Discussion:
DHSC sells your private medical data to corporations - and it is not anonymous
Add Reply
Keema's Nan
2020-02-09 08:58:16 UTC
Reply
Permalink
The Department of Health and Social Care has been selling the medical data of
millions of NHS patients to American and other international drugs companies
having misled the public into believing the information would be
“anonymous”, according to leading experts in the field.

Senior NHS figures have told the Observer that patient data compiled from GP
surgeries and hospitals – and then sold for huge sums for research – can
routinely be linked back to individual patients’ medical records via their
GP surgeries. They say there is clear evidence this is already being done by
companies and organisations that have bought data from the DHSC, having
identified individuals whose medical histories are of particular interest.

Concerns that the data is not truly “anonymous” have been raised by
senior NHS officials, who believe the public are not being told the full
truth. But the DHSC insists it only sells on information after thorough
measures have been taken to ensure the complete anonymity and confidentiality
of patients’ personal information.

In December, the Observer revealed
(https://www.theguardian.com/politics/2019/dec/07/nhs-medical-data-sales-
american-pharma-lack-transparency)that the government had raised £10m in
2018 by granting licences to commercial and academic organisations across the
world that wanted access to so-called anonymised data. If patients do not
want their data to be used for research they have to actively “opt out”
of the system at their GP surgery.

Access to NHS data is increasingly sought by researchers and global drugs
companies because it is one of the largest and most centralised public
organisations of its kind in the world, with unique data resources.

Washington has already made clear it wants unrestricted access to Britain’s
55 million health records – estimated to have a total value of £10bn a
year – as part of any post-Brexit trade agreement. Leaked details of
meetings between US and UK trade officials late last year showed that the
acquisition of as much UK medical data as possible is a top priority for the
US drugs industry.

Now the DHSC and the agencies responsible for handling and selling data are
increasingly under pressure to tighten up controls, to protect patient
privacy and prevent information being misused.

Asked if it was right to say that the patient data was anonymous, as claimed,
Professor Eerke Boiten, director of the Cyber Technology Institute at De
Montfort University in Leicester, said: “The answer is no, it is not
anonymous.

“If it is rich medical data about individuals then the richer that data is,
the easier it is for people who are experts to reconstruct it and re-identify
individuals.”

Boiten believes more thought should be given to controlling and limiting the
sale of data to prevent it potentially being sold on by the initial purchaser
to companies with huge information stores and global reach. “If Google, for
instance, were to use this data and end up finding a cure for cancer, and
then sold the cure back to the NHS for huge sums of money, then I think we
could say we had missed a trick,” he said.

The NHS has previously faced claims that medical data from millions of
patients has beensold to insurance companies
(https://www.theguardian.com/society/2014/jan/19/nhs-patient-data-available-
companies-buy).

Phil Booth, coordinator of medConfidential, which campaigns for the privacy
of health data, said the public was being betrayed by claims that the
information could not be linked back to individuals. “Removing or obscuring
a few obvious identifiers, like someone’s name or NHS number from the data,
doesn’t make their medical history anonymous,” he said. “Indeed, the
unique combination of medical events that makes individuals’ health data so
ripe for exploitation is precisely what makes it so identifiable. Your
medical record is like a fingerprint of your whole life.

“Patients must know how their data is used, and by who. Alleging their data
is anonymous when it isn’t, then selling it to drugs and tech companies –
or, through intermediaries, to heaven knows who – is a gross betrayal of
trust. People who are rightly concerned about such guile and lack of respect
have every right to opt out, if they want their and their family’s medical
information kept confidential and for their own care.”

Licences to buy data are issued by the Clinical Practice Research Datalink
(CPRD), part of the Medicines and Healthcare Products Regulatory Agency
(MHRA). A spokesman said any information sold had been “anonymised in
accordance with the Information Commissioner’s Office (ICO) anonymisation
code of practice”.

Until early December, the CPRD said on its website the data it made available
for research was “anonymous” but, following theObserver’sstory, it
changed the wording to say that the data from GPs and hospitals had been
”anonymised” – meaning only that some measures had been taken to
de-identify it.

