NHS Digital's data sharing

Discussions about serious topics, for serious people
User avatar
Sciolus
Dorkwood
Posts: 1313
Joined: Mon Nov 11, 2019 6:42 pm

Re: NHS Digital's data sharing

Post by Sciolus » Mon May 31, 2021 8:56 am

Woodchopper wrote:
Sun May 30, 2021 8:39 pm
They have a new system which replaces the old one which has been around for a decade.

Some info here:
https://www.ukauthority.com/articles/nh ... r-gp-data/
Gotta love a website that talks about data sharing and privacy and claims to be "for the public good" while not offering a "reject cookies" option, in breach of GDPR and its own privacy policy, quite apart from its misleading company trading name.

tom p
After Pie
Posts: 1876
Joined: Mon Nov 11, 2019 1:14 pm
Location: the low countries

Re: NHS Digital's data sharing

Post by tom p » Mon May 31, 2021 4:32 pm

There are currently a number of different private companies that already provide operating software and support free-of-charge to GPs surgeries &, in return, they get to sell anonymised data, and have done for at least 2 decades.
I have worked with data from 3 of them: GPRD & THIN & IMS, between them covering >30% of all GPs surgeries in the UK if I'm not wrong (and some GPs & specialists in France & Germany too), so if you have ever been to a GP in the UK, there's a 1 in 3 chance I could have seen your data. And, you know what, I would have no way of knowing it's you.
Each patient is very effectively anonymised: Firstly you have no idea which GP surgery it is - you get a region of the country. I think it's about 10ish regions. Then there's a code for the patient, which is held at the GP's surgery, so the people at GPRD, THIN or IMS never actually know who a patient is.
What I can do is see age, sex, year of birth (if memory serves), links between mother & baby (a recentish addition - can't remember if father & child links are included) and the code which tells me that I'm following the same person. Then from there you can see all their health records, but you don't know whose records you are seeing & that's the important bit.
What would be great would be a common primary key to see if a patient leaves a surgery and turns up at another one or goes to a hospital or whatever, to follow their treatment over the years (one of the key points of using such data) without sudden unexplained dropouts that could be moving house as much as it could be death. I suspect that that's what the point of the sharing key is for.

I don't believe for one second that NHS digital would be so stupid as to use a patient's NHS number as their primary key. They will have some link, hopefully in a very secure environment somewhere, between NHS number (which you might know, which your surgery knows & which your hospital should know) and the PK used for your data when distributing it.

User avatar
basementer
Dorkwood
Posts: 1504
Joined: Mon Nov 11, 2019 1:03 pm
Location: 8024, Aotearoa
Contact:

Re: NHS Digital's data sharing

Post by basementer » Mon May 31, 2021 5:04 pm

I had a couple of contracts writing code to spec at IMS Health, so can confirm what Tom says about the level of detail they hold.
Money is just a substitute for luck anyway. - Tom Siddell

User avatar
bolo
Dorkwood
Posts: 1016
Joined: Mon Nov 11, 2019 1:17 pm
Location: Washington DC

Re: NHS Digital's data sharing

Post by bolo » Mon May 31, 2021 5:45 pm

Imagine a record for a woman in the Midlands, born in 1976, with daughters born in 1998 and 2003 and a son born in 2012. How many people do you think that matches? Make your own estimate; mine is a few hundred at most. Now add (as Tom suggests) a connection between the records of people who move regions, and know that this woman moved to the Midlands from the South West in 2007. It wouldn't surprise me if there is only one such person. If your guess is a larger number, add that the 1998 daughter moved to London in 2018 and had a son in 2020.

No, you don't know who this woman is based on that information, but if you have all of the above from some other source -- maybe you know her, or maybe she's a public figure whose basic biographical info is on Wikipedia -- then now you can find her in the anonymized medical records.

So there needs to be strict oversight of access to the records, and how they are used, not just anonymization.

tom p
After Pie
Posts: 1876
Joined: Mon Nov 11, 2019 1:14 pm
Location: the low countries

Re: NHS Digital's data sharing

Post by tom p » Mon May 31, 2021 6:09 pm

bolo wrote:
Mon May 31, 2021 5:45 pm
Imagine a record for a woman in the Midlands, born in 1976, with daughters born in 1998 and 2003 and a son born in 2012. How many people do you think that matches? Make your own estimate; mine is a few hundred at most. Now add (as Tom suggests) a connection between the records of people who move regions, and know that this woman moved to the Midlands from the South West in 2007. It wouldn't surprise me if there is only one such person. If your guess is a larger number, add that the 1998 daughter moved to London in 2018 and had a son in 2020.

No, you don't know who this woman is based on that information, but if you have all of the above from some other source -- maybe you know her, or maybe she's a public figure whose basic biographical info is on Wikipedia -- then now you can find her in the anonymized medical records.

So there needs to be strict oversight of access to the records, and how they are used, not just anonymization.
Public figures are a bad example & are often kept off such records for such a reason.

User avatar
Fishnut
After Pie
Posts: 2447
Joined: Mon Nov 11, 2019 1:15 pm
Location: UK

Re: NHS Digital's data sharing

Post by Fishnut » Tue Jun 01, 2021 11:58 am

Several doctors surgeries have decided to withhold patient records from the scheme.
All 36 doctors’ surgeries in Tower Hamlets, east London, have already agreed to withhold the data when collection begins on 1 July, the Guardian understands. An email has been circulated to about 100 practices across north-east London calling on them to also consider whether the data collection is legitimate, with the hope that it will spread to many more. The email makes clear the refusal to share the data is technically a breach of the Health and Social Care Act 2012...

