Whitehall's Misfeasance in Public Office (MiPo) Express hurtles on.
Once again the UK's NHS (National Health Service) is in the news, this time as a result of its care.data initiative.
care.data is a threat to medical confidentiality. The campaign to protect medical confidentiality has been conducted by medConfidential, among others. The other day they were able to celebrate one battle won – the introduction of care.data has now been delayed for six months:
.@TheBMA announce #caredata uploads postponed until the Autumn. @NHSEngland must now write to every patient direct and include opt out form!
Congratulations to medConfidential. And also to the BMA (the British Medical Association) and to NHS England:
The NHS already has access to patients' hospital records, which can be used to measure the performance of hospitals. That data is also an invaluable resource for medical research. The idea of care.data is for the first time to add patients' GP records to the hospital data to make an even greater resource for audit and for research.
Tim Kelsey, national director for patients and information at NHS England, said:
“NHS England exists for patients and we are determined to listen to what they tell us. We have been told very clearly that patients need more time to learn about the benefits of sharing information and their right to object to their information being shared. That is why we are extending the public awareness campaign by an extra six months.”
An Englishman's relationship with his or her family GP (General Practitioner) is very personal and the thought of scores of strangers sifting through all our currently confidential records is bringing a lot of us out in spots. Few of us can make the case for the prosecution cogently. So let's hand that job over to Ben Goldacre, a doctor, the author of Bad Science, a journalist and public speaker, and an enthusiastic advocate of care.data.
Writing in the Guardian the other day, The NHS plan to share our medical data can save lives – but must be done right, he said that care.data ...
"Bungled implementation"? "Plummeting public support"? "Arrogant paternalism"? "Crass boasts about commercial profits"? "A lack of clear governance"? "A failure to communicate basic science properly"? He doesn't seem to be very impressed with NHS England, does he.
... is being put at risk, by the bungled implementation of the care.data project. It was supposed to link all NHS data about all patients together into one giant database, like the one we already have for hospital episodes; instead it has been put on hold for six months, in the face of plummeting public support. It should have been a breeze. But we have seen arrogant paternalism, crass boasts about commercial profits, a lack of clear governance, and a failure to communicate basic science properly.
Nor with Tim Kelsey:
The claim that patient records can be anonymised is false. DMossEsq readers know that – Professor Martyn Thomas told us last June. And Ben Goldacre agrees. He takes himself as an example and demonstrates in his Guardian article how he could be identified in a few simple steps even if his name, address and date of birth are not included in his medical records.
Tim Kelsey is the man running the show: an ex-journalist, passionate and engaging, he has drunk more open-data Kool-Aid than anyone I've ever met. He has evangelised the commercial benefits of sharing NHS data – perhaps because he made millions from setting up a hospital-ranking website with Dr Foster Intelligence – but he is also admirably evangelical about the power of data and transparency to spot problems and drive up standards. Unfortunately, he gets carried away, stepping up and announcing boldly that no identifiable patient data will leave the Health and Social Care Information Centre. Others supporting the scheme have done the same.
DMossEsq readers will also recognise this syndrome of evangelising "the commercial benefits of sharing NHS data" or any other Public Sector Information (PSI). We have come across someone else who's over-indulged in the Kool-Aid, in the form of Stephan Shakespeare.
"Forecasting future benefits is also hard to predict", he told us, and yet he felt confident that "it seems a straightforward decision to invest £143m to make Trading Fund data widely available is a relatively small price to pay to leverage wider economic benefits far exceeding this by orders of magnitude". Which is it? "Hard to predict"? Or "a straightforward decision"? It can't be both.
There's a lot of it about. Professor Sir Nigel Shadbolt's midata project is another example: "A data-enabled online market place will create new services that will take your data and do some really interesting things with it". What "really interesting things"? Once it was put to the test in the midata Innovation Lab, the answer turned out to be none – no really interesting things, not one.
So much for the bold claim made for midata by Ctrl-Shift, the consultancy advising the Department for Business Innovation and Skills (BIS): "Access to such data represents a ‘holy grail’ data to companies because it explains why people do what they do and predicts what they are going to do next". Not only would midata allow BIS to know the future but, conveniently enough, "Ctrl-Shift’s research finds that the market for these new streams of information could grow to be worth £20bn in the UK over the next ten years" (p.14).
Deceitful promises to be able to predict the future are familiar enough throughout history. The only innovation here is how small the Kool-Aid budget is at only £2 billion p.a.
As Ben Goldacre says:
Trust has been punctured by the "crass boasts about commercial profits" and by the false claims as to anonymisation. As for the security of our centralised personal medical records, it's not just the behaviour of GCHQ and the NSA which raises doubts. Ben Goldacre is wrong there.
Trust, of course, is key here, and that's currently in short supply. The NSA leaks showed us that governments were casually helping themselves to our private data. They also showed us that leaks are hard to control, because the National Security Agency of the wealthiest country in the world was unable to stop one young contractor stealing thousands of its most highly sensitive and embarrassing documents.