Booth added: “Following the ICO’s code of practice does not mean that
data is necessarily anonymous. The law now recognises that one of the most
common methods of ‘anonymisation’ – the use of pseudonyms to obscure
some bits of information – means that data is still identifiable. Indeed,
the information commissioner herself says it must be considered personal
data.”

Information disclosed by some of CPRD’s customers clearly suggests they can
link the information back to individual patient records via their GP
surgeries. The Boston Collaborative Drug Surveillance Program in the US,
which uses DHSC data, sayson its website (http://www.bu.edu/bcdsp/gprd/):
“Anonymized information from the CPRD on demographics, outpatient visits,
hospitalizations and prescriptions dispensed is available to [our]
researchers. Validation of diagnoses, reports of diagnostic tests and
anonymized notes from hospitalizations and referrals can be obtained from the
general practitioner upon request.”

If the data were truly anonymous it would be impossible to retrieve an
individual patient’s medical notes.Neil Bhatia, a GP who is Information
Governance Lead and data protection Officer in Hampshire, said: “Truly
anonymous data – utterly incapable of being traced back to an individual
– is very hard to achieve, given that there is so much information about us
in the public domain and held by companies such as Facebookand Google,
because so much of our personal data is out there thanks to the massive data
breaches over the last few years. In fact, it’s almost impossible for
record-level data (where each line of the dataset corresponds to an
individual) to be made truly anonymous.”
Maxwell Boltzmann
2020-02-09 09:13:18 UTC
Reply
Permalink
Post by Keema's Nan
Washington has already made clear it wants unrestricted access to Britain’s
55 million health records – estimated to have a total value of £10bn a
year – as part of any post-Brexit trade agreement.
Balls.
--
Max
Keema's Nan
2020-02-09 09:28:58 UTC
Reply
Permalink
Post by Maxwell Boltzmann
Post by Keema's Nan
Washington has already made clear it wants unrestricted access to Britain’s
55 million health records – estimated to have a total value of £10bn a
year – as part of any post-Brexit trade agreement.
Balls.
The USA have us by the balls, yes.
Roger
2020-02-09 11:06:55 UTC
Reply
Permalink
Post by Keema's Nan
Post by Maxwell Boltzmann
Post by Keema's Nan
Washington has already made clear it wants unrestricted access to Britain’s
55 million health records – estimated to have a total value of £10bn a
year – as part of any post-Brexit trade agreement.
Balls.
The USA have us by the balls, yes.
Ask a commercial organisation what they would like and they will reach for the stars.

The arguments in this are bit like lending somebody some money because a leaked diary revealed that they dream of winning the pools.

There is a more serious issue here that has nothing in particular to do with the USA and everything to do with how we handle our data.

Seems to me they totally miss the point here (they are too fixed on turning it into anti american anti trade deal anti anything rhetoric).

The problem is how anonymous is anonymous data. It's very easy to remove personal data and just leave reference numbers that individual researchers could never trace back to an individual without having access to data they cannot access.

But in the age of Big Data it's increasingly difficult to track just who has exactly what data available for their research, how that can be correlated, and then how correlated data can be used make new lines of research.

It's also funny how people readily accept the finding of astrophysicists, geologists and archaeologists who are often making incredible revelations based on tiny fragments of data or material, and yet they are not prepared to accept that simple correlation of data such as where is a mobile phone, anonymous store card data, and and accepting website cookies can build up amazingly detailed profiles.