An email sent out to about 100 surgeries on Monday night by Dr Osman Bhatti, the chief clinical information officer for the NHS North East London clinical commissioning group, and co-signed by Dr Jackie Applebee, the chair of Tower Hamlets local medical committee, called on doctors to withhold data until they are satisfied patients have had enough time to consider the plan.
it's okay to say "I don't know"

Millennie Al
After Pie
Posts: 1621
Joined: Mon Mar 16, 2020 4:02 am

Re: NHS Digital's data sharing

Post by Millennie Al » Wed Jun 02, 2021 12:49 am

tom p wrote:
Mon May 31, 2021 4:32 pm
Each patient is very effectively anonymised: Firstly you have no idea which GP surgery it is - you get a region of the country. I think it's about 10ish regions. Then there's a code for the patient, which is held at the GP's surgery, so the people at GPRD, THIN or IMS never actually know who a patient is.
What I can do is see age, sex, year of birth (if memory serves), links between mother & baby (a recentish addition - can't remember if father & child links are included) and the code which tells me that I'm following the same person. Then from there you can see all their health records, but you don't know whose records you are seeing & that's the important bit.
The strength of anonymisation is not caused by people failing to imagine how to de-anonymise. It depends on there not being any method, including mathods not yet thought of.

In the case of medical records, if we assume that there are five days a week that someone might visit their GP then there are about 250 possible days a year. Given a patient who visits on four random days, that is one in 250^4 = 3,906,250,000 Since there are less than 55,000,000 people in England, that is considerably more than enough to identify an individual even if you don't know which region each visit took place in. Obviously in real life people do not visit their GP at random, but even for regular visits there will be a small random element. If you're someone's employer, you may know when they visit a GP from sick days they take, and you also know their sex and age, so in many cases access to the dataset would allow you to find their record. This would vary depending on the individual - the perfectly healthy person who visits once in ten years to get a vaccination would be impossible to identify, but someone with chronic illness, or who had a series of unfortunate minor accidents might be easy. Knowing the purpose of a visit could narrow it down a lot.

Ultimately, you cannot permanently anonymise records unless the records fall into groups where members are indistinguishable. Otherwise they can be de-anonymised from the data itself.

tom p
After Pie
Posts: 1876
Joined: Mon Nov 11, 2019 1:14 pm
Location: the low countries

Re: NHS Digital's data sharing

Post by tom p » Wed Jun 02, 2021 7:54 am

I think I see the problem. People are assuming the data will just be free for anyone to download and easy to understand. My understanding is that it will not.
As things currently stand, my employer has a contract with the providers for named users & we get the most information. We also had to have specific training on how to use the (not always intuitive) tables and suchlike. My equally-trained colleague might be able to identify me, if she can remember what days I was off sick, but otherwise nobody else could.
If there is to be some greater opening out of the data, then there is no way that anything with dates or ages will be made available to the world.
Your boss won't just be able to idly browse for people of your gender born in your year who live in your region to search for known dates of doctors appointments in order to then see the rest of your medical history.

User avatar
Woodchopper
Princess POW
Posts: 7057
Joined: Sat Oct 12, 2019 9:05 am

Re: NHS Digital's data sharing

Post by Woodchopper » Wed Jun 02, 2021 8:01 am

Millennie Al wrote:
Wed Jun 02, 2021 12:49 am
tom p wrote:
Mon May 31, 2021 4:32 pm
Each patient is very effectively anonymised: Firstly you have no idea which GP surgery it is - you get a region of the country. I think it's about 10ish regions. Then there's a code for the patient, which is held at the GP's surgery, so the people at GPRD, THIN or IMS never actually know who a patient is.
What I can do is see age, sex, year of birth (if memory serves), links between mother & baby (a recentish addition - can't remember if father & child links are included) and the code which tells me that I'm following the same person. Then from there you can see all their health records, but you don't know whose records you are seeing & that's the important bit.
The strength of anonymisation is not caused by people failing to imagine how to de-anonymise. It depends on there not being any method, including mathods not yet thought of.

In the case of medical records, if we assume that there are five days a week that someone might visit their GP then there are about 250 possible days a year. Given a patient who visits on four random days, that is one in 250^4 = 3,906,250,000 Since there are less than 55,000,000 people in England, that is considerably more than enough to identify an individual even if you don't know which region each visit took place in. Obviously in real life people do not visit their GP at random, but even for regular visits there will be a small random element. If you're someone's employer, you may know when they visit a GP from sick days they take, and you also know their sex and age, so in many cases access to the dataset would allow you to find their record. This would vary depending on the individual - the perfectly healthy person who visits once in ten years to get a vaccination would be impossible to identify, but someone with chronic illness, or who had a series of unfortunate minor accidents might be easy. Knowing the purpose of a visit could narrow it down a lot.

Ultimately, you cannot permanently anonymise records unless the records fall into groups where members are indistinguishable. Otherwise they can be de-anonymised from the data itself.
That's correct, and someone who thought they'd be targeted could opt out of the system.

But in your scenario, in order to cross refer employment records with the medical records at least two people would need to conspire to commit criminal offences and actions which would get them fired.

Certainly, that could happen. But if you're worried about that your medical records aren't safe in any form. You are far more at risk from someone in your GP practice logging in and copying your medical records.

I don't know what you think, but in general it seems odd to me that lots of people seem to be blasé about the very easy ways that their data could be shared from where its currently stored, but very concerned about the risks of it being transferred somewhere else. Personally, I'd be more worried about data security in a GP surgery than in a pharma company. The former are far more likely to be amateurs.

