At our Autumn Conference, the Liberal Democrats have backed ambitious plans to safeguard private health data.

We called for the establishment of a five-point ‘Health Data Charter’, which will set out key tests for whether data sharing is in the interest of the public and the NHS. We also proposed a ‘Sovereign Health Data Trust’, which would bring together experts, clinicians and patient representatives to oversee the implementation and observance of the new charter.

Here is is what I said in introducing the proposal :

I am sure that as Liberal Democrats we all recognize the benefits of using health data which arises in the course of treating patients in the NHS: for research that will lead to new and improved treatments for disease, and for the purposes of public health and health services planning. It has been particularly beneficial in helping to improve the treatment of COVID. The collection of health data can help save lives.

However, we also strongly support the right of the individual to choose whether to share their data or not, and to understand how and why their health data is being used.

But increasingly the Government and- I am sad to say -agencies such as NHS Digital and NHSX, seem to think that they can share patient data with private companies with barely a nod to patient consent and the proper principles of data protection.

We can go back to December 2019 and the discovery by Privacy International that the Department of Health and Social Care had agreed to give free access to NHS England health data to Amazon, which allowed them to develop, advertise, and sell “new products, applications, cloud-based services and/or distributed software”.

In other words- for use with its Alexa device.

Then, take the situation that the health team found earlier this year with GP patient data. We had what has been described as the biggest data grab in the history of the health service. In May, NHS Digital, with minimal consultation, explanation or publicity and without publication of any data protection impact assessment, published its plans to share patients’ primary health care data collected by GP practices. Patients were given just 6 weeks to opt out.

As a result of campaigning by our health team and many others, including a group of Tower Hamlets GPs who refused to hand over patient data, Ministers first announced that implementation would be delayed until 1 September and then informed GPs by letter in July that the whole scheme would be put on hold, including the data collection.

As result of this bungled approach more than a million people have now opted out of NHS data-sharing.

The government have had to revise their approach by devising a simpler opt out system and committing to the publication of a data impact assessment before data collection starts again. They have also stated that access to GP data will only be via a Trusted Research Environment (TRE) and have had to commit to a properly thought through engagement and communications strategy.

But this is no way to gain public trust in how our NHS health data is used.

The Government must gain society’s trust through honesty, transparency and rigorous safeguards. The data held by the NHS must be considered as a unique source of value held for the national benefit. If we are to retain public trust in the use of Health data, we need a new framework of a Health Data Charter as clearly set out in the motion. We need a guarantee that our health data will be used in an ethical manner, assigned its true value, and used for the benefit of UK healthcare.

A recent report by EY estimated this data could be worth around £10 billion a year in the benefit delivered. Any proceeds from data collaborations that the Government agrees to, integral to any ‘replacement’ or ‘new’ trade deals, should be ring-fenced for reinvestment in the health and care system with a Sovereign Health Data Trust.

Retaining control over our publicly generated data, particularly our health data, for planning, research and innovation is vital if the UK is to maintain its position as a leading life sciences economy and innovator. As we set out in the motion, all health data must be held anonymously and accessed through a Trusted Research Environment.

We need to restore credibility and trust through:

  • Guaranteeing greater transparency in how patient data is handled, where it is stored and with whom, and what it is being used for.
  • Allowing the public to have a say in how NHS data is used.
  • Appropriate and sufficient regulation that strikes the right balance between credibility, trust, ethics and innovation.
  • Ensuring service providers that handle patient data operate within a tight ethical framework.

At the moment that Trust is being lost.

Conference, our Health Data Charter and Sovereign Health Data Trust is the way to restore it.

 

This is the motion:

Conference believes that:

  1. Data collection and sharing are important and have been instrumental in advancing medical capabilities and improving population health.
  2. Individuals have the right to understand how and why their health data is being used.

III. Understanding and transparency is key to public trust and confidence in data sharing initiatives.

  1. The wealth of data held by the NHS should be used for the benefit of the health service and improving people’s health only.
  2. Health data should never be shared for marketing or insurance purposes.

Conference calls for the creation of a Health Data Charter that will:

i) Set out the fundamental principles and responsibilities for assessing whether a data sharing partnership is in the interest of the public and the NHS.

ii) Aim to ensure trust in the Government’s handling of health data, by laying out stringent principles that will help protect people’s privacy and their data from exploitation.

iii) Lay out ways to retain and protect the value of the nation’s health data.

Conference further calls for the creation of a Sovereign Health Data Trust that will:

a) Comprise a diverse, independent and balanced board of experts, clinicians and patient representatives which will be responsible for overseeing the implementation and observance of the Charter.

b) Have continuous oversight of all health data; with not only the power to grant access, but also the power to recall or restrict an organisation’s access if it has reason to believe that the data is not being used for public or patient benefit.

c) Be designed in such a way as to render it interoperable with the European Health Data Space in technical and in semantic terms, including through the promotion of Findable, Accessible, Interoperable and Reusable (FAIR) data principles within the NHS.

Conference endorses the Liberal Democrats’ proposed Health Data Charter as follows:

  1. Access to health data must be for public and patient benefit – this benefit will be defined by the Sovereign Health Data Trust with input from external experts and the public; the Trust will also determine whether an organisation can access the data for such purposes and can rescind access at any time.
  2. No data shall be shared with an organisation without complete transparency – all health data contracts entered into by a public body must be published publicly and in a timely manner, as should detailed minutes for all meetings, including meetings of the Sovereign Health Data Trust, and details of the organisation requesting use of the data, such as its sources of funding, ownership and intentions.
  3. All health data collection and sharing initiatives must be preceded by public consultation, involvement and awareness – public trust is key to any sharing of health data; this trust must be built through awareness and consultation with the public to ensure there is a solid understanding of the benefits of sharing health data with external organisations and bodies.
  4. The value of all health data must be retained by the NHS – people’s health data belongs to them and any value derived from it should be for everyone’s benefit; when data is used to develop new medicines or treatments, by research organisations or commercial enterprises, a share of the income generated should therefore be invested back into the healthcare system and the NHS.
  5. All health data must be held anonymously and accessed through a Trusted Research Environment – this Environment will be overseen by the Trust and will ensure that no data is handed over to an organisation indefinitely and therefore outside the governance of the Trust; it will also mean that personal data can be retrieved should a person wish to opt out at any time, and access granted to an external organisation withdrawn, should it be found they are not using the data as agreed.
  6. Consent processes must include plain language terms, and formats accessible to disabled people and people with low literacy.