Privacy campaigners and patient groups have reacted to the government’s newly published data strategy labelling it a “rush job” and calling for protection of “NHS patients ahead of the demands of those keen to turn a profit”.

The draft strategy ‘Data Saves Lives: Reshaping health and social care with data’, published today, aims to aims to capitalise on the work undertaken during the pandemic to improve health and care services.

According to the government, the strategy will give patients more control over their health data with easier access to their test results; medication lists; procedures; and care plans from across all parts of the health system through patient apps, such as the NHS App.

It builds on work using data undertaken during the pandemic, such as the NHS Covid-19 Data Store which was set up to be a front door for access to data during the health crisis.

But patient groups and privacy campaigners have raised concerns over who will have access to the data. Most notably, the governments relationship with US tech firm Palantir during the pandemic has raised eyebrows over the company’s access to patient data.

Phil Booth, coordinator of privacy group medConfidential, labelled the strategy “dubious”.

“Boris Johnson’s Government says ‘Data Saves Lives’, but buried in the small print is a rather more dubious deal: ‘If you want better care from your data, you must let us sell it’.

“Once, the PM remembered it was nurses and doctors who saved his life – and the next time Matt Hancock pontificates that patients ‘own their own data’, he should remember that taking something someone ‘owns’ without their permission isn’t ‘sharing’ or ‘innovation’, it’s just plain theft.”

Diarmaid McDonald, lead organiser of patient group Just Treatment, added: “Data can save lives, but it can also make a lot of companies very rich. So we need to make sure these plans are putting the needs of NHS patients ahead of the demands of those keen to turn a profit.

“There are lots of fine words in this plan about patient control and trust, but they propose to do it all after taking everyone’s data, not before. That’s backwards.

“Our questions are the same: how will the trusted research environment work, and who gets the keys?

“And on what terms does this government plan to let companies access this valuable new dataset – and how will you make sure the NHS isn’t taken for a ride?”

The draft data strategy includes a case study on the NHS Covid-19 Data Store, set up to manage multiple sources of data to help the government respond to the pandemic, as a success story for using health data.

It states the Data Store helped decision-makers understand how the virus was spreading; ensure critical equipment was supplied to facilities with the greatest need; and to support clinical research. But the government has come under fire for its relationship with Palantir and other big tech firms involved in the Data Store, specifically around a lack of transparency over contracts and access to data.

More information on Palantir’s involvement with the NHS Covid-19 Data Store can be found here

The government has recently committed not to extend Palantir’s £23m contract beyond Covid-19 uses without consulting the public following a threatened judicial review from tech justice firm Foxglove Legal.

Dr Rosie Shire, a GP at Doctors’ Association UK, said the strategy “isn’t worth undermining the relationship of trust”.

Upon releasing the strategy, health secretary Matt Hancock, said: “This strategy seeks to put people in control of their own data, while supporting the NHS in creating a modernised system fit for the 21st century which puts patients and staff in pole position.”

‘GP data grab’

Others linked the data strategy to the recently deferred General Practice Data for Planning and Research (GPDPR), which was criticised for the lack of time GPs had to inform patients about the programme.

Cori Crider, director of Foxglove, criticised the strategy for “90 pages on apps and just one on GP data” at a time when NHS Digital, working under instruction from the government, has faced accusations of data grabbing.

She added the government had admitted it needs to “work up a strategy on getting value for money out of the nation’s health data. This rush job certainly does not do that”.

Dr Farah Jameel, BMA GP committee executive team lead for IT, warned the government not to repeat the mistakes of GPDPR.

“The Government and NHSX must follow through with commitments to engage fully with both the public and the profession, addressing any concerns they may have about this strategy and specifically proposals around sharing data more widely than for direct care.

“The final strategy will only be successful if it has the full confidence of both the public and the medical profession that data will be kept safe and secure and subject to robust safeguards.”

GPDPR aims to give planners and researchers faster access to pseudonymised patient information. It was a separate programme from the draft data strategy, but ties in to how the government plans to use data overall.

NHS Digital announced in May 2021 that the new service would come into effect on 1 July 2021, with people given until 23 June to choose to opt out. After facing backlash from patients, doctors and health charities the deadline was moved to 1 September 2021.

The draft strategy has been published ahead of a consultation with the public and stakeholders over the summer.

Health secretary Matt Hancock has written an exclusive blog for Digital Health News outlining his plans for the data strategy in the health and care system. You can read the blog here.