“Better Information Means Better Care” – why are we reluctant to share our GP records?

24 Apr

by Jill Stocks, Research Fellow in our Core research theme Image The sharing of patient records in England on the Care.data database has become so controversial that the uploading of data has been delayed for 6 months.* The benefits of data sharing are indisputable. For example data sourced from over 1800 GP practices showed that only around half the people at increased risk of a stroke due to a diagnosis of atrial fibrillation were receiving the medicine that would help to protect them. Over a million people in the UK have this diagnosis and acting on this information could save many lives. This study would have been quicker and less expensive with Care.data allowing faster responses and more efficient use of NHS research resources. Care.data could also help when many medications are available for the same illness with no evidence to say which is better. Randomised controlled trials are the gold standard for comparing medicines but the associated costs are often prohibitive when many comparisons are needed. Studies using data sourced from over 650 practices have demonstrated that medicines can be compared at a fraction of the cost of a controlled trial. We need to be especially careful when prescribing medicines to apparently healthy people and often the evidence from different studies is conflicting. Debates such as whether the benefits of taking aspirin or statins to reduce the risk of heart attacks outweigh the risks for healthy older adults are commonplace. Currently taking aspirin by healthy people is not recommended but it remains controversial. Care.data might resolve such dilemmas. If we accept that Care.data benefits all of us, what exactly is it that bothers us about sharing our data? After all we are used to sharing our personal data; ¾ of us own a Facebook site even though social networks collect data on everything we do from the moment we sign up – including every time we log in or out. Is it because our data might fall into the wrong hands? We can never rule out that possibility but Care.data is not the first large collection of primary care data, many GP practices have already shared anonymised data for research. For example the Clinical Practice Research Database includes data from over 650 practices,  the Health Improvement Network has around 550 practices and Qresearch includes around 750. These data collections have over two of decades experience in keeping patient data safe. Are we really more anxious about our own NHS using our data to improve healthcare than our identifiable data being held by the bank or a social networking site or an online retailer? And don’t the potential benefits far outweigh the risks? Please don’t opt out, we all stand to gain better healthcare. *While it may be debateable whether or not the term anonymous or anonymised can be used to describe this data collection, guidelines outline that identifying data will be removed before being accessed by a researcher. See below for more information. http://www.england.nhs.uk/2014/01/15/geraint-lewis/ http://ico.org.uk/for_organisations/data_protection/topic_guides/anonymisation ***NOTE: This blog post has been amended***

10 Responses to ““Better Information Means Better Care” – why are we reluctant to share our GP records?”

  1. Neil April 24, 2014 at 1:44 pm #

    You are poorly informed.
    Care.data is NOT anonymous.
    If you don’t know this, what hope the public.
    Don’t conflate care.data with “anonymous” sharing or “open data”.
    It is nothing of the kind.

    Look here for more info:


    Neil (GP)

    • Jill Stocks April 24, 2014 at 5:34 pm #

      As I understand it the data will be either fully anonymised or pseudo-anonymised (in which case it will only be made available to approved analysts for approved purposes). If it is legally required that an individual is identified such as in a public health emergency then the individual would be identified regardless of whether or not they have opted out. (NHS England has made a commitment that personal confidential data will not be shared unless there is a legal basis or an overriding public interest in disclosure.) We already have systems whereby notification of some infectious diseases is legally required and similarly for some occupational diseases (RIDDOR), there is no opt out option in this situation. These individuals would be identified whether or not they opt out of Care.data. http://www.england.nhs.uk/2014/01/15/geraint-lewis/
      Of course it is possible, although extremely unlikely, that a determined individual might attempt to re-identify individuals within a pseudo-anonymised dataset and of course people are free to make the choice to opt out. However my point is that the risk is small, the consequences for most people are not large whereas the potential benefits of sharing our data are huge. I think the argument is lacking a balanced perspective and the overall benefit to the population of the UK should be considered.

