Intended for healthcare professionals

Views And Reviews Primary Colour

Helen Salisbury: Big data and patient trust

BMJ 2022; 377 doi: (Published 21 June 2022) Cite this as: BMJ 2022;377:o1510
  1. Helen Salisbury, GP
  1. Oxford
  1. helen.salisbury{at}
    Follow Helen on Twitter: @HelenRSalisbury

During the pandemic, large volumes of individual patient data were scooped out of GP computer systems into a covid data store. This was used to create shielding lists and prioritise vaccinations—and, at a time when concern about patient confidentiality was overshadowed by worries about imminent death and destruction, there were few voices of dissent.

Now that covid is over (hadn’t you heard?), the emergency rules that allowed this collection of data are coming to an end. However, it seems unlikely that NHS England will give up this newly acquired treasure willingly. After a public relations disaster over plans to set up the General Practice Data for Planning and Research programme in 2021 (which led to millions of patients opting out of sharing their medical information), new proposals are now in development. This week saw a new government policy paper, Data Saves Lives: Reshaping Health and Social Care with Data.1

I have concerns. One purpose of the new data strategy is to “improve population health through the proactive targeting of services.” I’m not entirely sure what this means, but I need reassurance that it doesn’t include any of my patients receiving mailshots from an outsourced service provider offering “help” after we’ve had a sensitive consultation about their mood disorder, alcohol misuse, or binge eating. Most people assume that sharing data for direct patient care covers such things as your allergy record being available when you turn up in the emergency department—which is a very long way from giving details of your weight or drinking habits to a third party provider.

Simply collecting numbers to help plan services is uncontroversial: we really do need to know how many women have an early miscarriage each year, if we’re to provide adequate facilities to assess and treat them. But gathering individual patient level information is not obviously necessary for planning or research. Questions such as: “How many people have x condition?” or even “How many people have x and y conditions and are taking drug z?” can be answered without extracting patient identifiable information.2

There are more questions. GPs who remember the many hours they spent editing the centrally generated covid shielding lists know how dangerously inaccurate they were, so it’s fair to ask how well we should expect this new data platform to work. If the same data company works across many arms of government, how confident can we be that no health related information will leak from one arm to another? Remember, the Home Office already has form in this area: it stopped using NHS data for immigration enforcement only in the face of legal challenges.3

On the issue of trust, a surprising passage in Data Saves Lives tells us that “most respondents would trust the NHS with data about them (57% in July 2020).” This is not a level of trust I’d be proud of. Palantir, the software company that developed the covid data store, is widely expected to be awarded the contract to deliver data analytics on a grand scale across the NHS, as it has its feet so firmly under the table already. Its performance to date is unlikely to enhance that trust.4

The trust that patients place in their GPs is fundamentally dependent on the confidentiality of the consultation. If NHS England messes that up, we’ll all be in deep trouble.



View Abstract