User avatar
Fishnut
After Pie
Posts: 2447
Joined: Mon Nov 11, 2019 1:15 pm
Location: UK

Re: NHS Digital's data sharing

Post by Fishnut » Wed Jun 02, 2021 10:16 am

I obviously can't speak for everyone, but for me the main concerns are (in no particular order):

1) anonymisation
While I appreciate there are ways to ensure the data are anonymised the articles I've seen have said things like,
NHS Digital does audit some (but not all) of its customers which receive copies of data. Several of these audits have revealed that, not only do organisations break the ‘protections’ in place, but that these do not stop them from getting data once they have been broken. Some of these protections are legal obligations, but audits have shown that one public body did not even conduct a legally-required data protection impact assessment. (source)
and
The data will be anonymised and given “codes” that can be used to reveal the identity of the data’s owners if there is a “valid legal reason”. Privacy campaigners have said the plans are “legally problematic” and patients have been given a limited window to opt out. (source)
and
[The General Practice Extraction Service (GPES)] said the pandemic has led to a significant increase in the need for GP data for purposes such as identifying people most vulnerable to Covid-19, rolling out vaccines and supporting research. It was legally directed to collect and analyse information about patients, including from GP records, for the duration of the coronavirus emergency period. (my bold) (source)

I'm not particularly worried that people are going to spend their lunch breaks looking up their friends and neighbours to see if they've been afflicted with any horrible diseases but the first quote has me worried on a general level that there may not be sufficient safeguards in place (and let's be honest, the government has a pretty bad track record when it comes to IT systems and accountability) and the others have me worried that the system is too complex to explain clearly (which means it's likely to be accidentally misused) or is just a mess (which given the track record on government IT systems seems highly likely).

2) lack of transparency
NHS Digital published their press release about the scheme on 12 May for a launch on 1 July. That's about 7 weeks between public launch and implementation, and about 6 weeks for patients to hear about the scheme, understand what it means for them, and decide whether or not to opt out before their data gets added. While the press release notes that patients "can opt-out at any time" they don't say that any data provided before opting out will not be removed. Maybe that's because it's too anonymised to find, but that doesn't tally with the quotes saying that the data can be deanonymised if necessary.

Given such a short timeframe you'd expect a publicity blitz, but instead we've got silence. Where's the leaflets through the door? Where's the text messages from your GP? Where's the ads online and in traditional media? It's almost like they don't want us to know. And that makes me suspicious. It feels like conspiracy-minded thinking, I know, but I honestly do not trust this government to do anything that benefits us more than it benefits them.

The Mythbusting page of NHS Digital says that there was a big publicity campaign in 2018 but that was 3 years ago. Lots has changed since then, and GPs are under enormous pressure (and it's not like they had things easy back then). They don't have the time right now to be sifting through and registering patients opting out. And if you get your opt-out form in before the deadline but the practice is too busy to register it until after the deadline your data get added and there's no way to remove them.

The press release makes it sound like this is just a tech upgrade,
The current collection system (GPES) performed adequately during the pandemic but is based on legacy technology. 
But it's not,
The new service comes with a broadened remit: the data will be used to "support the planning and commissioning of health and care services, the development of health and care policy, public health monitoring and interventions (including COVID-19) and enable many different areas of research."

The service will collect data about diagnoses, symptoms, observations, test results, medications, allergies, immunisations, referrals, recalls and appointments, including information about physical, and mental and sexual health. It will also collect information about data on sex, ethnicity and sexual orientation, and data about staff who have treated patients...

medConfidential has... published a list of the types of data that will be extracted from GP records by the programme. These data points include sensitive details relating to divorce, criminal records, prison and probation, complaints about care, relationship abuse, and child abuse, and info on sensitive diseases, such as AIDS.(source)
That is a hell of a lot of information to be gathering about people and I find it concerning that a lot of the official information about the scheme is rather disingenuous. For example, everywhere states that you can opt out at any time, but very few point out that any information gathered prior to opting out will be retained. They also make a big deal about this not going to commercial companies or being sold for profit but then make statements like,
All applications for access to this data must have a health or care benefit and cannot be for solely commercial purposes.
Again, I accept I may be being very conspiratorial in my thinking but that "solely" is potentially doing a lot of work.

3) That it is opt-out, not opt-in
The NHS Digital Additional Information for GP Practices states,
GP practices have a legal duty to be transparent and to provide patients with information under the UK General Data Protection Regulation (GDPR) about the data they are sharing with others.
If this is the case, why are we not being told that our GPs are going to be sharing our data with this new database? Why are we not being asked if we want to take part? The level of transparency involved here feels more akin to that Arthur Dent experienced than anything actually trying to inform patients about how their data are being used.

I know that getting people to opt-in to things means less participation - that's why organ donation is now opt-out, for example - and tbh I understand why this is opt-out. But being opt-out there should be much more publicity around what's going on so that any implied consent can at least be deemed informed. And given that it is opt-out it should be easier. From what I can tell, there are two different types of opt-out someone can do. There's the word document form you can print and fill out then give to your GP and there's a National Data Opt-Out that you can complete online. It's unclear to me if you need to complete both to fully opt out I've read the Type 1 Opt-Out and National Opt-Out info multiple times and still can't make sense of it.

From the Type 1 Opt Out,
If you do not want your identifiable patient data (personally identifiable data in the diagram above) to be shared outside of your GP practice for purposes except for your own care, you can register an opt-out with your GP practice. This is known as a Type 1 Opt-out...

If you do not want NHS Digital to share your identifiable patient data (personally identifiable data in the diagram above) with anyone else for purposes beyond your own care, then you can also register a National Data Opt-out.
From the National Opt-Out,
If you don’t want your confidential patient information to be shared by NHS Digital for purposes except your own care - either GP data, or other data we hold, such as hospital data - you can register a National Data Opt-out...

From 1 October 2021, the National Data Opt-out will also apply to any confidential patient information shared by your GP practice with other organisations for purposes except your individual care. It won't apply to this data being shared by GP practices with NHS Digital, as it is a legal requirement for GP practices to share this data with NHS Digital and the National Data Opt-out does not apply where there is a legal requirement to share data.
I think that the Type 1 covers GP data and the National Opt Out covers other sources (hospital etc) but I'm not totally sure. I'm a fairly smart person, and if I'm struggling to make sense of this then how the hell is someone who's not got the greatest reading comprehension? The need to read reams of text to find the embedded links to the various forms or opt-out pages (which needs 4 pages of preamble before you get to the "start now" button) is another way of making it hard for people to opt out. Why not just have a page titled "Opting out" with a little bit of preamble and explicit links to both options? From an accessibility point of view it's dire.

