Review of data security, consent and opt-outs

Alison Hall

12 July 2016

The National Data Guardian’s long-awaited review of Data Security, Consent and Opt-Outs attempts to grapple with several enduring challenges which have beset the NHS.

This blog, the first of a series, examines what is perhaps the most intractable issue, namely reconciling the need for more extensive data sharing and data integration with fostering sufficient public trust such that patients and publics are reassured that their data will be utilised for purposes they support and approve of, using sufficiently robust processes – essentially, that there will be ‘no surprises’ for patients and consumers of NHS health care.

Sharing health data and building public trust 

The review identifies eleven recommendations that make proposals for consent and opt-out. Underpinning these is the (correct in our view) assumption that data sharing is needed to ensure safe and effective care, and to build health systems and services that are capable of responding effectively, promptly, consistently and equitably to the evolving needs of their users. The most radical proposal in the Review is that ‘there should be a new consent/opt-out model to allow people to opt out of their personal confidential data being used for purposes beyond their direct care’ (recommendation 11). Indeed, developing such a ‘simple consent/opt-out model that people could more easily understand’ was the mandate to the National Data Guardian from the Secretary of State for Health.

The justification for this approach is that it is a way of building greater public trust in data sharing for health and social care particularly following the fallout from the now disbanded care.data programme. The implicit assumption is that providing individuals with more detailed control about the use of their personal confidential data will enhance individual autonomy, promote empowerment and ultimately improve trust in systems and their trustworthiness.

Whilst enhanced autonomy could indeed be regarded as a benefit to patients and healthcare users that will motivate behaviour change, it remains to be seen whether providing such a model will indeed build trust. Will giving people control only over their personal confidential data (but not over their anonymised data) be sufficient to assuage some people’s concerns about certain, more specific types of uses: such as uses of data by commercial companies, and more specifically, use of data for marketing or insurance? Will people who hold deep-seated concerns about these types of uses be sufficiently reassured or satisfied by a limited opt-out which only impacts on a proportion of data usage?

The consultation on the Review which closes on 7th September 2016 will be an opportunity to gather evidence from the public, healthcare professionals and other stakeholders which could help to answer some of these questions, but our fear is that if the responses to the consultation deem that offering an opt-out is insufficient, then we may find history repeating itself.

Building better care

The case for data sharing still needs to be made to the public - and all health, social care, research and public organisations share in the responsibility for making that case. Other stakeholders including healthcare professionals, providers, regulators and policy makers also need to be convinced of the benefits of data sharing – our report ‘Data Sharing to support UK Genetics and Genomics Services’ goes some way towards doing this for genomic data.

The urgent challenge is for all those who want to see a health service with high quality, safe, effective and evidence based care to be much more vocal and resolute in demonstrating that data sharing is a vital and necessary part of keeping well and an integral component of healthcare: in order to build healthcare systems that work, and that can respond promptly to novel health threats we need to communicate more rather than less; we need to have confidence that users of data systems understand the potential risks and benefits of sloppy practices and of out-of-date technology; and that providers and policy makers prioritise data sharing appropriately over other competing demands.

Rather than offering ‘opt-outs’ we would like to see a more transparent debate about what is required, as part of the social contract, to build personalised and innovative healthcare for all citizens. Whilst excepting that this may inevitably involve lengthy if not difficult discussions, it is nevertheless a debate that we think is long overdue.