A judicial review will inevitably challenge the UK government’s plans to extract millions of sensitive medical records held in GP systems in England, according to a senior Conservative MP.
Speaking in Parliament last night, David Davis said that if privacy activists were concerned about the government’s plans for General practice data for planning and research (GPDPR) were not approached, they would initiate formal proceedings to stop it.
“Unless the government takes corrective action to address our concerns, there will inevitably be a full judicial review,” he told MPs.
Davis had endorsed a letter threatening such a review – also supported by tech advocates Foxglove, Just Treatment, Doctors’ Association UK, the Citizens, openDemocracy, and the National Pensioners Convention – just before the July 1st to May 1st data extraction. July was postponed to September.
But in Parliament, Davis called an adjournment debate in the House of Commons yesterday to argue that the database compromises patient confidentiality, the government could share the information with private tech companies, and is a tempting target for criminals.
“Patient trust is vital to our NHS, so foreign tech companies like Palantir, with their history of supporting mass surveillance, assisting drone attacks, immigration robberies and predictive policing, must not be placed at the center of our NHS,” he told MPs.
“We shouldn’t give our most sensitive medical information lightly under the guise of ‘research’ to huge corporations that focus on making profit over people.”
Davis criticized that pseudonymized patient data should be stored because medical records cannot be completely anonymized, which is well known to those skilled in the art.
“The government has failed to explain exactly how it will use the data, not to say who will use the data, and not to say how it will protect this treasure trove of information,” he said.
Medical histories including psychiatric illnesses, a history of drug or alcohol abuse, sexually transmitted infections and abortions would be kept on record.
“Revealing this may not be embarrassing for everyone. But it could be life-threatening to someone,” said Davis.
In the meantime, maintaining a central repository of medical histories would inevitably attract nefarious actors who want to illegally break into the system. Davis pointed out a 2017 ransomware attack brought parts of the NHS to its knees, leading to trusts rejecting patients and canceling 20,000 operations.
“These highlight significant issues that the government has yet to address,” he said.
The backbench MP also said there was a severe lack of communication with the public about their rights to be excluded from the program.
“Where are the texts, the e-mails, the letters to the patients?” he asked. “In the Today program earlier this week, the Minister of Health stated that he is now ready to contact any patient. This is welcome and he should now write to each individual patient involved in this proposed database and duly inform them.” . “
The GPDPR is designed to store historical and ongoing GP records from 55 million people in England. When it was quietly announced in May, NHS Digital told citizens that they would have to make a decision on July 1st by June 23rd before implementing it.
Davis advocated the OpenSafely approach to NHS patient data and analytics developed by Dr. Ben Goldacre, science activist and director of the DataLab at the Nuffield Department of Primary Care Health Sciences, and others.
The approach, sometimes referred to as Trusted Research Environments (TREs), avoids extracting sensitive patient records and instead performs analysis on the data in its original repository. Each analysis is performed by a select group of data scientists, and the only data that leaves the group is summaries of certain queries.
Davis praised OpenSafely for being “distributed across a number of databases – not centralized. Your software manages health data in the secure systems on which it was already stored – it is not transported outside of the existing servers.
“This is important because the biggest risk with any new data system is losing control of the data distribution – once it’s out there, like Pandora’s Box, the lid can’t be closed.”
In his response in Parliament, Health Secretary Matt Hancock also appeared to be in favor of the OpenSafely / TRE model, but with one crucial difference. NHS Digital, effectively a government agency, would extract GP patient data into a central repository and then apply the TRE model instead of applying it to data already in GP systems.
“I have heard the concerns people have about the dissemination of pseudonymized data. We will not use this approach in the new GPDPR: the new system will instead use trusted research environments,” Hancock told MPs. “All data in the system will only ever be accessible via one TRE. And that means that the data is always protected in the secure environment, individual data are never visible to the researcher and we know and publish who ran” which query or which data bit to use. “
Critics may point out that trust in this approach relies on trust in NHS Digital, which operates and controls the central repository of patient data after it has been extracted from the GP systems.
Hancock did not repeat his promise to inform the patient in writing of their right to refuse data collection. ®