TL:DR
Basically, this comes down to an issue of trust. And I just don't have it. The care.data debacle was caused by concerns over privacy and transparency and the implementation of this scheme suggests that the only thing government has learned is to keep quite so no-one can object until it's too late.
Last edited by Stephanie on Wed Jun 02, 2021 11:47 am, edited 1 time in total.
Reason: fixing url
it's okay to say "I don't know"

tom p
After Pie
Posts: 1876
Joined: Mon Nov 11, 2019 1:14 pm
Location: the low countries

Re: NHS Digital's data sharing

Post by tom p » Wed Jun 02, 2021 1:06 pm

Hi fishnut, I don't have the time to respond to all of your thoughful post, but this bit jumped out at me...
Fishnut wrote:
Wed Jun 02, 2021 10:16 am
I obviously can't speak for everyone, but for me the main concerns are (in no particular order):

1) anonymisation
...
and
[The General Practice Extraction Service (GPES)] said the pandemic has led to a significant increase in the need for GP data for purposes such as identifying people most vulnerable to Covid-19, rolling out vaccines and supporting research. It was legally directed to collect and analyse information about patients, including from GP records, for the duration of the coronavirus emergency period. (my bold) (source)

I'm not particularly worried that people are going to spend their lunch breaks looking up their friends and neighbours to see if they've been afflicted with any horrible diseases but the first quote has me worried on a general level that there may not be sufficient safeguards in place (and let's be honest, the government has a pretty bad track record when it comes to IT systems and accountability) and the others have me worried that the system is too complex to explain clearly (which means it's likely to be accidentally misused) or is just a mess (which given the track record on government IT systems seems highly likely).
Again - these bodies won't be given info to identify people. The GPES won't be inventing the wheel (as government IT often is, which is a large part of the problem with their projects). They can just use the existing safeguards in place in the same way. Why wouldn't you want public health england/scotland/wales or the MHRA to be able to review a big enough database to see if there's a common cause behind long COVID or other especially poor outcomes? Or a common cause behind the thrombocytopenic thromboembolic syndrome or other, rarer side effects to vaccines?

If I knew what the things which put people at risk of a poor reaction to COVID were, I could identify patients (identifiable by their code number, but not who they are) and then contact the companies which supply us the data. They hold a key to which surgery each patient comes from. They can write to the surgery and say patients XYHMSDG34, VBNASKSDUJ28 AND GKFUJSDH11 are all at risk of severe COVID outcomes - you should prioritise them. Now I have no role to do this & nor do the providers, but PHE or equivalent do. Equally, the MHRA could write to GPES, who could write to GPs & say 'patient X, Y & Z should be given Pfizer/Moderna and NOT AZ/JnJ 'cos they are at risk of TTS'. How is this anything other than a good thing?

As things stand, it seems you don't mind IMS Health, THIN, GPRD or other companies already having that data and selling access to it to drugs companies already or indeed the nosy secretary in your GP surgery (who actually might know people you know) having unfettered access to all your records, but as soon as a body that will be searching anonymised versions of it to try and help the public might have it, you're worried.

All I've done in this thread is play whack-a-mole, so here's a good reason for this to happen: there hasn't been nearly enough good quality research into many women's health issues. And what there has (e.g. the infamous Women's Health Initiative study that erroneously concluded that HRT was bad for women) has often been rather problematic, but also hard to shake from the public consciousness. Part of the reason is the inherent sexism in society, which bleeds into the medical profession, and another part is the inherent sexism in society that leads to women having less disposable income and thus there being less potential profit to be made. This means that expensive things like a study on hundreds of thousands of women just don't get done, either by public funding or private.
If this data is available, then a single university would have the resources to perform a huge study that would be genuinely revolutionary and could significantly positively impact the health of all women in the world (or at least those lucky enough to live in a society where things like HRT are available). Even if there were still a blindspot regarding womens health, the cost of running such studies could be met by a smallish group that is decent at raising funds. We're talking 10s of k, rather than 10s to hundreds of millions.


ETA: HMG has a strong track record in protecting very personal data while allowing anonymised/grouped data to be used by others, see the census for one great example

User avatar
Fishnut
After Pie
Posts: 2447
Joined: Mon Nov 11, 2019 1:15 pm
Location: UK

Re: NHS Digital's data sharing

Post by Fishnut » Wed Jun 02, 2021 2:30 pm

tom p wrote:
Wed Jun 02, 2021 1:06 pm
As things stand, it seems you don't mind IMS Health, THIN, GPRD or other companies already having that data and selling access to it to drugs companies already or indeed the nosy secretary in your GP surgery (who actually might know people you know) having unfettered access to all your records, but as soon as a body that will be searching anonymised versions of it to try and help the public might have it, you're worried.
I'm not sure that telling me about all the other organisations that have unasked-for access to my medical information is really the reassurance I'm looking for.
tom p wrote:
Wed Jun 02, 2021 1:06 pm
All I've done in this thread is play whack-a-mole, so here's a good reason for this to happen: there hasn't been nearly enough good quality research into many women's health issues. And what there has (e.g. the infamous Women's Health Initiative study that erroneously concluded that HRT was bad for women) has often been rather problematic, but also hard to shake from the public consciousness. Part of the reason is the inherent sexism in society, which bleeds into the medical profession, and another part is the inherent sexism in society that leads to women having less disposable income and thus there being less potential profit to be made. This means that expensive things like a study on hundreds of thousands of women just don't get done, either by public funding or private.

