Open Letter

  • How is the datastore financed?
  • Has the NHS considered the trade-offs? What trade-offs specifically?
  • What do these considerations look like?
  • What agreements are in place with each private partner?
  • What is the value of the contract with each private partner?
  • Will the private companies be able to use the product trained under the agreement with NHS to improve the future products provided by private companies? If yes, what applications will product(s) trained by NHS data have and for what purposes will it be used.
  • Will any additional agreements, or amendments and changes to existing agreements be shared with the public?
  • Will the NHS be able to easily switch development partners if needed?
  • Will the datastore make use of software controlled by one of its private partners? What software?
  • What intellectual property may be created throughout the development of the datastore? Who will hold these rights?
  • What specific data will each party have access to?
  • What are the terms governing these parties’ usage of the data?
  • To what extent will data access by these parties be audited?
  • Has a Data Protection Impact Assessment been made for each of these partnerships? When will such an assessment be made public? If they are not made public what is the reason for not disclosing them?
  • What data sources will be pooled together in the datastore and who will have access?
  • Who does this put at risk and in what way?
  • What measures are in place to protect the most vulnerable?
  • Have these measures been reviewed?
  • Who is actually doing the risk assessment? And when?
  • For what duration is the data collected and what happens when that period ends?
  • If the exit strategy depends on the pandemic ending, then what criteria are used to determine when the pandemic is indeed over? (i.e. when is the promised destruction of the datastore triggered?)
  • What public facing documentation do you intend to provide describing this datastore and the various data sources?
  • Will further use of the datastore by the Department of Health Care Services, or its partners, outside the scope as currently defined, be communicated with the public?
  • What party do you intend to use for privacy compliance and security auditing of the system




Mozilla Fellow working with AlgorithmWatch, researching data trusts / data governance models.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

A guide tour to the Boston Airbnb’s market

Practical Statistics for Data Scientists Chapter Four Regression and Prediction

Applications of Big Data in our daily life

The pandas library with SQlite3 for data analysis /machine learning

Salesforce Marketing Cloud — Data Extraction

MXchips-Az3166-IIoT Time Series Analysis using Azure Data Explorer and IoT Central

From Data Management Systems to Data Science Environments: State of the Art

Building a knowledge graph

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Anouk Ruhaak

Anouk Ruhaak

Mozilla Fellow working with AlgorithmWatch, researching data trusts / data governance models.

More from Medium

‘Dead men are ruling the world’

Einstein's 143 y.o. birthday

New-Irony and Nick Land

The Kaizo Awakening