National data guardian calls for dialogue on NHS Digital GP plans

Nicola Byrne, the UK’s national data guardian for health and social care, has called for more dialogue over the NHS Digital GP Data for Planning and Research (GPDPR) programme as concern spreads among the general public over the safety and security of their confidential medical data.

The programme will see all data held by GPs on their patients in England scraped into a “pseudonymised” database at the end of June 2021. The data store is intended to be used for healthcare planning and research purposes, and it may be shared with third parties such as research institutes and pharmaceutical companies where there is a legal basis to do so.

However, NHS Digital has drawn brickbats over the programme, with privacy experts criticising it for failing to adequately publicise the project, clearly explain people’s rights to opt out, and for placing a burden of additional paperwork on GP surgeries during a global health crisis. GPDPR is now also the subject of a legal challenge which may force it to be delayed.

In a statement, Byrne said: “I am continuing to listen to and talk with patient groups and the public to inform my discussions with system leaders. My focus is on encouraging the organisations involved to work together to make it sufficiently clear to the public how data will be used and kept secure, both now and in the future.

“As the recently established 8th Caldicott Principle makes clear, it is important that there are no surprises for the public about how confidential information about them is used.”

Byrne said the reasons for the GPDPR scheme were fundamentally sound because it was “vital” that data is used to improve healthcare standards through planning and research. Information contained in GP records had an important part to play in this, she added, for example by giving NHS planners the insight they need to target services and treatments for vulnerable people.

“Public attitudes research demonstrates that patients and service users are supportive of health and care data being used if certain expectations are met, including that it delivers a public benefit, that it is made clear to them what will and will not be done with the data, and what choices people have about its use,” said Byrne.

“My focus is on encouraging the organisations involved to work together to make it sufficiently clear to the public how data will be used and kept secure, both now and in the future. It is important that there are no surprises for the public about how confidential information about them is used”
Nicola Byrne, national data guardian for health and social care

“People also want to know that robust cyber security arrangements are in place to keep confidential data about them safe. The Office of the National Data Guardian has been involved since 2018 in system-wide discussions about how the new GP data collection [system] can meet these expectations so that trust is maintained,” she added.

“The new system for collecting general practice data provides an opportunity to strengthen the safeguards that protect GP data and provide strong oversight of its use for planning and research of benefit to health and care.”

The role of national data guardian for health and social care was initially established in 2014 and held until the beginning of 2021 by Fiona Caldicott, who passed away just weeks before her planned retirement.

During her tenure, Caldicott had significant input into NHS cyber policy, overseeing among other things the publication in 2016 of a major review of information governance and data security that recommended the adoption of new standards based around people, processes and technology.

Her recommendations also led to the shuttering of NHS England’s Care.data data-sharing programme, which was tainted by similar failings around transparency as many now believe are dogging the GDDPR plans.

Byrne – who has a background in psychiatry and continues to practice as a consultant on a part-time basis – was appointed following an open public appointment process overseen by, among others, NHSX chief Matthew Gould.

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to our Newsletter