If this data is available, then a single university would have the resources to perform a huge study that would be genuinely revolutionary and could significantly positively impact the health of all women in the world (or at least those lucky enough to live in a society where things like HRT are available). Even if there were still a blindspot regarding womens health, the cost of running such studies could be met by a smallish group that is decent at raising funds. We're talking 10s of k, rather than 10s to hundreds of millions.
Nice play to my interests there! But just because the data is available for people to examine doesn't mean they're suddenly going to prioritise health issues that affect women. The Cumberlege report was published last year and talks about how it took 40 years of women complaining about the damage caused by sodium valproate use in pregnancy for any proper action to be taken and for its use to be limited. It was patients, not doctors, who raised concerns about pelvic mesh yet they were ignored for years.
Time and time again women told us that those conducting follow-up research only asked about selected outcomes, often only surgical outcomes. For example, in following up SUI surgery, they asked about continence. Objective surgical outcomes are vital, but so are patient-reported outcomes. The women tell us that questions were not asked about other important outcomes, such as pain or sexual functioning.(p151)
Last year we had the CQC admit that,
38% of [NHS maternity units] were deemed to require improvement for patient safety and some could get even worse... [Prof Ted Baker, chief inspector of hospitals for the Care Quality Commission] said many NHS maternity units were in danger of repeating fatal mistakes made at what became the University Hospitals of Morecambe Bay NHS foundation trust (UHMBT), despite a high profile 2015 report finding that a “lethal mix” of failings at almost every level led to the unnecessary deaths of one mother and 11 babies.
Also last year we had the All Party Parliamentary Group on Endometriosis report that,
those with endometriosis are waiting an average of 8 years for a diagnosis, despite over 58% visiting their GP 10 or more times with symptoms, 53% visiting A&E with symptoms, and 21% seeing doctors in hospital 10 or more times with symptoms. (p6)
If this all feels rather off-topic then apologies. But my point is, if doctors aren't listening to the women right in front of them then why the hell should I trust that they're going to listen to an anonymised database? Why, when there are clear problems with women's healthcare staring us in the face that we are failing to tackle should I believe for one second that someone's going to bother to come up with a research project looking at anything to do with women's health that will result in anything beneficial to us? The problem as far as I see it isn't that there isn't good enough data about women's health, it's that no-one's bothering to use it.
it's okay to say "I don't know"

User avatar
Gfamily
Light of Blast
Posts: 5180
Joined: Mon Nov 11, 2019 1:00 pm
Location: NW England

Re: NHS Digital's data sharing

Post by Gfamily » Wed Jun 02, 2021 3:05 pm

Fishnut wrote:
Wed Jun 02, 2021 10:16 am
[The General Practice Extraction Service (GPES)] said the pandemic has led to a significant increase in the need for GP data for purposes such as identifying people most vulnerable to Covid-19, rolling out vaccines and supporting research. It was legally directed to collect and analyse information about patients, including from GP records, for the duration of the coronavirus emergency period. (my bold) (source)
To be honest, I'm not sure that the use of GPES for Covid went much further than identifying people who might have had vulnerabilities, by looking for specific chronic or recent medical codings and allowing them to be put on the shielding list or prioritised for vaccination*.

There may have been more in-depth examination of correlating factors, but I've not seen anything to suggest that's going on.

I know that they have been using UK Biobank data for analysis, but one of their problems was that the participating cohort didn't have many people in the 20s and 30s, so they asked those of us in our 50s and 60s if we had family members that would be happy to join in testing.

* a friend in her 40s was called for early vaccination "because of her medical history", but she had nothing unusual that she was aware of (only relatively recent thing was endoscopy a few years ago that didn't show anything specific).
My avatar was a scientific result that was later found to be 'mistaken' - I rarely claim to be 100% correct
ETA 5/8/20: I've been advised that the result was correct, it was the initial interpretation that needed to be withdrawn
Meta? I'd say so!

tom p
After Pie
Posts: 1876
Joined: Mon Nov 11, 2019 1:14 pm
Location: the low countries

Re: NHS Digital's data sharing

Post by tom p » Wed Jun 02, 2021 4:40 pm

Fishnut wrote:
Wed Jun 02, 2021 2:30 pm
tom p wrote:
Wed Jun 02, 2021 1:06 pm
As things stand, it seems you don't mind IMS Health, THIN, GPRD or other companies already having that data and selling access to it to drugs companies already or indeed the nosy secretary in your GP surgery (who actually might know people you know) having unfettered access to all your records, but as soon as a body that will be searching anonymised versions of it to try and help the public might have it, you're worried.
I'm not sure that telling me about all the other organisations that have unasked-for access to my medical information is really the reassurance I'm looking for.
When you signed up to your GP's surgery, there was probably a box to tick about data sharing. It will have been asked for.
Fishnut wrote:
Wed Jun 02, 2021 2:30 pm
tom p wrote:
Wed Jun 02, 2021 1:06 pm
All I've done in this thread is play whack-a-mole, so here's a good reason for this to happen: there hasn't been nearly enough good quality research into many women's health issues. And what there has (e.g. the infamous Women's Health Initiative study that erroneously concluded that HRT was bad for women) has often been rather problematic, but also hard to shake from the public consciousness. Part of the reason is the inherent sexism in society, which bleeds into the medical profession, and another part is the inherent sexism in society that leads to women having less disposable income and thus there being less potential profit to be made. This means that expensive things like a study on hundreds of thousands of women just don't get done, either by public funding or private.

