- Private companies like Bosch and online comparison sites have signed up to access sensitive medical information
- Now the government will pool all of England’s medical records into a database that private companies can access for just £1
- Health data is a goldmine for pharmaceutical companies who will get information at budget prices
England’s national health system is ready to step up to the data sharing plate, with their care.data scheme, which plans to harvest identifiable information from every patient’s medical record to a centralised database in April this year and will continue to do so on a daily basis.
The Health and Social Care Information Centre (HSCIC) will mine data that includes identifying information such as birthdate, marital status, postcode and NHS number, along with clinical data, GP referrals and prescriptions. Even sensitive issues such as mental health, sexual health, child protection and counselling will all be included.
Your medical records will be extracted unless you explicitly tell your GP that you don’t want to be a part of care.data.
Health data is a goldmine for medical research charities and pharmaceutical companies
Data gathered by the health and social care information centre will be extracted first from GPs and then linked with patient records from hospitals. Following this, the record will be ‘de-identified’, however jigsaw identification will be relatively easy and ‘malicious attacks’ – are a ‘risk’, the NHS England have outlined. Jigsaw identification will be possible as the final ‘non-sensitive’ record will reveal detailed hospital episodes, ethnicity, gender, the area where a person was treated (which will indicate where they live) and various identifying codes.
Data linking is a technique often used by the Department of Work and Pensions when cracking down on benefit cheats – using different databases alongside social media to monitor those they suspect. Companies that create targeted adverts could benefit hugely from this information.
Today big data means big bucks – it is the biggest asset of some of the world’s most well-known businesses. Health data is a goldmine for medical research charities and pharmaceutical companies that, for example, may want to link mortality data with prescriptions of statins (a blood pressure drug) and health records. It seems a righteous cause, right? But what about the companies who will see their revenues rise exponentially thanks to your medical record?
Which companies are interested?
Companies will be able to purchase data sets for just £1. The Kernel has found that in the past two years, a range of researchers and private companies have applied and received sensitive medical information held by the NHS. They include, but are not limited to, Bosch – the German home appliance company’s health division, ADL Smartcare – a private company that makes its profit by offering healthcare advice, CHKS ltd – a company that makes money by turning data into ‘achievable information that drives decisions’, companies trialling probiotics, FindMeHealth – an online comparison site for private healthcare and Corin Ltd – a joint replacement manufacturer who, unsurprisingly, has interests in health data of a sensitive nature.
Understanding Society – a ‘Large Facilities Capital Fund’ run by the Government, applied for the data also. This means that the Department of Work and Pensions – responsible for benefits, the Department of Education, the Department of Culture, Media and Sports, DEFRA, the Department for Transport and the Food Standards Agency will be able to access the information should they seek it.
The Institute for Fiscal Studies also made an application, alongside a range of Universities such as Birmingham, York, Kent, Edinburgh and a number of health charities. These are just some of the applications made since 2012 for the limited medical records that HSCIC holds currently.
But this year, with the promise of a nation-wide data pool, private companies will be queuing to get their hands on medical records.
The Health and Social Care Act overrides the common law of confidentiality
What’s more, it’s easy to remove brand names from the application process if a company does not want to be associated with accessing personal info. The information is applied for via a trial under the name of a research team, but as HSCIC has stated themselves – once information has been handed over in the application status – there is no accountability for where it will end up and which third parties will gain access to it.
Concerns were highlighted in healthcare thinktank The Nuffield Trust’s survey for the public perception of health data sharing. The public believed that sharing of data may cause employment barriers.
Could employers take into account your medical records when you apply for a job? HSCIC state that if a person wants to apply for an entire individual record they can do so if they gain consent from the person for whom the record relates to. Will fears that companies may request your consent come true?
Previously, medical records remained confidential information between the GP and patient and safeguarded by the Data Protection Act. The Health and Social Care Act overrides the common law of confidentiality and the usual requirement to seek consent for disclosure.
Centralising medical information will allow for transparency, commissioning of health services and will enable the government to identify trends in health care. But care.data comes at an unfortunate time where public perception of databases and the figureheads that govern their information are at their lowest following the NSA leaks.