PHG Foundation responds to data security consultation
7 September 2016
PHG Foundation has submitted its response to the Government consultation on the National Data Guardian for Health and Care’s Review of Data Security, Consent and Opt-Outs.
The review, commissioned by Jeremy Hunt in September 2015 and published in July 2016, was asked to consider new data security standards, a method for testing compliance against these standards and a new consent or opt-out model for data sharing in relation to patient confidential data. The proposed consent / opt-out model applies to the use of patient’s personal confidential information beyond their direct care. The model will not apply to anonymised information, or where there is a legal duty to share information or an overriding public interest.
PHG Foundation welcomes the publication of this review and supports its objective to address the question of what more can be done to build trust in how the NHS and social care services look after people’s data and use it. We do however have significant concerns about the proposed consent / opt-out model as we believe it fails to address the fundamental public concerns, it may not necessarily foster the trust it seeks to build, and could threaten the future delivery of better, personalised healthcare.
In our response, we argue that the solution is not to seek to build public trust by extending the scope of opt-outs to encompass all purposes beyond direct care. Rather, we strongly recommend a public engagement programme that enables patients and citizens to appreciate the value of their health data in delivering safe, high quality, evidence based care. This should include a transparent discussion about what is required, as part of the social contract, to build personalised and innovative healthcare for all citizens.
Some of our responses to this consultation draw on the recommendations set out in our recent work with Association for Clinical Geneticists (ACGS), Data sharing to support UK clinical genetics and genomics services in which we argue for the need to develop a common understanding of the value of data sharing and a set of common principles including transparency about the purpose, risks, benefits and safeguards involved.
More effective targeting of prevention, diagnosis and treatment through personalisation and building better healthcare for the future rely on acting now to develop effective and secure data sharing.