Opaque plan to share UK patient data with third parties backfires
Occurred: May 2021
Report incident 🔥 | Improve page 💁 | Access database 🔢
A plan by the UK National Health Service (NHS) to pool sensitive personal medical histories on to a central database and make them available to third parties prompted significant controversy.
The stated aim of the UK's General Practice Data for Planning and Research (GPDPR) programme was to improve healthcare research and planning by providing researchers and commercial entities access to the anonymised patient health histories of 55 million people in England. Patients were given six weeks to opt out of the programme.
The news prompted an immediate and broad backlash from medical professionals, digital rights activists, and politicians accusing the government of inadequate transparency about the existence and nature of the programme, in particular about which types of organisations would have access to the data and what they would able to do with it.
Concerns were also expressed about the security and potential misuse of sensitive medical information, as well as about potential access to patient data by private companies, notably by controversial US technology company Palantir.
Organisations such as the Doctors' Association UK (DAUK) also expressed concerns that the scheme could affect the GP-patient relationship and potentially discourage patients from seeking medical care due to privacy concerns.
The backlash resulted the initial opt-out period being extended for two months, with patients able to opt-out at any time during the programme.
➕ February 2021. The NHS faced legal action over its contract with Palantir, which has been involved in analysing UK public health data.
Operator: National Health Service (NHS)
Developer: NHS Digital
Country: