Keeping NHS Data Safe

There are huge benefits of using patient data, both for individual care, improving health and care services, and supporting research. When patients are treated in the NHS, they benefit from insights based on the data of previous patients like them. Find out more about the benefits.

Sharing patient data will never be totally risk-free, but there must be robust measures in place to reduce any risks as much as possible, and to respond rapidly and effectively when things do go wrong. Surveys suggest that there are three main things people are concerned about:

• invasion of privacy, or information about medical history being revealed to others;
• loss of control if data is passed outside the NHS;
• the possibility of cyber attacks or hacking.

The ICO gather and analyse data on data breaches, which you can explore here. It allows you to filter the data to just explore the health sector, and dissect the data by incident type.

The failure to collect or use data in the NHS can negatively impact patient care, and waste scarce resources. For example, capturing data on a patient's demographics or treatment history might be imperative for prescribing the right drugs, providing them with an appropriate clinician, and understanding their engagement with different parts of the interconnected health system. Without this, patient safety could be compromised, they might have a poor experience with a service, or fall through the net.

This will vary from person to person. People may accept greater risks for their individual care if they are more likely to benefit. They may not want to take the same risks for other uses of their data. On the other hand, someone with a rare disease may be most at risk of loss of privacy because they could be easily identifiable from data, but they will often be the most keen for data to be used. In the search for a diagnosis or treatment, they are often willing to take more risk of their data being used for research, but they might see a different acceptable balance between benefit and risk with data being used in services or over time.

Data use in the NHS is based on the concept of 'implied consent' - patients do not have to explicitly consent to their data being accessed and used amongst staff directly involved in your care, as it is considered reasonable that they need to have information about you in order to deliver safe and appropriate care. Find out more about implied consent.

However, beyond direct care, the national data opt-out, introduced in May 2018, allows patients some choice about the use of their confidential patient information beyond their individual care, for example for research purposes.

At a national level, some key organisations hold patient data or have responsibility for oversight about the purposes for which it can be used. They work with others to make decisions about how to safeguard data and set the conditions under which it can be accessed.   

Find out more about how decisions are made on who can access and use patient data, and what choices you have. 

There are strict controls on how third parties, such as academic researchers or companies, can use patient data. To protect your confidentiality, organisations are only allowed access to identifiable data if there is a legal basis. They should sign contracts setting out what they can and cannot do with the data, including restrictions on passing data to other third parties.

Find out more about how your data is protected here.

The NHS is trying to reduce vulnerabilities across the health and care system, both through investment in IT and staff training.

NHS England monitors threats and security incidences, and provides support to health and care organisations to help keep computer systems safe. For instance, the Cyber Security programme works to ensure that measures are actively in place to protect NHS assets and services and ensure that trusts, integrated care boards and clinical commissioning support units are aware of their accountabilities and responsibilities and undertake cyber security actions. The Data Security centre manages security threat monitoring, national incident response and provides information security consultancy, guidance and advice.

In the past, patient records were only stored on paper. These may have been safer from cyber attacks but could easily be lost or mislaid. There are too many examples where appointments have been wasted, or even lives lost, because paper records have not been available to the right people at the right time.

Digital records have the potential to be much safer, particularly if the whole care team can access up-to-date information using joined up electronic records. However, increasing use of digital records, and the fact that data may be stored in several places, does mean that the potential impact of a data breach could be greater. Many more people may be affected, for example if a whole database is hacked, or more information could be put at risk.

On the other hand, digital technology can also be used to improve security and reduce the risks. Technology can be used to protect data, for example by restricting access (using passwords or swipe cards to control access to data), or using encryption so the data can only be read with a code. There can also be a robust audit trail showing who has accessed data and when.

The Government’s Plan for Digital Health and Social Care set a target of all Trusts having electronic patient records by March 2025 (subsequently pushed back to 2026), which includes a requirement for all organisations to have increased cyber security capabilities, resilience, clinical safety and accessibility. This commitment was supported by £2bn in funding to support organisations meet digital standards.