Rapid responses are electronic comments to the editor. They enable our users
to debate issues raised in articles published on bmj.com. A rapid response
is first posted online. If you need the URL (web address) of an individual
response, simply click on the response headline and copy the URL from the
browser window. A proportion of responses will, after editing, be published
online and in the print journal as letters, which are indexed in PubMed.
Rapid responses are not indexed in PubMed and they are not journal articles.
The BMJ reserves the right to remove responses which are being
wilfully misrepresented as published articles or when it is brought to our
attention that a response spreads misinformation.
From March 2022, the word limit for rapid responses will be 600 words not
including references and author details. We will no longer post responses
that exceed this limit.
The word limit for letters selected from posted responses remains 300 words.
In light of statements made on Jan 25 about the NHS selling anonymised medical records, notably advocated by Sir Tony Blair and Lord Hague, it’s crucial to reflect on the broader implications of data privacy in healthcare, drawing parallels to the situation in the United States as highlighted in this BMJ Opinion article “In the US, patient data privacy is an illusion.”
The former British leaders argue that leveraging the NHS’s vast data pool could spearhead a biotechnological and AI revolution, potentially bolstering the UK’s economy and fueling advancements in healthcare. However, this proposition raises fundamental concerns about patient privacy, consent, and the commercialisation of personal health information – issues that resonate with the current state of medical data privacy in the US.
In the US, the sanctity of doctor-patient conversations, once deemed inviolable, is now under siege by the digital transformation of healthcare data. While designed to protect patient information, the Health Insurance Portability and Accountability Act (HIPAA) often permits the sharing of patient data with a wide array of entities, many of whom the patient may be unaware of or may not have explicitly consented to.
The NHS’s proposed path, mirrored in this context, might lead to a similar predicament, where the noble intent of advancing healthcare and fostering economic growth could inadvertently compromise patient trust and privacy. The argument made by Sir Tony and Lord Hague underscores the potential benefits – improved public services, research enhancements, and the overall growth of a future-facing industry. Yet, it’s imperative to juxtapose these benefits against the ethical and privacy concerns raised.
Creating an NHS Data Trust (NHSDT) to manage and profit from this data, as proposed, necessitates rigorous safeguards and transparent governance. Patients should have ultimate control over their personal data, emphasising the need for consent and informed decision-making in data sharing. The current digital landscape, as illustrated in the US, often leaves patients in the dark about who accesses their data and for what purposes.
The suggestion that the UK could follow a similar trajectory as the US, where patient data becomes a commodity traded and profited from without explicit consent or sufficient anonymisation, is alarming. The risk of de-identified data being re-identified with advancements in data science is not trivial. Moreover, the potential for data misuse or breaches in an era where data is the new gold cannot be overstated.
However, it’s also crucial to acknowledge the transformative potential of responsibly used healthcare data. AI-driven diagnostics, personalised treatment plans, and predictive healthcare models can significantly improve patient outcomes and streamline healthcare delivery. But this potential should not overshadow the need for stringent privacy protections and ethical data usage.
The US experience serves as a cautionary tale for the UK and other nations venturing into the realm of healthcare data commercialisation. Patient privacy should not be the price paid for technological advancement. Thus, the move towards digital healthcare necessitates a paradigm shift in how we view and handle patient data. The principle of “nothing about me without me” should be the cornerstone of any initiative involving patient data.
While the vision to position the UK at the forefront of a biotechnological and AI revolution is ambitious and potentially transformative, it must be pursued with the highest regard for patient privacy and consent. Learning from the experiences of healthcare data management in the US, it’s crucial to forge a path that respects and protects the sanctity of the doctor-patient relationship and the confidentiality of patient data. The future of healthcare innovation relies not only on technological prowess but also on the trust and confidence of the individuals it aims to serve.
Competing interests:
No competing interests
27 January 2024
Benjamin Laker
Professor of Leadership and Associate Editor at BMJ Leader
Dear Editor
Kudos to Dr Krumholz for laying this out so clearly and with logic and beauty. The question for all of us is how do we want data rights and privacy to look in the next 10 years. Stripped to the bare essentials, how can our data in the hands of others better our lives and those of our children, while making a stellar and visible contribute to science. The implications for machine learning, interoperability and artificial intelligence augmentation are staggering. We have grown past the power hierarchies of patriarchal medicine and into the brave new world of partnership, policy and participatory medicine. Let the future begin now with our words and actions
Healthcare or Wealthcare? The Ethical Quandary of the NHS Selling Anonymised Medical Data
Dear Editor
In light of statements made on Jan 25 about the NHS selling anonymised medical records, notably advocated by Sir Tony Blair and Lord Hague, it’s crucial to reflect on the broader implications of data privacy in healthcare, drawing parallels to the situation in the United States as highlighted in this BMJ Opinion article “In the US, patient data privacy is an illusion.”
The former British leaders argue that leveraging the NHS’s vast data pool could spearhead a biotechnological and AI revolution, potentially bolstering the UK’s economy and fueling advancements in healthcare. However, this proposition raises fundamental concerns about patient privacy, consent, and the commercialisation of personal health information – issues that resonate with the current state of medical data privacy in the US.
In the US, the sanctity of doctor-patient conversations, once deemed inviolable, is now under siege by the digital transformation of healthcare data. While designed to protect patient information, the Health Insurance Portability and Accountability Act (HIPAA) often permits the sharing of patient data with a wide array of entities, many of whom the patient may be unaware of or may not have explicitly consented to.
The NHS’s proposed path, mirrored in this context, might lead to a similar predicament, where the noble intent of advancing healthcare and fostering economic growth could inadvertently compromise patient trust and privacy. The argument made by Sir Tony and Lord Hague underscores the potential benefits – improved public services, research enhancements, and the overall growth of a future-facing industry. Yet, it’s imperative to juxtapose these benefits against the ethical and privacy concerns raised.
Creating an NHS Data Trust (NHSDT) to manage and profit from this data, as proposed, necessitates rigorous safeguards and transparent governance. Patients should have ultimate control over their personal data, emphasising the need for consent and informed decision-making in data sharing. The current digital landscape, as illustrated in the US, often leaves patients in the dark about who accesses their data and for what purposes.
The suggestion that the UK could follow a similar trajectory as the US, where patient data becomes a commodity traded and profited from without explicit consent or sufficient anonymisation, is alarming. The risk of de-identified data being re-identified with advancements in data science is not trivial. Moreover, the potential for data misuse or breaches in an era where data is the new gold cannot be overstated.
However, it’s also crucial to acknowledge the transformative potential of responsibly used healthcare data. AI-driven diagnostics, personalised treatment plans, and predictive healthcare models can significantly improve patient outcomes and streamline healthcare delivery. But this potential should not overshadow the need for stringent privacy protections and ethical data usage.
The US experience serves as a cautionary tale for the UK and other nations venturing into the realm of healthcare data commercialisation. Patient privacy should not be the price paid for technological advancement. Thus, the move towards digital healthcare necessitates a paradigm shift in how we view and handle patient data. The principle of “nothing about me without me” should be the cornerstone of any initiative involving patient data.
While the vision to position the UK at the forefront of a biotechnological and AI revolution is ambitious and potentially transformative, it must be pursued with the highest regard for patient privacy and consent. Learning from the experiences of healthcare data management in the US, it’s crucial to forge a path that respects and protects the sanctity of the doctor-patient relationship and the confidentiality of patient data. The future of healthcare innovation relies not only on technological prowess but also on the trust and confidence of the individuals it aims to serve.
Competing interests: No competing interests