On 19 July, with the nation’s eyes on the long-awaited Chilcot Iraq inquiry report, the end of the controversial care.data programme barely rated a mention.

The programme that damaged public confidence in the government’s handling on their personal health information died quietly.

The recommendations contained in the report that killed it, National Data Guardian Dame Fiona Caldicott’s review into health data security and patient consent, caused barely a ripple.

But as the summer window for public consultation on the recommendations rolls on, concerns are surfacing that care.data, or at least its ambition, are still alive and kicking.

While the report’s recommendations on greater data security and information governance have been lauded, the position on opt-outs and data collection have started to attract attention and some familiar concerns.

Sharing concerns

One dramatically worded online petition doing the rounds at the moment claims the government is now attempting “privatisation of your medical records, but this time without even telling us”.

More sober analysis from clinicians and privacy groups doesn't go that far, but does reveal worries that parts of care.data will endure at NHS Digital [until 1 August the Health and Social Care Information Centre], but with less opportunity for patients to opt out and weaker oversight.

They point to recommendations around data sharing, consent and opt-outs in Dame Fiona’s report, most of which the government has already indicated it is likely to back.

Retired GP Mary Hawking, who sat on the now disbanded general practice extraction service independent advisory group, says some of the Dame Fiona’s proposals would give NHS Digital wider discretion to gather and use confidential patient data.  

“There doesn’t seem to be anyone independent at all looking at how HSCIC [now NHS Digital] uses whatever data they chose and use it however they chose. They just had to say it is de-identified,” Hawking says.

Hawking says de-identifying data is “incredibly difficult” and became even more so as more and more de-identified data was linked and shared, potentially exposing patient’s sensitive health records.

Phil Booth, co-founder of privacy campaign group medConfidential, raises a similar point, arguing that much of the so-called anonymised data sent out to third-parties now is not fully anonymised, with a patient identity easily uncovered.

He says while the care.data brand is gone, the programme to gather and share a wider range of patient’s confidential health information is very much alive. “Care.data has crashed but the policy remains; they still want that data,” he says.

Dame Fiona’s report also recommends going further than care.data, removing the patients’ right to opt-out of this central collection altogether, he adds.

“HSCIC [NHS Digital] needs to be perfect if we don’t want to give people an opt-out. The opt-out is ultimate protection.”

Responding to question from Digital Health News, NHS Digital says all gathering of patient data is now, and will be in the future, subject to legal oversight.

This includes scrutiny by the standardisation committee for care information, which oversees the collection of data, and the data access advisory group, which oversees requests for data.

What information might be gathered and shared in future will be dependent on the outcome of consultation, the statement says. “It is vital that there is a full consultation and dialogue with the public and professionals before any implementation of the recommendations can take place.”

A troubled history

The care.data project was first approved in 2012 as an ambitious project to expand the Hospital Episode Statistics, link them to other data sets, starting with GP data, and to make this available to researchers and others.

It quickly came under heavy criticism for confusion over what the data would be used for and how patients could opt out, including suggestions that the de-identified data could be sold to insurers and marketing companies.

GPs in particular raised concerns around that the care.data required them to share their patients’ data without knowing how it would be used; even though they remained the data controllers.

A NHS England public information campaign in January 2014 only heightened scepticism, with the distributed leaflets described as “junk mail”, failing to mention the project or include an opt-out form.

Care.data was paused several time last year and then officially closed last month, after the release of Dame Fiona’s report (Dame Fiona herself had simply said the government should reconsider its future).

Dame Fiona’s opt-out

But while Dame Fiona was critical of care.data, she has still recommended NHS Digital collect and distribute a wide range of patient data; albeit in her report firmly in the the context of commissioning.

Her report says that while there is opportunity for more data to be de-identified earlier, “personal confidential data should be passed to the HSCIC [NHS Digital] as the statutory safe haven of the health and social care system to de-identify or anonymise and share it with those that need to use it”.

Currently, and under the proposed care.data scheme, patients can opt out of having their GP send their personal confidential to NHS Digital, in what is known as a “Type 1” objection.

Objections to how NHS Digital then uses and shares that data are known as “Type 2” objections, with 1.2 million patients already asking for their data not to be shared for “secondary uses”.

But in her report, Dame Fiona appears to suggest Type 1 objections should, at some undefined future date, be removed entirely, because they “degraded the quality of data”. So: “In due course the opt-out should not apply to any flows of information into the HSCIC [NHS Digital].”

In its place would be the more widely publicised opt-out scheme that will focus on allowing patients to control how their personal confidential data is used.

Dame Fiona says there should be an option to opt out of one or both of “allowing my information to be used to run the NHS and social care system” or “support research to improve treatment and care” (whether there should be one or two opt-outs is one of the key points of the consultation).

Private partners, public good

The biggest concern under care.data was not so much what data was being collected centrally, but how that data was being used.

Dame Fiona is unequivocal that it is unlawful to share personal confidential data with insurers and marketing companies, the accusations which plagued care.data.

But the door is left ajar for other private companies involved in delivering NHS care.

“The model should be set around the purpose to which data is put and its potential benefit to patients and service users, and that dividing up NHS and ‘non-NHS organisations’ without reference to purpose can be artificial and misleading,” her report says.

Hawking says that left a large number of private companies that work within the NHS, such as Google Deepmind, with access to a potentially huge troves of personal health data.

“If you are going to distribute that data, you can put all sorts of terms and conditions and penalties around that but once it’s out, it’s out.”

And while there might be limits placed on who receives confidential patient data now, there were no guarantees this would continue, she points out.

“If all you medic records automatically go to HSCIC [NHS Digital], you might have limits in them now, but that is a valuable asset. You don’t know who will use that data bucket in the future.”

Plenty of de-identified or “pseudonymised” data is already shared with non-NHS organisations including IT consultancy firms and universities.

The return of the GP data set extraction

But some expanded data collection planned under care.data also appears likely to be resurrected. Digital Health News understand plans are in the works for NHS Digital to collect a single national GP dataset, similar to GP dataset planned under care.data.

Responding to questions from Digital Health News, NHS Digital says there is not currently a single national GP dataset.

If patients were not given the option to opt-out of this collection, this could put GPs in the same tricky situation that played out during the care.data project, with patients demanding their data stay in the practise and the government demanding it be collected centrally.

The final shape of any post-care.data programme is not yet set and submissions on the Caldicott recommendations will be accepted until 7 September.

But anyone hoping the ghosts of care.data have been buried could be in for a fright.