digital website
whether they have the money to keep such sensitive data out of the hands of predatory companies in the private sector etc etc etc etc
THEN EXPLAIN THIS PUBLICLY IN A DPIA AND THROUGH A PUBLIC CONSULTATION!
As someone who works in information management in central government I can assure you of none of the above!
Taking what is written on the NHS Digital website at face value is akin to believing Matt Hancock when he told the public that people being put into care homes, from hospitals, during a pandemic, were tested. We all had our suspicions then too!
-
-
You assume too much - look for facts instead.
This is nothing like organ donation - data protection legislation exists for a reason.
-
-
"While the data will supposedly be anonymised, the NHS will hold secret ‘codes’ to unlock the identity of the data’s owners if there is a ‘valid legal reason’."
NHS Digital set to share medical records with outside third parties...
When this whole episode comes into the public reckoning for real, experts in your field will pull apart the Govts "anonymisation" fibs. This is first report in the media - more will come.
© 2024 Created by Hugh.
Powered by