Being anonymous these days is as difficult as finding good journalists ;-)
Keema's Nan
2020-02-09 11:20:44 UTC
Reply
Permalink
Post by Roger
Post by Keema's Nan
Post by Maxwell Boltzmann
Post by Keema's Nan
Washington has already made clear it wants unrestricted access to Britain’s
55 million health records – estimated to have a total value of £10bn a
year – as part of any post-Brexit trade agreement.
Balls.
The USA have us by the balls, yes.
Ask a commercial organisation what they would like and they will reach for the stars.
The arguments in this are bit like lending somebody some money because a
leaked diary revealed that they dream of winning the pools.
There is a more serious issue here that has nothing in particular to do with
the USA and everything to do with how we handle our data.
Seems to me they totally miss the point here (they are too fixed on turning
it into anti american anti trade deal anti anything rhetoric).
The problem is how anonymous is anonymous data. It's very easy to remove
personal data and just leave reference numbers that individual researchers
could never trace back to an individual without having access to data they
cannot access.
But in the age of Big Data it's increasingly difficult to track just who has
exactly what data available for their research, how that can be correlated,
and then how correlated data can be used make new lines of research.
It's also funny how people readily accept the finding of astrophysicists,
geologists and archaeologists who are often making incredible revelations
based on tiny fragments of data or material, and yet they are not prepared to
accept that simple correlation of data such as where is a mobile phone,
anonymous store card data, and and accepting website cookies can build up
amazingly detailed profiles.
Being anonymous these days is as difficult as finding good journalists ;-)
Possibly, but when I sign up for a mobile phone I accept that my location
data and other info will be sold on by the company, similarly with credit
card and facebook information.

What I do not do, and have not done in the past, when visiting my GP and
giving them the details of highly personal ailments is sign up to the idea
that once the doctor has added my symptoms, diagnosis, and treatment onto my
record card; the data can be sold for large amounts of cash to all and sundry
for profiteering purposes, and I get nothing - not even a note to say that my
data is up for sale.

No one asked for my consent to do this, and I doubt I am in a minority when I
say that I would refuse the request point blank.
Roger
2020-02-09 17:55:48 UTC
Reply
Permalink
Post by Keema's Nan
Post by Roger
Post by Keema's Nan
Post by Maxwell Boltzmann
Post by Keema's Nan
Washington has already made clear it wants unrestricted access to
Britain’s
55 million health records – estimated to have a total value of £10bn a
year – as part of any post-Brexit trade agreement.
Balls.
The USA have us by the balls, yes.
Ask a commercial organisation what they would like and they will reach for the stars.
The arguments in this are bit like lending somebody some money because a
leaked diary revealed that they dream of winning the pools.
There is a more serious issue here that has nothing in particular to do with
the USA and everything to do with how we handle our data.
Seems to me they totally miss the point here (they are too fixed on turning
it into anti american anti trade deal anti anything rhetoric).
The problem is how anonymous is anonymous data. It's very easy to remove
personal data and just leave reference numbers that individual researchers
could never trace back to an individual without having access to data they
cannot access.
But in the age of Big Data it's increasingly difficult to track just who has
exactly what data available for their research, how that can be correlated,
and then how correlated data can be used make new lines of research.
It's also funny how people readily accept the finding of astrophysicists,
geologists and archaeologists who are often making incredible revelations
based on tiny fragments of data or material, and yet they are not prepared to
accept that simple correlation of data such as where is a mobile phone,
anonymous store card data, and and accepting website cookies can build up
amazingly detailed profiles.
Being anonymous these days is as difficult as finding good journalists ;-)
Possibly, but when I sign up for a mobile phone I accept that my location
data and other info will be sold on by the company, similarly with credit
card and facebook information.
What I do not do, and have not done in the past, when visiting my GP and
giving them the details of highly personal ailments is sign up to the idea
that once the doctor has added my symptoms, diagnosis, and treatment onto my
record card; the data can be sold for large amounts of cash to all and sundry
for profiteering purposes, and I get nothing - not even a note to say that my
data is up for sale.
No one asked for my consent to do this, and I doubt I am in a minority when I
say that I would refuse the request point blank.
NHS data, in anonymous statistical form, has been available to medical research for a long time. Possibly always.

And I think most would consider that a good thing.

Nobody asked your consent because anonymous data is not your property; where it otherwise a bus company could not even publish statistics on the usage of bus routes without passenger permission.

