Opt out of NHS Data Grab: a concern for researchers

‘Opt out of NHS Data Grab – tell your GP before the deadline.’ My inbox was humming with emails about this. But I have worked with Big Data and am aware of how useful joining up data can be. It can shape decision-making at institutional and at government level. Privacy concerns seem petty by comparison.

My personal concern about withdrawing my data from what could be useful to medical research is because I am a female who has had a mild heart attack. My story, my body measurements, and my treatment are all in the NHS data.

I know that it is necessary for researchers to do MORE research into female heart patients because the symptoms defined, both for doctors and the general public, tend to be based on how heart attacks manifest in men, not women.

Opt out of NHS Data

This line of argument could be extended to others opting-out. If all those opting out tend to be of a certain type – of the age-group, income class, internet – savvy clickers on petitions – then the health conditions of those will not show up in the research.

In large numbers, this could make an impact on decision-making. And anyway, how different are these opters-out from anti-vaxers? Are they just stupidly scared of big science? Waving the flag of individual liberty in the face of unstoppable big tech?

One of the campaigning websites, Medconfidential, proclaims, “Research deserves the data it needs on people who want their data used.” Not reassuring, as it would tend to skew data, as explained above. But it then continues “and have confidence in how it is used.” This is the nub of the argument. The government is destroying trust on how it is used.

There has been public anxiety about this before, in 2014, when it was reported that HSCIC had given actuaries care data. Joining up care data is essential to good patient treatment: hospitals need to know what GPs have done, and care homes need to know what hospitals have done.

Most hospitals now have digital records. What I observed in the cardio ward were the professionals all consulting their phones for my data and also the ward screens. The days of the clipboard hanging from the foot of the bed are long gone. Opting out of GP data does not block care data necessary for current treatment.


There is huge current concern that “healthcare corporations are slowly taking control of more and more of the NHS” (Just Treatment). This concern arises from news clips about GP surgeries and agencies bought up by foreign-owned corporations, as well as from Panorama expositions about how US Big Pharma wants to garner big mark-ups from higher priced drugs sold to the NHS after the putative post-Brexit trade deal.


Boundary between public and private healthcare

What is the proper boundary between public and private in health care?

It is instructive to look at how Astra-Zeneca developed their vaccine. Researchers employed in Oxford University (a public institution) identified a vaccine, but for the manufacture of it they needed a company willing to take a big risk – Astra-Zeneca. Eventually this vaccine process has been further financed by launching a company on the New York Stock Exchange.

The delivery of the vaccine in the UK has been by the NHS. So the innovative growing edges of the health industry need private money and corporate structures while the care remains public. “Just Treatment” wants “an end to corporate power in our health systems” and “a fully-funded, publicly-owned and operated NHS.”

On the one hand, there is huge commitment to the NHS as a public service, but on the other hand, there is awareness of the big potential wealth and health gain of new research. The tussle for NHS data is in the middle of this. “In reckless pursuit of a life sciences economy at all costs, the Secretary of State has rushed headlong towards selling data to his cronies,” proclaims Medconfidential.

Support Kent Bylines with a regular or one-off donation

Citizen journalism

Progressive | Internationalist | Speaking truth to power

That is the nub of the problem: WHO exactly is to be allowed to utilise this data? At worst, it seems like just another lucrative contract for cronies. And there are strong political objections to contracts being handed to firms such as Palantir, owned by Peter Thiel, chum of Donald Trump, and with links to US Border Guard security. Hancock recently extended their Covid 19 contract for another two years, in spite of protests about mission cree

Data can be joined up beyond the health field – to immigration controls, or crime investigation (already allowed in one clause of GDPR). As the 2014 controversy showed, actuaries might be able to identify the individuals in the data.

NHSX current strategy with regard to data is explained in a film that advises those who need to apply to use NHS data.

A good application will explain exactly and in detail which data you need, why you need it, how it will be used and by whom. Most importantly, you need to show how you have minimised the impact on patient privacy and explain the public benefit you intend to achieve.

This seems an irreproachable system, so why the public protest? What protesters fear is that the contracts for chums, increasingly being exposed by the Covid contracts that the Good Law Project is challenging, are about to intrude into the data operations of the NHS, as the contract for Palentir exemplified.

Now, what the campaigners on the GP data grab achieved was that the deadline has been delayed three months. This is good: there is now a pause for public debate. The public needs to be properly consulted through patient bodies, not just twitter slogans flying around.

The government and NHSX need to be transparent about WHO the data is released to. In spite of the avowed strategy claims of NHSX, there is no publically available site where we can see the list of those who have been granted access to NHSX and for what. Amid secrecy, mistrust festers.

From the researchers’ point of view, we do not want to encourage more opters-out to skew the data but, from the patient’s point of view, we need to be sure that the data is properly anonymised, and only released to agencies properly trained in GDPR principles.

Don’t let us waste this three months’ pause.

Let’s ask how local consultation is being organised for patients who are concerned about their data. Let’s write to MPs and request improved legislation on how NHS data is handled, with safeguards, monitoring and penalties for misuse.