I obviously can't speak for everyone, but for me the main concerns are (in no particular order):
1) anonymisation
While I appreciate there are ways to ensure the data are anonymised the articles I've seen have said things like,
NHS Digital does audit some (but not all) of its customers which receive copies of data. Several of these audits have revealed that, not only do organisations break the ‘protections’ in place, but that these do not stop them from getting data once they have been broken. Some of these protections are legal obligations, but audits have shown that one public body did not even conduct a legally-required data protection impact assessment. (
source)
and
The data will be anonymised and given “codes” that can be used to reveal the identity of the data’s owners if there is a “valid legal reason”. Privacy campaigners have said the plans are “legally problematic” and patients have been given a limited window to opt out. (
source)
and
[The General Practice Extraction Service (GPES)] said the pandemic has led to a significant increase in the need for GP data for purposes such as
identifying people most vulnerable to Covid-19, rolling out vaccines and supporting research. It was legally directed to collect and analyse information about patients, including from GP records, for the duration of the coronavirus emergency period. (my bold) (
source)
I'm not particularly worried that people are going to spend their lunch breaks looking up their friends and neighbours to see if they've been afflicted with any horrible diseases but the first quote has me worried on a general level that there may not be sufficient safeguards in place (and let's be honest, the government has a pretty bad track record when it comes to IT systems and accountability) and the others have me worried that the system is too complex to explain clearly (which means it's likely to be accidentally misused) or is just a mess (which given the track record on government IT systems seems highly likely).
2) lack of transparency
NHS Digital published their press release about the scheme on 12 May for a launch on 1 July. That's about 7 weeks between public launch and implementation, and about 6 weeks for patients to hear about the scheme, understand what it means for them, and decide whether or not to opt out before their data gets added. While the press release notes that patients "can opt-out at any time" they don't say that any data provided before opting out will not be removed. Maybe that's because it's too anonymised to find, but that doesn't tally with the quotes saying that the data can be deanonymised if necessary.
Given such a short timeframe you'd expect a publicity blitz, but instead we've got silence. Where's the leaflets through the door? Where's the text messages from your GP? Where's the ads online and in traditional media? It's almost like they don't want us to know. And that makes me suspicious. It feels like conspiracy-minded thinking, I know, but I honestly do not trust this government to do anything that benefits us more than it benefits them.
The
Mythbusting page of NHS Digital says that there was a big publicity campaign in 2018 but that was
3 years ago. Lots has changed since then, and GPs are under enormous pressure (and it's not like they had things easy
back then). They don't have the time right now to be sifting through and registering patients opting out. And if you get your opt-out form in before the deadline but the practice is too busy to register it until after the deadline your data get added and there's no way to remove them.
The press release makes it sound like this is just a tech upgrade,
The current collection system (GPES) performed adequately during the pandemic but is based on legacy technology.
But it's not,
The new service comes with a broadened remit: the data will be used to "support the planning and commissioning of health and care services, the development of health and care policy, public health monitoring and interventions (including COVID-19) and enable many different areas of research."
The service will collect data about diagnoses, symptoms, observations, test results, medications, allergies, immunisations, referrals, recalls and appointments, including information about physical, and mental and sexual health. It will also collect information about data on sex, ethnicity and sexual orientation, and data about staff who have treated patients...
medConfidential has... published a list of the types of data that will be extracted from GP records by the programme. These data points include sensitive details relating to divorce, criminal records, prison and probation, complaints about care, relationship abuse, and child abuse, and info on sensitive diseases, such as AIDS.(
source)
That is a hell of a lot of information to be gathering about people and I find it concerning that a lot of the official information about the scheme is rather disingenuous. For example, everywhere states that you can opt out at any time, but very few point out that any information gathered prior to opting out will be retained. They also make a big deal about this not going to commercial companies or being sold for profit but then make
statements like,
All applications for access to this data must have a health or care benefit and cannot be for solely commercial purposes.
Again, I accept I may be being very conspiratorial in my thinking but that "solely" is potentially doing a lot of work.
3) That it is opt-out, not opt-in
The
NHS Digital Additional Information for GP Practices states,
GP practices have a legal duty to be transparent and to provide patients with information under the UK General Data Protection Regulation (GDPR) about the data they are sharing with others.
If this is the case, why are we not being told that our GPs are going to be sharing our data with this new database? Why are we not being asked if we want to take part? The level of transparency involved here feels more akin to that Arthur Dent experienced than anything actually trying to inform patients about how their data are being used.
I know that getting people to opt-in to things means less participation - that's why organ donation is now opt-out, for example - and tbh I understand why this is opt-out. But being opt-out there should be much more publicity around what's going on so that any implied consent can at least be deemed informed. And given that it is opt-out it should be easier. From what I can tell, there are two different types of opt-out someone can do. There's
the word document form you can print and fill out then give to your GP and there's a
National Data Opt-Out that you can complete online. It's unclear to me if you need to complete both to fully opt out I've read the
Type 1 Opt-Out and
National Opt-Out info multiple times and still can't make sense of it.
From the
Type 1 Opt Out,
If you do not want your identifiable patient data (personally identifiable data in the diagram above) to be shared outside of your GP practice for purposes except for your own care, you can register an opt-out with your GP practice. This is known as a Type 1 Opt-out...
If you do not want NHS Digital to share your identifiable patient data (personally identifiable data in the diagram above) with anyone else for purposes beyond your own care, then you can also register a National Data Opt-out.
From the
National Opt-Out,
If you don’t want your confidential patient information to be shared by NHS Digital for purposes except your own care - either GP data, or other data we hold, such as hospital data - you can register a National Data Opt-out...
From 1 October 2021, the National Data Opt-out will also apply to any confidential patient information shared by your GP practice with other organisations for purposes except your individual care. It won't apply to this data being shared by GP practices with NHS Digital, as it is a legal requirement for GP practices to share this data with NHS Digital and the National Data Opt-out does not apply where there is a legal requirement to share data.
I think that the Type 1 covers GP data and the National Opt Out covers other sources (hospital etc) but I'm not totally sure. I'm a fairly smart person, and if I'm struggling to make sense of this then how the hell is someone who's not got the greatest reading comprehension? The need to read reams of text to find the embedded links to the various forms or opt-out pages (which needs 4 pages of preamble before you get to the "start now" button) is another way of making it hard for people to opt out. Why not just have a page titled "Opting out" with a little bit of preamble and explicit links to both options? From an accessibility point of view it's dire.
TL:DR
Basically, this comes down to an issue of trust. And I just don't have it. The
care.data debacle was caused by concerns over privacy and transparency and the implementation of this scheme suggests that the only thing government has learned is to keep quite so no-one can object until it's too late.