Whenever we go to a GP, a hospital or a pharmacy, information will be collected about us and our medical history. Only healthcare professionals who are directly involved in your care will be able to access your full patient record. But some of the information from your record may also be useful for specific purposes beyond your individual care, to improve health, care and services across the NHS. People need to be able to find out what’s allowed and what’s not, and how data is kept safe.
How is data kept safe?
It is essential that patient data is kept safe and secure, to protect your confidential information. There are four ways that privacy is protected:
- by removing identifying information, particularly your name and contact details
- using an independent review process to make sure the reason for using patient data is appropriate
- ensuring strict legal contracts are in place before data is transferred
- implementing robust IT security.
Find out more about the safeguards.
Who can access patient data?
Your full patient record will only be seen by healthcare professionals who are directly involved in your care.
There are strict controls on how anyone else can access patient information. The purpose must be approved before anyone can use data, and they are only given access to the minimum amount of data necessary. The types of organisations that can use patient data include:
NHS providers and commissioners: use data to monitor trends and patterns in hospital activity, to assess how care is provided, and to support local service planning.
University researchers: use data to understand more about the causes of disease, to develop new ways of diagnosing illness or to identify ways to develop new treatments. Explore our case studies to find out how patient data is used.
Charities: use data to evaluate services and identify ways to improve care.
Companies: use data if they are partnering with the NHS to provide care and research. The NHS can’t do all of the analysis on its own, and companies may have the best expertise and technologies for making sense of large and complex data from hospitals, or for developing new treatments. People often have lots of questions about how and why companies can access data. Find out more about companies using patient data.
Can I be identified from the data?
People want to know whether they could be identified when data about them is used. Anonymised information, with identifiers removed, will be used as much as possible. Often, it is only a row of numbers and codes that can be seen. But what does anonymised really mean in practice, is it ever possible to re-identify someone? We explain what anonymised means here.
Personally identifiable data can only be used if you give your permission or where required by law, and then only with robust safeguards. It cannot be used for insurance or marketing without your consent.
Some data will be used to produce statistics that are published monthly by the NHS, for example A&E waiting times or vaccination coverage. The information can only be openly published if the data is anonymous, so it is not possible to identify any individual.
What choices do I have?
A new national opt-out will be offered in England from May 2018, following recommendations from the National Data Guardian. People will be able to opt out of having their confidential data shared for reasons beyond their individual care. The opt-out will not apply to your individual care, and you will not be able to opt-out of the use of anonymised information.
More information on how the opt-out will be implemented will be available here in the run up to May 2018. The national data opt-out will be rolled out across the whole NHS and social care system by 2020.
What are the risks?
People understandably have a lot of questions and concerns when they first hear about wider uses of patient data. Could something go wrong? How will it affect them?
Public attitudes work suggests that people have three main areas of concern:
- invasion of privacy or information about medical history being revealed to others;
- possibility of cyberattacks or hacking; and
- companies having access to data.
Evidence from the Information Commissioner’s Office, the UK’s data protection regulator, reports that the most common types of data breaches in the health sector are when data is posted, faxed or sent by email to the wrong person, usually as the result of an accidental mistake as part of routine care.
We recognise that sharing patient data will never be risk free, and there must be robust measures in place to reduce any risks as much as possible. We’ve been exploring the risks and looking at the evidence in more detail, and we’re now working on a resource to provide more information in an accessible way. This will include factors to consider when deciding how to weigh up the risks and benefits. For example, how do the risks of digital electronic records compare to paper records? How do the risks of sharing health data compare to sharing other types of data? And what are the risks of not using the data?