Also, I think most people would agree that if that data is made available to commercial companies, they should at least offset the costs of collating and handling that data (note that the 10billion stated in the article is hypothetical).

The real issue is that in modern data glut and connected society that data is less anonymous, and nobody really knows how anonymous.

And when you click accept on your phone you helping make the medical data less anonymous.
Keema's Nan
2020-02-09 18:27:31 UTC
Reply
Permalink
Post by Roger
Post by Keema's Nan
Post by Roger
Post by Keema's Nan
Post by Maxwell Boltzmann
Post by Keema's Nan
Washington has already made clear it wants unrestricted access to
Britain’s
55 million health records – estimated to have a total value of £10bn
a
year – as part of any post-Brexit trade agreement.
Balls.
The USA have us by the balls, yes.
Ask a commercial organisation what they would like and they will reach for
the stars.
The arguments in this are bit like lending somebody some money because a
leaked diary revealed that they dream of winning the pools.
There is a more serious issue here that has nothing in particular to do with
the USA and everything to do with how we handle our data.
Seems to me they totally miss the point here (they are too fixed on turning
it into anti american anti trade deal anti anything rhetoric).
The problem is how anonymous is anonymous data. It's very easy to remove
personal data and just leave reference numbers that individual researchers
could never trace back to an individual without having access to data they
cannot access.
But in the age of Big Data it's increasingly difficult to track just who has
exactly what data available for their research, how that can be correlated,
and then how correlated data can be used make new lines of research.
It's also funny how people readily accept the finding of astrophysicists,
geologists and archaeologists who are often making incredible revelations
based on tiny fragments of data or material, and yet they are not prepared to
accept that simple correlation of data such as where is a mobile phone,
anonymous store card data, and and accepting website cookies can build up
amazingly detailed profiles.
Being anonymous these days is as difficult as finding good journalists ;-)
Possibly, but when I sign up for a mobile phone I accept that my location
data and other info will be sold on by the company, similarly with credit
card and facebook information.
What I do not do, and have not done in the past, when visiting my GP and
giving them the details of highly personal ailments is sign up to the idea
that once the doctor has added my symptoms, diagnosis, and treatment onto my
record card; the data can be sold for large amounts of cash to all and sundry
for profiteering purposes, and I get nothing - not even a note to say that my
data is up for sale.
No one asked for my consent to do this, and I doubt I am in a minority when I
say that I would refuse the request point blank.
NHS data, in anonymous statistical form, has been available to medical
research for a long time. Possibly always.
Possibly, but when official departments resort to lying (a more frequent
occurrence these days), and when found out start to backtrack on their
statements, I take everything they say with a massive pinch of salt.

Hence - "Until early December, the CPRD said on its website the data it made
available
for research was “anonymous” but, following theObserver’s story, it
changed the wording to say that the data from GPs and hospitals had been
”anonymised” – meaning only that some measures had been taken to
de-identify it.”

And - "Asked if it was right to say that the patient data was anonymous, as
claimed,
Professor Eerke Boiten, director of the Cyber Technology Institute at De
Montfort University in Leicester, said: “The answer is no, it is not
anonymous."

