The NHS needs to earn back the trust of patients in the way that it handles data, the chair of the Health and Social Care Information Centre has said.

Speaking at the Health + Care conference in London today, Kingsley Manning said the HSCIC is embarking on a programme to improve data security in the NHS and the way data is handled.

But he said the centre and the NHS have to make sure the public is on board. “The whole of the environment we operate in is fundamentally changing. There has been a shift in the trust in institutions, which has declined,” he said.

“The presumption we had a few years ago [that we have consent to] share data can no longer be presumed upon. We have to earn that trust again. We shouldn’t underestimate the concerns both from extremely vocal groups and the public as a whole.”

As Manning was speaking, the British Medical Association’s Annual Representative Meeting was holding a debate on the programme to combine Hospital Episode Statistics with GP and other data, and to release it to researchers and others.

The programme is on hold because of a public outcry over the information given to the public about who will be able to access information and about its consent model.

At the end of a short but passionate debate, the BMA voted to condemn many aspects of the programme, and to demand that it should proceed on an opt-in rather than an opt-out basis.

While has been accused of being too willing to release information to commercial companies, commissioners have complained that they are no longer able to access patient identifiable information for planning and administration.

The Lansley reforms of the NHS, and Dame Fiona Caldicott’s second review of information governance, both confirmed that non-identifiable information should be used.

Manning acknowledged that the current arrangements for commissioners are “largely unsatisfactory” but said that as policy on clinical commissioning groups and commissioning support units is developed more “effective” solutions would be found.

Part of that process, he said, is to make a decision on which organisations can become ‘accredited safe havens’, from which commissioners can access some patient identifiable data.

CCGs and CSUs have been calling for a decision on this since last year. Manning said the Department of Health would act and issue guidance on ASHs shortly.

He said there will be “as few ASHs as possible” and that it is essential to establish a balance between risk and efficiency for commissioners. “We will be looking for organisations that are compliant with safeguards,” he said.

However, he warned organisations that currently have access to such data under an interim agreement under section 251 of the Health Act that there will still be limitations on what they will be able to access

“I’m concerned that they should be aware of the sort of issues that are likely to come up of the accreditation.

"Before they run with business plans, they have to make sure they understand the costs and requirements of being an ASH. The interim arrangements are not simply transferable,” he said.

“We are going to have to establish a process to make sure they can achieve a level of credibility. As data controller we will be extremely concerned with the organisations data is sent to.”

He added that a large degree of transparency will be required for organisations receiving data.