The Health and Social Care Information Centre has created a steering group to “help guide” its possible use of pseudonymisation at source for care.data.
Giving evidence in the Commons’ health select committee yesterday, Max Jones, the HSCIC’s director of information and data, said that the centre has not ruled out the idea of pseudonymising data extracted from GPs.
“We are committed to see the benefit of pseudonymisation and protect the information which we hold.
"The HSCIC has instituted a review of the pseudonymisation techniques which are available and the technical findings of that review have now been completed and a draft report is being compiled as we speak,” said Jones.
“That report is going to go to a meeting of a steering group which has been constituted to help guide the HSCIC in its use of pseudonymisation.”
Care.data involves extracting a new monthly dataset from GP practices and linking this with other datasets, such as the Hospital Episode Statistics, within the ‘safe haven’ of the HCSIC.
The programme is intended to deliver information to support health service activities and to researchers, but it has been hit by controversies about who will have access and the opt-out for patients. At the moment, the GP extractions that should have started this spring are on hold until October.
The data extracted for the national database will include a person’s age, post code and NHS Number, but pseudonymisation at source would mean that this information would never leave the GP practice, addressing many of the privacy and consent concerns.
At a previous health select committee in February, Jones said he was not convinced it was a “technically viable solution at a national scale.”
However, in yesterday’s meeting he said the centre had not reached “any conclusion as to whether or not pseudonymisation at source is a right answer or a wrong answer.”
“I think we have to take into account that both the technical feasibility of the solutions and the costs of this,” he said.
“We also recognise that as the HSCIC we also have a lot of other information. We need to link this to other data sources and therefore, some of the protection that pseudonymisation potentially gives, may or may not provide the same benefits for a national organisation whose obligations is to collect and link this data.”
Similar programmes in Scotland and Wales, the Scottish Primary Care Information Resource and the NHS Wales Informatics Service’s Secure Anonymised Information Linkage project respectively, both pseudonymise the data before it leaves the GP practice.
The steering group will have its first meeting on 2 May to discuss the draft report and how the HSCIC may move forward with this.