“If it is rich medical data about individuals then the richer that data is,
the easier it is for people who are experts to reconstruct it and re-identify
individuals.”
Post by Roger
And I think most would consider that a good thing.
Nobody asked your consent because anonymous data is not your property; where
it otherwise a bus company could not even publish statistics on the usage of
bus routes without passenger permission.
Also, I think most people would agree that if that data is made available to
commercial companies, they should at least offset the costs of collating and
handling that data (note that the 10billion stated in the article is
hypothetical).
The real issue is that in modern data glut and connected society that data is
less anonymous, and nobody really knows how anonymous.
And when you click accept on your phone you helping make the medical data less anonymous.
Roger
2020-02-09 20:04:02 UTC
Reply
Permalink
Post by Keema's Nan
Post by Roger
Post by Keema's Nan
Post by Roger
Post by Keema's Nan
Post by Maxwell Boltzmann
Post by Keema's Nan
Washington has already made clear it wants unrestricted access to
Britain’s
55 million health records – estimated to have a total value of £10bn
a
year – as part of any post-Brexit trade agreement.
Balls.
The USA have us by the balls, yes.
Ask a commercial organisation what they would like and they will reach for
the stars.
The arguments in this are bit like lending somebody some money because a
leaked diary revealed that they dream of winning the pools.
There is a more serious issue here that has nothing in particular to do with
the USA and everything to do with how we handle our data.
Seems to me they totally miss the point here (they are too fixed on turning
it into anti american anti trade deal anti anything rhetoric).
The problem is how anonymous is anonymous data. It's very easy to remove
personal data and just leave reference numbers that individual researchers
could never trace back to an individual without having access to data they
cannot access.
But in the age of Big Data it's increasingly difficult to track just who has
exactly what data available for their research, how that can be correlated,
and then how correlated data can be used make new lines of research.
It's also funny how people readily accept the finding of astrophysicists,
geologists and archaeologists who are often making incredible revelations
based on tiny fragments of data or material, and yet they are not prepared to
accept that simple correlation of data such as where is a mobile phone,
anonymous store card data, and and accepting website cookies can build up
amazingly detailed profiles.
Being anonymous these days is as difficult as finding good journalists ;-)
Possibly, but when I sign up for a mobile phone I accept that my location
data and other info will be sold on by the company, similarly with credit
card and facebook information.
What I do not do, and have not done in the past, when visiting my GP and
giving them the details of highly personal ailments is sign up to the idea
that once the doctor has added my symptoms, diagnosis, and treatment onto my
record card; the data can be sold for large amounts of cash to all and sundry
for profiteering purposes, and I get nothing - not even a note to say that my
data is up for sale.
No one asked for my consent to do this, and I doubt I am in a minority when I
say that I would refuse the request point blank.
NHS data, in anonymous statistical form, has been available to medical
research for a long time. Possibly always.
Possibly, but when official departments resort to lying (a more frequent
occurrence these days), and when found out start to backtrack on their
statements, I take everything they say with a massive pinch of salt.
Hence - "Until early December, the CPRD said on its website the data it made
available
for research was “anonymous” but, following theObserver’s story, it
changed the wording to say that the data from GPs and hospitals had been
”anonymised” – meaning only that some measures had been taken to
de-identify it.”
And - "Asked if it was right to say that the patient data was anonymous, as
claimed,
Professor Eerke Boiten, director of the Cyber Technology Institute at De
Montfort University in Leicester, said: “The answer is no, it is not
anonymous."
“If it is rich medical data about individuals then the richer that data is,
the easier it is for people who are experts to reconstruct it and re-identify
individuals.”
Post by Roger
And I think most would consider that a good thing.
Nobody asked your consent because anonymous data is not your property; where
it otherwise a bus company could not even publish statistics on the usage of
bus routes without passenger permission.
Also, I think most people would agree that if that data is made available to
commercial companies, they should at least offset the costs of collating and
handling that data (note that the 10billion stated in the article is
hypothetical).
The real issue is that in modern data glut and connected society that data is
less anonymous, and nobody really knows how anonymous.
And when you click accept on your phone you helping make the medical data
less anonymous.
I think your claim they are 'lying' is a bit exaggerated.

Until not along ago removing names and addresses from data would have made them what most people would have regarded as being anonymous.

In this changing world that is no longer the case, and the government have, correctly, updated their position.