If this data is available, then a single university would have the resources to perform a huge study that would be genuinely revolutionary and could significantly positively impact the health of all women in the world (or at least those lucky enough to live in a society where things like HRT are available). Even if there were still a blindspot regarding womens health, the cost of running such studies could be met by a smallish group that is decent at raising funds. We're talking 10s of k, rather than 10s to hundreds of millions.
Nice play to my interests there!
They're not just your interests. They are also those of anyone who gives a f.ck about any woman. Only a narcissistic misogynist like Trump would fall outside that group. Also, it is a truth universally acknowledged by almost every woman I've ever talked to about such matters that women's health concerns are not taken seriously by doctors & so this is the most relevant issue where this could help the most people (other issues would be helping fewer than 50% of the population). But even so, why not use an example that resonates with the reader? What's actually wrong with that?
Fishnut wrote:
Wed Jun 02, 2021 2:30 pm
But just because the data is available for people to examine doesn't mean they're suddenly going to prioritise health issues that affect women. The Cumberlege report was published last year and talks about how it took 40 years of women complaining about the damage caused by sodium valproate use in pregnancy for any proper action to be taken and for its use to be limited.
Again, a big database like this would be invaluable for finding such links faster and more cheaply than doing a prospective study. Orders of magnitude cheaper. Every single drug ever prescribed to a woman during pregnancy could be reviewed and the rates of childhood deformities and potential adverse effects to the pregnant woman) reviewed. This isn't just affecting women, by the way. Dads love their kids too & babies can be male or female.
Fishnut wrote:
Wed Jun 02, 2021 2:30 pm
It was patients, not doctors, who raised concerns about pelvic mesh yet they were ignored for years.
Time and time again women told us that those conducting follow-up research only asked about selected outcomes, often only surgical outcomes. For example, in following up SUI surgery, they asked about continence. Objective surgical outcomes are vital, but so are patient-reported outcomes. The women tell us that questions were not asked about other important outcomes, such as pain or sexual functioning.(p151)
There is no serious equivalent of pharmacovigilance for surgical procedures, and I think it's scandalous. This could also help correct that. In fact, this is a great use-cases for such a database. Spot the patient who has been referred for such a procedure, follow them up for health issues. Compare with patients with similar history/diagnosis not referred for the procedure. The MHRA will need to start getting serious about devices eventually, and this makes it both possible and far more powerful than just spontaneous reporting.

[irrelevant bit about maternity unit failings snipped & intentionally ignored]
Fishnut wrote:
Wed Jun 02, 2021 2:30 pm
Also last year we had the All Party Parliamentary Group on Endometriosis report that,
those with endometriosis are waiting an average of 8 years for a diagnosis, despite over 58% visiting their GP 10 or more times with symptoms, 53% visiting A&E with symptoms, and 21% seeing doctors in hospital 10 or more times with symptoms. (p6)
If this all feels rather off-topic then apologies. But my point is, if doctors aren't listening to the women right in front of them then why the hell should I trust that they're going to listen to an anonymised database? Why, when there are clear problems with women's healthcare staring us in the face that we are failing to tackle should I believe for one second that someone's going to bother to come up with a research project looking at anything to do with women's health that will result in anything beneficial to us? The problem as far as I see it isn't that there isn't good enough data about women's health, it's that no-one's bothering to use it.
It wouldn't be "listen to an anonymised database"; it would be "listen to a big, widely-publicised, study". Which they already do, rather than listen to the woman in front of them: following the Women's Health Initiative publication, tens to hundreds of thousands of women on HRT, who were very happy and thriving on it, were taken off it because their doctors ignored the patient in front of them and listened to the study. This is a big thing & a perfect example of why study trumps patient in a doctor's mind, even when it shouldn't, and why having the ability to run such studies would be great.

Endometriosis is a great example of where such a database would be even more useful - these kinds of long-running things with symptoms which could be a number of different things, and patient who will often present with one symptom or another, but not usually all the symptoms at once. The time-pressed doctor finds it hard to check the whole history and doesn't spot the trend. A&E are useless for such things - amazing for life-threatening or critical moments, the last place to go (except for out of hours pain relief) for chronic things.
How it could work is this:
First: Identify clusters of symptoms that are clearly endometriosis.
Second: Review GP database for patients who have such symptoms, but don't have a diagnosis of endometriosis.
Third: have NHS digital contact the GPs to say 'these patients have symptoms consistent with endometriosis, please can you call them in for an appointment & review and, unless there's a good reason not to, refer them to a gynaecologist. Direct patient help without ever being deanonymised to the researchers.
It would probably only take a few months of a handful of people's time to identify almost every endometriosis case in the UK.
Doctors will hate it (being told what to do? Ugh!), but it will revolutionise the lives of patients with such chronic diseases. And not just disease - it could be invaluable in identifying menopause/perimenopause - get the quack to book in the patient for a sequence of blood tests every few weeks for a few months to measure hormone levels and get an accurate idea of whether they are in menopause, then get them on HRT early doors if they want it.

As I mentioned before, when things get as cheap as this will make it, then even neglected matters concerning unimportant minorities like women will get sorted.

User avatar
Fishnut
After Pie
Posts: 2447
Joined: Mon Nov 11, 2019 1:15 pm
Location: UK

Re: NHS Digital's data sharing

Post by Fishnut » Wed Jun 02, 2021 5:07 pm

tom p wrote:
Wed Jun 02, 2021 4:40 pm
They're not just your interests. They are also those of anyone who gives a f.ck about any woman. Only a narcissistic misogynist like Trump would fall outside that group. Also, it is a truth universally acknowledged by almost every woman I've ever talked to about such matters that women's health concerns are not taken seriously by doctors & so this is the most relevant issue where this could help the most people (other issues would be helping fewer than 50% of the population). But even so, why not use an example that resonates with the reader? What's actually wrong with that?
There's nothing wrong with using an example that resonates with the reader, and if my response came across as an accusation of some sort of manipulation I apologise. That wasn't my intention.
tom p wrote:
Wed Jun 02, 2021 4:40 pm
Endometriosis is a great example of where such a database would be even more useful - these kinds of long-running things with symptoms which could be a number of different things, and patient who will often present with one symptom or another, but not usually all the symptoms at once. The time-pressed doctor finds it hard to check the whole history and doesn't spot the trend. A&E are useless for such things - amazing for life-threatening or critical moments, the last place to go (except for out of hours pain relief) for chronic things.
How it could work is this:
First: Identify clusters of symptoms that are clearly endometriosis.
Second: Review GP database for patients who have such symptoms, but don't have a diagnosis of endometriosis.
Third: have NHS digital contact the GPs to say 'these patients have symptoms consistent with endometriosis, please can you call them in for an appointment & review and, unless there's a good reason not to, refer them to a gynaecologist. Direct patient help without ever being deanonymised to the researchers.
It would probably only take a few months of a handful of people's time to identify almost every endometriosis case in the UK.
Doctors will hate it (being told what to do? Ugh!), but it will revolutionise the lives of patients with such chronic diseases. And not just disease - it could be invaluable in identifying menopause/perimenopause - get the quack to book in the patient for a sequence of blood tests every few weeks for a few months to measure hormone levels and get an accurate idea of whether they are in menopause, then get them on HRT early doors if they want it.
That sounds amazing. And if it happens then I'll be ecstatic. But I'll believe it when I see it.
it's okay to say "I don't know"

