Govt 'comprehensively ignored' advice over NHS data-sharing deal

Health committee calls for immediate ban on use of 'unacceptable' agreement

By Rebecca Hill


NHS Digital must put an immediate stop to patient data-sharing deal with the UK Home Office for immigration enforcement, MPs have said.

The deal, which was put on official footing last year, allows the Home Office to ask the National Health Service for non-clinical information – such as date of birth or last known address – for suspected immigration offences.

During a heated evidence session earlier this month, doctors and patient groups told the Commons Health Committee that NHS Digital was operating to a "lower standard of confidentiality" than rest of the NHS, and risked damaging public trust and deterring migrants from seeking healthcare.

In a withering letter (PDF) to NHS Digital chief exec Sarah Wilkinson, published today, the committee's chair urged the body to cease sharing data with the Home Office and “immediately withdraw” the Memorandum of Understanding that underwrites the deal.

Chairwoman and former GP Sarah Wollaston slammed NHS Digital for carrying out an “inadequate consultation” on the deal that didn’t hear the concerns of NGOs, the General Medical Council and the National Data Guardian.

“This lack of consultation has resulted in a situation where data-sharing is taking place in a manner which is incompatible both with the guidance on confidentiality given by the GMC and the NHS Code of Confidentiality,” she said. “We find that situation unacceptable.”

Wollaston added that the government had “comprehensively ignored” the advice of Public Health England – the only health organisation she said that had been appropriately consulted.

PHE’s advice was that even the perception of data-sharing could pose a serious risk to public health, but the government had rejected it on the grounds it lacked “robust statistical evidence”.

This justification is “wholly unconvincing”, Wollaston went on, adding that the government’s request that PHE carry out a wider review “appears to be little more than window-dressing”.

Throughout the evidence session, government officials argued that, because the data was non-clinical, it was at the lower end of confidentiality, and emphasised that the MoU streamlined existing processes.

A statement sent from the Home Office to The Register about the health committee's letter re-iterated these points.

But Wollaston said the idea that a full consultation was unnecessary because the MoU operationalised existing functions “is wholly to miss the point”.

“It is not the MoU itself on which full consultation should have taken place, but on the practice of data-sharing for immigration enforcement which it enshrined,” she wrote.

Central to the MPs' concerns is that the government had failed to properly weigh the public interest in enforcing immigration laws with the public interest in a confidential health service.

There is “no mention anywhere in the MoU” of the latter, but five paragraphs devoted to the former, Wollaston said in the letter.

“The evidence which has been presented to us in the course of our brief inquiry suggests very strongly — contrary to your own assessment — that the public interest in the disclosure of information held by the NHS is heavily outweighed by the public interest in the maintenance of a confidential medical service,” she told Wilkinson.

For these reasons, Wollaston said that NHS Digital should suspend the MoU until it has carried out a more thorough review of the public interest test.

“We now expect NHS Digital to take this opportunity to demonstrate that it takes its duties in respect of confidentiality seriously,” she concluded.

“If it does not, we will expect to hold a further evidence session, where you will be required to provide a very much more convincing case for the continued operation of this MoU than has been presented so far.”

NHS Digital confirmed it had received the letter and would “consider it carefully and will respond fully in due course”. ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

25% of NHS trusts have zilch, zip, zero staff who are versed in security

Not like there's been a major incident recently to kick them into gear or anything

Database ballsup: NHS under pressure over fresh patient record error

Thousands of discrepancies reported between two databases

BT scoops Home Counties chunk of new NHS IT contract

Competition is great, especially when the new contract's run by the old contractors

For fax sake: NHS to be banned from buying archaic copy-flingers

Trusts to be subjected to quarterly searches for contraband machines

Health secretary Matt Hancock assembles brains trust: OK, guys. Let's cure NHS IT

Expert panel hopes to make dreams of improvement reality NHS should be compensated by firms using its data goldmine

Code of conduct will guide tech firms' work with health sector

NHS smacks down hundreds of staffers for dodgy use of social media, messaging apps

Disciplinary action for healthcare workers complaining about patients, colleagues

Joe Public wants NHS to spend its cash on cancer, mental health, not digital services

Sorry Matt, looks like the app revolution takes a backseat to quality health care

Fix this faxing hell! NHS told to stop hanging onto archaic tech

We can’t have Matt Hancock calling a hospital and hearing: baa-ruhr-reee-uh-reeee-uh-reee

NHS supplier that holds 40 million UK patient records: AWS is our new cloud-based platform

EMIS upgrade will punt GP system into the fluffy stuff