That does not mean they had set out to do something dishonest; although another characteristic of modern times is that people are trying to read a plot into everything.
Keema's Nan
2020-02-09 21:01:25 UTC
Reply
Permalink
Post by Roger
Post by Keema's Nan
Post by Roger
Post by Keema's Nan
Post by Roger
Post by Keema's Nan
Post by Maxwell Boltzmann
Post by Keema's Nan
Washington has already made clear it wants unrestricted access to
Britain’s
55 million health records – estimated to have a total value of
£10bn
a
year – as part of any post-Brexit trade agreement.
Balls.
The USA have us by the balls, yes.
Ask a commercial organisation what they would like and they will reach for
the stars.
The arguments in this are bit like lending somebody some money because a
leaked diary revealed that they dream of winning the pools.
There is a more serious issue here that has nothing in particular to do
with
the USA and everything to do with how we handle our data.
Seems to me they totally miss the point here (they are too fixed on turning
it into anti american anti trade deal anti anything rhetoric).
The problem is how anonymous is anonymous data. It's very easy to remove
personal data and just leave reference numbers that individual researchers
could never trace back to an individual without having access to data they
cannot access.
But in the age of Big Data it's increasingly difficult to track just who
has
exactly what data available for their research, how that can be correlated,
and then how correlated data can be used make new lines of research.
It's also funny how people readily accept the finding of astrophysicists,
geologists and archaeologists who are often making incredible revelations
based on tiny fragments of data or material, and yet they are not
prepared
to
accept that simple correlation of data such as where is a mobile phone,
anonymous store card data, and and accepting website cookies can build up
amazingly detailed profiles.
Being anonymous these days is as difficult as finding good journalists ;-)
Possibly, but when I sign up for a mobile phone I accept that my location
data and other info will be sold on by the company, similarly with credit
card and facebook information.
What I do not do, and have not done in the past, when visiting my GP and
giving them the details of highly personal ailments is sign up to the idea
that once the doctor has added my symptoms, diagnosis, and treatment onto my
record card; the data can be sold for large amounts of cash to all and sundry
for profiteering purposes, and I get nothing - not even a note to say that my
data is up for sale.
No one asked for my consent to do this, and I doubt I am in a minority
when
I
say that I would refuse the request point blank.
NHS data, in anonymous statistical form, has been available to medical
research for a long time. Possibly always.
Possibly, but when official departments resort to lying (a more frequent
occurrence these days), and when found out start to backtrack on their
statements, I take everything they say with a massive pinch of salt.
Hence - "Until early December, the CPRD said on its website the data it made
available
for research was “anonymous” but, following theObserver’s story, it
changed the wording to say that the data from GPs and hospitals had been
”anonymised” – meaning only that some measures had been taken to
de-identify it.”
And - "Asked if it was right to say that the patient data was anonymous, as
claimed,
Professor Eerke Boiten, director of the Cyber Technology Institute at De
Montfort University in Leicester, said: “The answer is no, it is not
anonymous."
“If it is rich medical data about individuals then the richer that data is,
the easier it is for people who are experts to reconstruct it and re-identify
individuals.”
Post by Roger
And I think most would consider that a good thing.
Nobody asked your consent because anonymous data is not your property; where
it otherwise a bus company could not even publish statistics on the usage of
bus routes without passenger permission.
Also, I think most people would agree that if that data is made available to
commercial companies, they should at least offset the costs of collating and
handling that data (note that the 10billion stated in the article is
hypothetical).
The real issue is that in modern data glut and connected society that data is
less anonymous, and nobody really knows how anonymous.
And when you click accept on your phone you helping make the medical data
less anonymous.
I think your claim they are 'lying' is a bit exaggerated.
And so the brainwashing of the sheep continues.

Good luck with your future.
Post by Roger
Until not along ago removing names and addresses from data would have made
them what most people would have regarded as being anonymous.
In this changing world that is no longer the case, and the government have,
correctly, updated their position.
That does not mean they had set out to do something dishonest; although
another characteristic of modern times is that people are trying to read a
plot into everything.
Roger
2020-02-09 22:17:04 UTC
Reply
Permalink
Post by Keema's Nan
And so the brainwashing of the sheep continues.
Who is being brainwashed? Seems to me there are a lot of people welcome to be brainwashed into the idea that everything the Government does is a plot against the people. I think Yes Minister is closer to reality than Citizen Smith :D
Post by Keema's Nan
Good luck with your future.
My health data is held by the ASL of Piedmonte. Although 'held' is an exaggeration, I hold copies of it all and take it along with me as they will never actually have it.
Loading...