It's also the daily occurrence of breaches of security on the web. There is no such thing as a secure website. They don't exist. Any more than unicorns.
And where does NHS England's Health and Social Care Information Centre want to put our care.data? In the cloud – just take a look at the extract below from G-Cloud's sales figures as at November 2013. In the cloud where, as DMossEsq readers know, they are guaranteed to lose control of it:
The case he makes against care.data is so convincing that, understandably, as a supporter, Dr Goldacre gets a bit hysterical towards the end of his article ...
"Just what the doctor ordered", you may say, "hang the bodies in the town square".
... we need stiff penalties for infringing medical privacy, on a grand and sadistic scale. Fines are useless, like parking tickets, for individuals and companies: anyone leaking or misusing personal medical data needs a prison sentence, as does their CEO. Their company – and all subsidiaries – should be banned from accessing medical data for a decade. Rush some test cases through, and hang the bodies in the town square.
But no. There's no need for hangings. No need for grand sadism, as he puts it. NHS England have already irrevocably forfeited the trust of patients and GPs and a six-month delay isn't going to put Humpty Dumpty back together again.
Dr Goldacre's faith in the transcendent virtue of care.data may be misplaced:
- Knowledge of all their parishioners' personal data doesn't always help an agency to do good – it didn't stop the Child Support Agency spreading misery all around.
- Auditing the hospitals didn't stop the atrocities of Stafford Hospital.
- Nor did the best regulatory efforts of the Treasury, the FSA (RIP) and the Bank of England prevent the credit crunch of 2008.
- There is no reason to believe that care.data would root out under-performing GPs any more reliably than the systems the NHS already has.
- As to the benefits of research, the NHS already has masses of raw data to investigate, as Dr Goldacre tells us.
And no more "arrogant paternalism" either. "Trust me, I'm a doctor"? Pace Dr Goldacre, we mere laymen are not too stupid to know what's good for us:
We have a golden opportunity in the UK, with 60 million people cared for in one glorious NHS ... the government ... have a good chance of saving a vital data project, and permitting medical research that saves lives on a biblical scale to continue.
The best of luck to medConfidential in the further battles to come over the next six months.
Opt-outs would destroy the data, and the growing calls for an opt-in system would be worse: opt-in killed people by holding back organ donation, and more than that, it would exacerbate social inequality around data, because the poorest patients, those most likely to be unwell, are also the least engaged with services, the least likely to opt in. They would become invisible.
Whitehall's Misfeasance in Public Office (MiPo) Express hurtles on.
On 23 February 2014 the Telegraph published Hospital records of all NHS patients sold to insurers:
There was a helpful follow-up the next day – Patient records should not have been sold, NHS admits. The records shouldn't have been sold. But they were. What is there to stop that happening again? Nothing, as Ben Goldacre had told us in his Guardian article, the HSCIC haven't worked out their procedures yet ...
... a report by a major UK insurance society discloses that it was able to obtain 13 years of hospital data – covering 47 million patients – in order to help companies “refine” their premiums ...
... “uniquely” they were able to combine these details with information from credit ratings agencies, such as Experian, which record the lifestyle habits of milllions of consumers.
The calculations were used to advise companies how to refine their premiums, resulting in increased premiums for most customers below the age of 50 ...
... a subject which arose at yesterday's evidence session held by the House of Commons Health Select Committee. Three hours of unmissable TV during which officials refused to answer MPs' questions and MPs stated that they had already opted out of care.data because they don't trust HSCIC:
The Twittersphere distinguished itself during the course of the hearing. For example:
That really is the end of it for me. If @HSCIC are still hiding info on what went wrong, #caredata is unsupportable http://t.co/5xPQ3dbTN3
— ben goldacre (@bengoldacre) February 25, 2014
Sorry, I’m out. Until @HSCIC commit to showing everyone what went wrong here, #caredata is not fit for purpose. http://t.co/5xPQ3dbTN3
— ben goldacre (@bengoldacre) February 25, 2014
For those of you who don't have time to watch the proceedings or to plough through the tweets, some kind soul has summarised the matter in 3'50" flat, see Tim Kelsey discovers that care.data is in trouble:
What applies to the NHS's care.data applies equally to Professor Sir Nigel Shadbolt's Open Data Institute (ODI). And to Stephan Shakespeare's related National Data Strategy for Public Sector Information (PSI).
And to the Department for Business Innovation and Skills's midata initiative.
And to the Government Digital Service's identity assurance programme, IDA (RIP) – and, thereby, to the whole business of transacting with government via GOV.UK. And to G-Cloud – if people (and companies and partnerships and trusts and charities and ...) can be inveigled into putting all their data in the cloud, they will voluntarily have lost control of it. Instantly.
They're all on the same express. The MiPO Express.