tom p
After Pie
Posts: 1876
Joined: Mon Nov 11, 2019 1:14 pm
Location: the low countries

Re: NHS Digital's data sharing

Post by tom p » Wed Jun 02, 2021 8:04 pm

Fishnut wrote:
Wed Jun 02, 2021 5:07 pm
tom p wrote:
Wed Jun 02, 2021 4:40 pm
They're not just your interests. They are also those of anyone who gives a f.ck about any woman. Only a narcissistic misogynist like Trump would fall outside that group. Also, it is a truth universally acknowledged by almost every woman I've ever talked to about such matters that women's health concerns are not taken seriously by doctors & so this is the most relevant issue where this could help the most people (other issues would be helping fewer than 50% of the population). But even so, why not use an example that resonates with the reader? What's actually wrong with that?
There's nothing wrong with using an example that resonates with the reader, and if my response came across as an accusation of some sort of manipulation I apologise. That wasn't my intention.
tom p wrote:
Wed Jun 02, 2021 4:40 pm
Endometriosis is a great example of where such a database would be even more useful - these kinds of long-running things with symptoms which could be a number of different things, and patient who will often present with one symptom or another, but not usually all the symptoms at once. The time-pressed doctor finds it hard to check the whole history and doesn't spot the trend. A&E are useless for such things - amazing for life-threatening or critical moments, the last place to go (except for out of hours pain relief) for chronic things.
How it could work is this:
First: Identify clusters of symptoms that are clearly endometriosis.
Second: Review GP database for patients who have such symptoms, but don't have a diagnosis of endometriosis.
Third: have NHS digital contact the GPs to say 'these patients have symptoms consistent with endometriosis, please can you call them in for an appointment & review and, unless there's a good reason not to, refer them to a gynaecologist. Direct patient help without ever being deanonymised to the researchers.
It would probably only take a few months of a handful of people's time to identify almost every endometriosis case in the UK.
Doctors will hate it (being told what to do? Ugh!), but it will revolutionise the lives of patients with such chronic diseases. And not just disease - it could be invaluable in identifying menopause/perimenopause - get the quack to book in the patient for a sequence of blood tests every few weeks for a few months to measure hormone levels and get an accurate idea of whether they are in menopause, then get them on HRT early doors if they want it.
That sounds amazing. And if it happens then I'll be ecstatic. But I'll believe it when I see it.
Your scepticism is well-placed, but this makes it possible to do summat like this.
I would suggest that this is the sort of thing that scicomms people with skin in the game might want to campaign for. The cost would be so small, and thus the political nudging needed equally small.

Millennie Al
After Pie
Posts: 1621
Joined: Mon Mar 16, 2020 4:02 am

Re: NHS Digital's data sharing

Post by Millennie Al » Wed Jun 02, 2021 11:44 pm

From https://digital.nhs.uk/services/nationa ... edia-posts
You can opt out at any time - there is no deadline
False. If you are too late opting out your data is already in the system and will not be removed.
We only share data to improve health and care
Health and care data helps the NHS respond to emergencies like the coronavirus outbreak
There are lots of protections in place to make sure patient data is used securely and safely
A bit too vague to be meaningful.
We do not sell health and care data
Here's the price list: https://digital.nhs.uk/services/data-ac ... rs-charges
We do not share data with marketing and insurance companies
Quite possibly true. That's two of a very large number of company types eliminated.

And furthermore, what you understand as opt-out is not necessarily what the NHS means by it. From the last question on that page:
If I register an opt-out will it stop all of my information being shared by NHS Digital?

Currently national data opt-outs will be considered on a case by case basis but may not apply during the emergency period due to the public interest and legal requirements in sharing certain data. For example, in the case of the Shielded Patients List, the opt-out was not applied due to the public interest in those patients receiving advice and support - we thought it was important that at-risk patients are protected.
So if the right people think it important, your opt-out has no effect. Note that "public interest" does not necessarily mean that a patient's data is used for their benefit - it might be for the benefit of others.

tom p
After Pie
Posts: 1876
Joined: Mon Nov 11, 2019 1:14 pm
Location: the low countries

Re: NHS Digital's data sharing

Post by tom p » Thu Jun 03, 2021 6:45 am

Fishnut wrote:
Wed Jun 02, 2021 5:07 pm
tom p wrote:
Wed Jun 02, 2021 4:40 pm
They're not just your interests. They are also those of anyone who gives a f.ck about any woman. Only a narcissistic misogynist like Trump would fall outside that group. Also, it is a truth universally acknowledged by almost every woman I've ever talked to about such matters that women's health concerns are not taken seriously by doctors & so this is the most relevant issue where this could help the most people (other issues would be helping fewer than 50% of the population). But even so, why not use an example that resonates with the reader? What's actually wrong with that?
There's nothing wrong with using an example that resonates with the reader, and if my response came across as an accusation of some sort of manipulation I apologise. That wasn't my intention.
Sorry, I shouldn't have been snippy about your reply.

