There's a questions I hate. It drives me bonkers. It started in the supermarkets but now it's ubiquitous;
'Have you got a Nectar Card?'
Do I come across as a Nectar Card person? NC people are careful, attend to details, reconcile their credit card statements and they are smug enough to think they will live long enough to accumulate sufficient points for a free OXO cube. 'Noooo, I don't!'
Loyalty cards harvest a mine of information. If you have a card; they know where you live which gives them your socio-economic profile, they know what you buy , when you buy it and how you pay and what credit-card. They can track you around the store, which days you buy, your price profiling and what little luxuries tempt you. They know more about you than your Mum, your husband, kids and your lover.... Ovaltine, razor-blades, curly-wurlys and pink champagne in one basket... dead give away!
Because they pour over this data the stores can hustle and bustle to get the stuff we want, on the shelves, at the price, time and place we want.
When it comes to data the NHS has more of it than just about any other organisation outside the Pentagon and GCHQ. Its collection of data is world-class. It wants to use it but, like everything else the DH and Carbuncle get involved in they're making a Horlicks of it.
The entirely common-sense and worthwhile idea; take NHS data and use it in a public health and research context, is dissolving into the NHS equivalent of the Lib-Dem, Lord Rennard debacle.
So, what's occurin'? Top-line; the plan is to put primary care patient records on the same footing as Hospital Episode Statisitcs, HES Data. GP patient-notes will be sent, un-anonymised, to the NHS Information Centre, (the only place allowed in law to keep this information) where, using an automated system and a series of codes, 'pseudonymise' it, matching the data to HES, linking the whole patient pathway. Clever stuff. They may then make data available. All this was first called-for by Dame Caldicot, nothing new. The 'new word' that's popped up, and stampeded the herd, 'pseudonymised' is not new. It's how HES data is treated, now.
There are three ways the data may be used:
First; a set of average values, comparing Camberley with Colchester for, say, the typical time between presenting to a GP with spot on yer thing, to having an operation.
Second; patient's identifiers (date of birth, postcode, and so on) are replaced with a meaningless pseudonym which will allow tracking individuals through the different parts of the NHS and social care i.e., patients who are admitted repeatedly to hospital but who seldom visit their GP.
Question: Can pseudonymised data can be rolled back to identify individuals. In theory, yes but it's unlikely kids in bobble hats will hack-in and send it to the Guardian? Who knows how hack-able the NHSIC computer is. Is it possible to jig-saw NHS data with other data to create a picture of an individual? Technically, yes. But it is against the law.
Third; there are public health and security reasons that make it necessary to provide identifiable data to appropriate authorities. Fair enough... but here's the cruncher... supplying data to third parties.
The parameters for this are research and must be used by authorised people, for a particular, declared purpose in the public interest or in the NHS by people providing NHS contracted services and yes, that includes Pharma.
Does this mean an insurance company could buy data for (say) Bournemouth to flog hips insurance? No. They have to be providing health services to obtain data. Does it mean an insurance company that also provides care could obtain it for one purpose and use it for another? If they did it would be a criminal and civil offence in law and someone would go to jail. Is data sold by the Information Centre? No, it is charged for on a cost recovery basis.
If you don't want supermarkets to know about your predilections, cut-up your loyalty card. If you don't want health people knowing about you, tell your GP, and opt-out.
Have the Carbuncle made a pig's ear out of this, yes and they're trying to sort it and the EU may well scupper it. Could the opt-out be better managed, certainly. Is 'pseudonymised' a daft word when 'proxy' might have done and been less scary, absolutely. Are there theoretical risks that the nefarious could pinch your stuff? Yup, ask the Pentagon.
Do the benefits outweigh the risks? I'm the wrong one to ask; about 19m of you have a Nectar Card... you tell me.
-oOo-
'Straw Poll' results from yesterday here.
Today's question.
'Making health data available is a bad idea.'
See the results as you vote here.
Join in and comment on the Manager's Network Forum now.