      • Andrew Watson April 25, 2014 at 8:26 am #

        Jill, You write: “Of course it is possible, although extremely unlikely, that a determined individual might attempt to re-identify individuals within a pseudo-anonymised dataset …”

        Why do you say re-identification is “extremely unlikely”? Do you have any data to back up this assertion?

        Take a look at the literature on re-identification attacks – there’s a informal introduction here:

        “Anonymized” data really isn’t—and here’s why not
        by Nate Anderson – Sept 8 2009


        Regards, Andrew.

  2. David A (patient) April 24, 2014 at 8:57 pm #

    Oh dear, Jill, you seem to have exasperated Neil (GP), but I think you’ve made a great point that he fails to address.
    It’s a bit of a pedantic argument as to whether my medical data would be “truly” anonymous. But it seems to me that as a patient I already have to trust my local GP practice to keep it confidential – so why should I be any more or less trusting of the central NHS?
    I think your point was that most people casually trust their personal data with less trustworthy bodies like Amazon, Google, Facebook – all for relatively trivial benefits. So as a patient I am very content to allow my effectively anonymous data to be used for important medical research.
    I am happy to have people putting pressure on the NHS to ensure the system is secure, but I am suspicious of those few GPs who are working to get patients to opt out. What is their agenda? Are they afraid their practice might be evaluated with this data? Perhaps they feel their “ownership” of patients is threatened by this endeavour.
    By the way, I notice that some people are worrying that pharmaceutical companies will make a profit by accessing this database, but I think it’s also quite likely it will reveal that some expensive medicines are not as effective as claimed. So let’s get on with it.

    • ShirtlessKirk April 25, 2014 at 12:45 pm #

      People casually trust their personal data to Amazon, Google et al because they choose to. I’m not on Facebook because I chose not to be. The fiasco of the so-called “opt-out” (you aren’t really) débâcle is that not only was there deliberate obfuscation in the pitiful junk leaflet they only grudgingly sent out after being pressured but that Govt IT projects *without fail* leak data like sieves and there is never any accountability.

      GPs that are advocating opting out (for what that is worth) are acting as responsible data controllers under the DPA. Notwithstanding that there is the claim that all medical records are somehow the property of whoever is Secretary of State for Health at the time (wrong, but never contested in court), GPs have a contract to safeguard the data that is supplied by their patients.

      • David A (patient) April 26, 2014 at 12:46 pm #

        Well, I agree with your first sentence and I wish you success in your efforts to opt out. It’s a matter of judgement about risks and benefits. I just hope the majority of patients get the message about the substantial benefits that can result from research with this data. In his book “Bad Pharma” Ben Goldacre discusses just how much of medical practice is based on guesses and assumptions – and would benefit from scientific analysis of real (effectively anonymous) medical records.
        I disagree with the rest of your comments.
        Junk mail issue – Yes, the distribution of the information leaflets could have been done differently. A simple typed letter from my GP would have been better, but perhaps that was judged less effective or too expensive at the time. I certainly noticed the information when it arrived in my post; it was similar to notices I receive from time to time about neighbourhood rubbish collection or about planned interruptions to electricity or water. Maybe I’m just a very perceptive guy. The opponents are certainly making a big deal about it, but it isn’t really relevant.
        Government IT projects. True, they are invariably over-budget and behind-schedule, but it is utterly false that they “*without fail* leak data like sieves and there is never any accountability”. I am not aware of my tax details, or census responses, etc, leaking out; and if they did, it is clear which government departments and individuals are accountable.
        GPs who advocate opting out. No, they are definitely not acting “responsibly”. I can’t be sure what motivates them (paranoia? protecting their turf?) but they are certainly not acting responsibly for the benefit of patient’s health. That is particular evident if you look at the website created by Dr Neil Bhatia (who I assume is the Neil who earlier commented on this blog). Talk about obfuscation! He has taken accurate basic information, and through careful omissions, use of italics, and choice of questions endeavoured to portray care.data as a creation of pharmaceutical and insurance companies and other malign forces. It would take far too long to address all the misrepresentations, but to summarise, it is a one-sided diatribe that fails to acknowledge the substantial benefits – for patients – that could flow from the project.

