Patients should be empowered by “the choice of control” – that is the key message addressed in the newly released book, Privacy and Healthcare Data.

Written by associate professor in Information and Technology Law at the University of Leeds, Subhajit Basu and an informatics consultant Christina Munns, the thought-provoking book explores the changing concept of ‘privacy’ and ‘patient control’ in healthcare information.

The book is a culmination of four years of research where the co-authors cover a number of topics including privacy and data protection, sociological and psychological issues, information governance issues (analysing NHS information governance policies) and an in-depth look at

Basu’s research is on regulation of emerging technologies, particularly regulation of Information Technology, while Munns focuses on Information governance in healthcare.

“We wanted to write this book to generate debate and to provoke new visions for the sharing of personal and confidential medical data”, Basu said.

“Our argument is simply to realise the full potential of our inevitable lives “online,” personal and confidential information, including health information, must sometimes be shared.”

Within the 240-page book, the authors aim to encourage and empower patients to make informed choices about sharing their health data. They do this by developing a three-stage theoretical model for change to the roles of the NHS and the individual.

When it comes to legal and regulatory aspects of sharing healthcare data within the NHS, Basu said the research revealed there is considerable uncertainty particularly with what is regulated, who is responsible for such regulation and which laws apply.

“There is also a lack of clarity as to the subsistence and ownership of proprietary rights of data stored, processed and generated in this context.”

“The concept of ‘privacy’ should move away from the current NHS’s paternal ‘proxy-individual’ conception of privacy where the NHS make information sharing decisions on behalf of the individual.”

Basu said it should move towards more optimal sociological conceptions of control, where individuals make sharing decisions themselves based on transparency around the risks and benefits of themselves and society.

“The discussion in the book is framed through an exploration of the changing concept of ‘privacy’ and ‘patient control’ in healthcare information management. We looked the into best practices from Europe and the USA, combined it to form a vision for the UK.”

The book has been reviewed by Dame Fiona Caldicott, national data guardian for the NHS together with professor Andrew Murray from the London School of Economics and professor Roger Brownsword from King’s College London.

The book is available at, Amazon and Blackwell’s.

The book provides the following:

  • An understanding of how health information is currently managed
  • An understanding of the value and complementary nature of both individual privacy and ‘collective transparency’ in healthcare information
  • The information to be empowered to make decisions around control of their healthcare information which could be put into practice given the Government’s pledge to allow access to GP records and;
  • The information to be empowered to share best practice from other countries’ data protection/open data regimes