On Wednesday 6 July 2016, the National Data Guardian for Health and Care’s Review of Data Security, Consent and Opt-Outs (also known as the Caldicott Review or Caldicott 3) was published. There has been much public debate about the sharing of medical data for research in recent years and concerns over data security, privacy and access.
Patients with rare and genetic conditions tend to be relatively aware of the potential benefits of data sharing for research purposes and be more comfortable with their personal information being used for this purpose. Given the small number of individuals affected by rare conditions, patients recognise that collecting as much data as possible, often across international boundaries, is vital if enough information about their condition is to be made available to researchers in order for them to carry out meaningful studies. For these patients, not sharing data would be detrimental to research efforts and as a result, to the scientific advancements these patients and families look to for improvements to the quality and length of their own lives or the lives of their loved ones.
Patients tend to be less informed about how information about them can be used to evaluate and improve health and social care services, though this also has potentially huge benefits.
Following public backlash against the controversial care.data programme, in September 2015 the Secretary of State for Health commissioned an independent review of data security, consent and opt outs in the health and care sector. The Care Quality Commission (CQC) was asked to undertake a review of data security in the NHS. At the same time Dame Fiona Caldicott, the National Data Guardian, was asked to develop new data security standards that can be applied to all health and care organisations as well as a method of testing compliance with the new standards. She was also asked to propose a new consent model for data sharing in the NHS and social care.
The Review was expected to report back in January 2016, but has been delayed repeatedly. The report makes twenty recommendations, divided up between data security and consent issues. The CQC’s report into how data is already being managed in the NHS, published at the same time, makes a further six recommendations.
The National Data Guardian (NDG) recommends strengthening accountability for data security within organisations similarly to what is seen for financial accountability and clinical standards. This is to include clear ownership by the leadership of the organisation, internal data security validation and external audit. She also recommends that the CQC inspection framework should include consideration of data security standards, and that NHS England should amend its standard contract so that all external contractors providing services in the health and care system are also required to meet these data security standards. She proposes obligations for leaders of health and care organisations to commit to in order to ensure that the people, processes and technology in their organisations are prepared to meet the data security standards she proposes.
There are a number of recommendations relating to adapting the existing IG Toolkit (IG refers to information governance), an online system produced by the Health & Social Care Information Centre (HSCIC, soon to be renamed NHS Digital) which allows organisations to assess their information governance processes against national standards. The changes proposed are intended to embed the new standards; to identify exemplar organisations and those that might benefit from additional support to enable peer support; and to allow the easy cascading down of lessons learned between and within organisations. She also proposes that the HSCIC use the IG Toolkit to identify ‘at risk’ organisations and notify the CQC that an inspection may be appropriate.
She recommends harsher sanctions in cases of malicious or intentional data security breaches, including cases where anonymised data is used for the deliberate or negligent re-identification of individuals.
The NDG acknowledges that the case for data sharing still needs to be made to the majority of the public, and suggests that all health, social care, research and public organisations need to share responsibility for communicating to the public why data sharing is so important. She emphasises the central importance of healthcare professionals in communicating how information is used. She also suggests that the National Information Board look into how to build greater public trust in data sharing for health and social care.
Dame Fiona was asked to propose a single question consent model which makes it absolutely clear to patients and users of care when health and care information about them will be used, and in what circumstances they can opt out. Instead, she proposes an eight point model to explain to patients and users of social care services what an opt-out would do. However she doesn’t express views on whether there should be a single opt-out covering personal confidential information being used both in running the health and social care system and to support research and improve treatment and care, or whether this should be presented as two separate opt-outs. This is being put to public consultation, along with the question of whether this should be presented as a choice between different data sharing options or as tick boxes to indication that the individual is opting out of data sharing.
Contrary to what had previously been expected, Dame Fiona is proposing that the opt-out only apply to personal confidential information: that is, information that relates to a living individual who can be identified from that information. The opt-out will not apply to anonymised or de-identified data. Instead the Review proposes that personal confidential data should be passed to the HSCIC, as the statutory safe haven of the health and social care system, to de-identify or anonymise and share it with those that need to use it, and that this not be subject to the opt-out. There are also a number of contexts in which the opt-out does not apply to the use of personal confidential data, such as where there is an overriding public interest or where required by law.
In light of Caldicott’s recommendations George Freeman MP, the Parliamentary Under Secretary of State for Life Sciences, has announced that NHS England has taken the decision to close the care.data programme.
The NDG recommends that the Department of Health conducts a full and comprehensive public consultation on the proposed data security standards and proposed new consent/opt-out model. This was launched shortly after the publication of the Review, and will be open until 7 September 2016. Alongside this there will be further testing of the opt-out questions with various stakeholder groups. The Wellcome Trust has also announced that they will be setting up an independent taskforce in response to Dame Fiona’s recommendations, which we look forward to being involved with.
The model that is proposed appears positive for patients with genetic, rare and undiagnosed conditions by permitting wide usage of anonymised data for research without requiring the consent of the individual or allowing patients to opt out of sharing this, which would benefit research by enabling the creation of comprehensive de-identified but linked data sets. However, we are concerned that the lack of transparency about the anonymisation process and the lack of clarity about the rules on the use of anonymised data may lead to further public backlash. Additionally little consideration appears to have been given to the high risk of patients having their identity compromised, even without deliberate or negligent re-identification, solely as a consequence of the rarity of their condition.
Genetic Alliance UK will continue to engage with this process in hopes that the final model will meet the needs of our community.