    • Jill Stocks April 26, 2014 at 8:03 am #

      Dear Andrew
      Thank you for taking the time to comment.
      First let me say that I do not consider a confidential data breach to be a trivial thing, I would strongly support any action to improve data security. Looking at the data breachs for the first 9 months of 2013 (http://ico.org.uk/enforcement/trends) it looks as though there were about 43 data breaches per month in the health sector (interestingly it looks as though data is safer with central or local government than the health sector). In a country of 63 million a back of the envelope calculation suggests around 8 incidents per million people per year. It’s not clear how many people were affected by each incident but the majority were due to “disclosed in error” suggesting a low number of individuals. So a small but finite risk exists already just through our identifiable data being in the care of NHS staff (regardless of opt out or not). I offer the opinion that the care.data will be safer than this as it will not be accessible in an identifiable form. By way of comparison the risk of dying in a car accident in the UK is 1 in 20,000 per year or a plane accident is 1 in 3.5 million (http://www.medicine.ox.ac.uk/bandolier/booth/Risk/trasnsportpop.html). Of course I am not condoning that any risk is acceptable, even one is too many, but I would argue that this risk is for readily identifiable data that can be left lying around on a desk etc.
      If we are talking about retrospectively identifying a pseudo-anonymised person, this requires a person to be motivated to do such a thing as well as get hold of the data to do it. In the frequently cited example from Massachusetts in the mid 1990s (hasn’t there been anything more recently?) the data were supplied freely so anybody who wanted to have a go at it could do so. Under the care.data scheme, access to the anonymised data would be very strictly controlled, not posted on the internet. The existing research databases supply only age and gender there are no geographical identifiers and it is strictly controlled who and for what purpose this can be accessed. I have not heard of any confidentiality issues with these existing research databases (though maybe they have happened).
      It is my personal opinion that this level of risk is acceptable to me when balanced against the benefit to all healthcare users. Of course everybody has their own opinion and can make their own decision about opting out.
      Best wishes

  3. Gavin April 28, 2014 at 7:55 am #

    In response to David A (patient), you might be interested to read some of Ben Goldacre’s most recent comments on care.data, from an article in The Guardian on 28th February:

    “I am embarrassed. Last week I wrote in support of the government’s plans to collect and share the medical records of all patients in the NHS, albeit with massive caveats. The research opportunities are huge, but we already knew that the implementation was chaotic, with poor public information, partly because the checks and balances on who gets access to data – and how – have not yet been devised or implemented. When you’re proposing to share our most private medical records, vague promises and an imaginary regulatory framework are not reassuring.

    Now it’s worse. On Monday, the Health and Social Care Information Centre admitted giving the insurance industry the coded hospital records of millions of patients, pseudonymised, but re-identifiable by anyone with malicious intent, as I explained last week. These were crunched by actuaries into tables showing the likelihood of death depending on various features such as age or disease, to help inform insurance premiums.”

    “To summarise, a government body handed over parts of my medical records to people I’ve never met, outside the NHS and medical research community, but it is refusing to tell me what it handed over, or who it gave it to, and the minister is now incorrectly claiming that it never happened anyway.”

    You can read the full article in The Guardian:


  4. Jill Stocks April 28, 2014 at 9:02 am #

    That is so disappointing and depressing.

    • David A (patient) April 28, 2014 at 9:49 am #

      Yes, it is disappointing. The whole thing needs to be administered by competent ethical people.
      Perhaps Dr Geraint Lewis (NHS England’s Chief Data Officer, mentioned above) could reply to this blog and let us know what he is doing to get his house in order. With a candid detailed reponse – not just platitudes.
      Anyway, I notice that in the full article, Dr Goldacre still seems to support a properly administered database for medical research.
      I hope Dr Lewis and his staff are working hard to deliver this.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: