Whose data is it anyway?

The Government’s plans to share/sell/publish (depending on which newspaper report you’ve read) anonymous health information features prominently in many national newspapers today. The Sunday Telegraph carried the story with a remark that ‘excessive regulation’ is preventing sharing of information.

It is simply laughable to describe Britain’s data protection regime as excessive. Barely existent is closer to the truth. These proposals do little to address privacy concerns, focusing on potential benefits instead of very real civil liberties questions.

The Government, in trailing the story to the media before any detail has been published, is fuelling a fire that could do untold damage to patient confidence in the NHS.

The proposals also carry very real health concerns. It would be an extremely high price to pay if people, because of fears about confidentiality, told their GP less about their illness. Yet there is already evidence that this is happening and it is regretful the Government has announced this proposal without a serious discussion of confidentiality beforehand.

Coming at a time when the NHS is already the worst performing public organisation on data protection – as highlighted by Big Brother Watch’s recent report into data protection in the NHS. Indeed, it was only a few months ago that the Information Commissioner’s Office questioned whether there was a systematic problem in the NHS around data protection.

As highlighted by the Oxford Internet Institute in the British Medical Journal, “the current system of “partial pseudonymisation” is nothing of the sort: it is a euphemism to describe measures that might prevent immediate identification of individual patients by the person using the data but which do not make re-identification impossible or even difficult.” The Government’s assurances around confidentiality and anonymity have not addressed this point.

It should also be noted that at time when patient choice is a central aspect of health reforms, it is strange how this sharing is currently planned to be done without first giving patients the choice of including their own information in the scheme.

We do not doubt that the objectives of this policy are laudable. However it is simply not the case that personal information is adequately protected under the current system. The Deputy Prime Minister recognised this before the election when he said: “government simply cannot be trusted with our precious private information.”

The data protection regime in Britain requires urgent strengthening before anything resembling this kind of policy should be considered. Until then, Government should explain why it wants to share our data and the evidential basis for doing so. Big Brother Watch looks forward to this debate.

(See here for an interesting example of how in the US, anonymous health information was matched to another data source costing $20, and thus identifying every individual concerned.)

We are of course delighted to welcome Andy Burnham MP, the former minister responsible to ID Cards, to the privacy fold. As the man who once said “Once you link personal facts and figures – address, name, date of birth – to a unique personal stamp, people will have much greater control over the issue of their identity” it is refreshing to see he has accepted the error of his ways!