User avatar
nekomatic
Dorkwood
Posts: 1376
Joined: Mon Nov 11, 2019 3:04 pm

Re: NHS Digital's data sharing

Post by nekomatic » Thu Jun 03, 2021 6:55 am

I’m conflicted here - I do want to believe that these are good people in a responsible organisation who only want to do good things, but at the same time all the evidence from the last year and a half is that the people in this government regard the public purse and public sector as a piggy bank cum toy box laid on for the enrichment and benefit of them and their mates and have no compunction whatever in reaching as far down into either one as they feel like for anything they happen to take a shine to, and laugh in the face of rules or laws that say they can’t as they know, or believe, that by the time of any reckoning they and the cash will be long gone.
Move-a… side, and let the mango through… let the mango through

tom p
After Pie
Posts: 1876
Joined: Mon Nov 11, 2019 1:14 pm
Location: the low countries

Re: NHS Digital's data sharing

Post by tom p » Thu Jun 03, 2021 10:11 am

nekomatic wrote:
Thu Jun 03, 2021 6:55 am
I’m conflicted here - I do want to believe that these are good people in a responsible organisation who only want to do good things, but at the same time all the evidence from the last year and a half is that the people in this government regard the public purse and public sector as a piggy bank cum toy box laid on for the enrichment and benefit of them and their mates and have no compunction whatever in reaching as far down into either one as they feel like for anything they happen to take a shine to, and laugh in the face of rules or laws that say they can’t as they know, or believe, that by the time of any reckoning they and the cash will be long gone.
I doubt any current politician could come close to understanding how to use this data

User avatar
bob sterman
Dorkwood
Posts: 1123
Joined: Mon Nov 11, 2019 10:25 pm
Location: Location Location

Re: NHS Digital's data sharing

Post by bob sterman » Thu Jun 03, 2021 10:56 am

When it comes to deanonymisation - my main concern is not someone taking a single anonymised record and trying to deanonymize it.

Rather it would be data customers (commercial or otherwise) - systematically matching NHS data with other data sources in a manner that effectively deanonymizes it.

E.g. Region + Age + Antenatal care events + Facebook data trawl = pretty effective deanonymisation.

User avatar
Bird on a Fire
Princess POW
Posts: 10137
Joined: Fri Oct 11, 2019 5:05 pm
Location: Portugal

Re: NHS Digital's data sharing

Post by Bird on a Fire » Thu Jun 03, 2021 11:05 am

I don't think politicians need to understand the data - in fact it's probably more problematic that they don't. It just takes a friendly lobbyist or Tory donor who's a major shareholder to ask for something dodgy, and we have to trust that the system would be immune from top-down political pressure.

I think there have been some relevant examples in recent months of similar occurrences.
We have the right to a clean, healthy, sustainable environment.

User avatar
Sciolus
Dorkwood
Posts: 1313
Joined: Mon Nov 11, 2019 6:42 pm

Re: NHS Digital's data sharing

Post by Sciolus » Thu Jun 03, 2021 11:41 am

There's no question that there is huge potential value, both individually and collectively, in this project. Neither is there any question that a lot of smart and serious people have considered the potential downsides, especially around privacy. That still leaves plenty of questions.

One of the deep problems is that the more value you want, the easier it is to deanonymise. Much value is in the non-obvious relationships (hey, it turns out that people who smoke get lung cancer, no-one was expecting that until they discovered it), so that means sharing everything about everyone.

It's not at all clear that the people who worry about the downsides are the decision-makers. Given the top-level message is "don't worry your pretty little heads", it's not reassuring. Have they consulted with the ICO and obtained their buy-in? For a project of such magnitude and sensitivity as this, I would consider that to be a minimal requirement. So why isn't "approved by the ICO" at the top of their messaging? I can only conclude that it isn't.

And then there are statements like:
We do not share data with marketing and insurance companies
Alphabet is an advertising company. Is that different from marketing?
We support anybody who wants to register an opt-out
Fishnut has described above how difficult and confusing it is to opt out.
NHS Digital never sells data and only shares it when it will help health and care and it is safe, ethical and legal to do so.
History says otherwise. For instance:
patients were not adequately informed that their data would be used
sounds very familiar.

Nero
Clardic Fug
Posts: 231
Joined: Mon Nov 11, 2019 1:01 pm

Re: NHS Digital's data sharing

Post by Nero » Thu Jun 03, 2021 12:11 pm

https://www.theguardian.com/commentisfr ... dApp_Other

On phone so not going to type much, but worth a read.

User avatar
jdc
Hilda Ogden
Posts: 1925
Joined: Wed Sep 25, 2019 4:31 pm
Location: Your Mum

Re: NHS Digital's data sharing

Post by jdc » Thu Jun 03, 2021 8:30 pm

Fishnut wrote:
Wed Jun 02, 2021 10:16 am
It's unclear to me if you need to complete both to fully opt out I've read the Type 1 Opt-Out and National Opt-Out info multiple times and still can't make sense of it.

[...]

I think that the Type 1 covers GP data and the National Opt Out covers other sources (hospital etc) but I'm not totally sure. I'm a fairly smart person, and if I'm struggling to make sense of this then how the hell is someone who's not got the greatest reading comprehension? The need to read reams of text to find the embedded links to the various forms or opt-out pages (which needs 4 pages of preamble before you get to the "start now" button) is another way of making it hard for people to opt out. Why not just have a page titled "Opting out" with a little bit of preamble and explicit links to both options? From an accessibility point of view it's dire.
I'd not read it all that carefully tbh but I'd assumed that the national opt-out covered all data - but the article Nero just linked to has a link to https://medconfidential.org/how-to-opt-out/ which says "The National Data Opt-out will not stop your GP data being extracted by the new GP data collection."

I'm not sure if that's correct but at least it's nice and clear.

Post Reply