Open in app

Sign in

Write

Sign in

Beware! A new data bandwagon is rolling

Alan Mitchell
Mydex
Published in
7 min readFeb 13, 2024

A campaign to privatise NHS health data — your data — is now under way and building momentum.

It started in earnest in November 2023, when the Government handed a £330m contract to the US spyware firm Palantir to build a ‘federated data platform’ that will enable NHS trusts and regional health systems to share confidential patient information. Then, last week, The Times ran a front page story calling for the creation of ‘digital health passports’ which would take this process much further.

The week before that, former prime minister Tony Blair and former Leader of the Conservative Party William Hague joined forces in a report calling for the creation of an NHS Data Trust. This Trust would gather individuals health data from many different sources (e.g. NHS Trusts, GPs, care services, pharmacists), assemble it in one place and sell it to Big Tech firms in the private sector.

How to build a bandwagon

Bandwagons wreak untold damage by following these basic four steps:

1) Admit there’s a problem with something you’ve been stubbornly ignoring for years. The NHS tells us that its new Federated Data Platform is needed because, historically, data was “held in different systems that didn’t speak to each other, creating burdens for staff and delays to patient care” and making it “difficult to work at scale and share information”. People (including us at Mydex) have been complaining about this for decades.

2) Wax lyrical about all the benefits that would flow if this problem was addressed. The NHS promises that improved data sharing will “bring big benefits for patients by ensuring more joined up care, greater choice and improved health outcomes”.

The Times Health Commission, whose work is the subject of its front page article, tells us that by enabling patients to “have their health information digitally stored in one place any doctor treating them can access their records no matter where they are”. Patients would gain access to their own medical records, and be able to use the system as a gateway to book appointments, order prescriptions, view test results and contact doctors.

What’s not to like? We at Mydex CIC have been banging on about exactly these things for many years now.

Bait and switch

Then comes the crucial third step. 3) Propose a solution which seems to solve the problem but which doesn’t — which delivers an entirely different outcome instead. This is the crucial bait and switch; the secret sauce of every successful bandwagon.

The fourth step then follows so smoothly it’s almost automatic. 4) Use the excitement and enthusiasm generated for the benefits you are promising to implement the bait-and-switch solution — to deliver an entirely different outcome.

The likely end result in this case is:

  1. Huge amounts of available time, effort, energy and resources squandered on white elephant IT projects that never delivers their promise.
  2. A raft of other ‘unintended’ consequences, such as handing over one of the country’s — and your — most valuable assets to big US tech monopolies.

The trick with all such bandwagons is to exploit peoples’ best intentions — to harness their enthusiasm, commitment and energy — and to use this enthusiasm and energy for your own purposes, leaving them to suffer the consequences and clear up the mess.

In this case, it is absolutely right and necessary that available data is shared to generate more efficient joined up, seamless services that deliver better outcomes. But the solutions being proposed will do the exact opposite. Instead, they will neatly assemble our personal data into juicy packages and deliver them on a plate, ready and waiting for Big Tech vultures to pounce.

Real and pretend solutions

There are basically two different ways to share data: the centralised organisation-centric way, and the distributed, decentralised person-centric way.

This bandwagon is all about promising the benefits of the person-centric approach while delivering its opposite: recreating, deepening and extending the centralised approach that caused all of our current problems in the first place — only this time, at a higher, bigger level.

The organisation-centric centralised solution to the problem of data sharing has the following characteristics.

  • It requires the Government to create vast new IT projects, which hand over hundreds of millions of pounds over to big US tech firms (such as Palantir). Such projects somehow never actually deliver what they were supposed to deliver, but always take far longer to complete and cost far more than their original projections.
  • It compounds rather than simplifies or eliminates the critical data logistics issues of how to move data from one provider to another (or provide access to this data) while a) ensuring its reliability and b) protecting the privacy of the individuals the data relates to.
  • It compounds rather than reduces the complexities and risks of managing consents, permissions and GDPR compliance, especially across borders. Proponents of these solutions always make a big point about patients being ‘in control’. But in reality, what they mean by this is that people will be bombarded with requests for permissions to access their data using processes that are both annoying and wide open to gaming — like the cookie pop-ups that plague our use of websites today. Meanwhile, they are disturbingly vague about who, exactly, would be able to access this data. (What do they mean, for example, by the word ‘researchers’?)
  • It limits the data that can be collected. As The Times Health Commission points out, one key problem with the current NHS Federated Data Platform is that it does not include GP or social care data, so even when it is implemented services will still not be properly integrated. The Health Commission therefore wants to go further, integrating data from GPs, NHS hospitals, pharmacies and social care.

But even then, if your real goal is to address a person’s health, you would still be falling short. According to WHO, 60% of health outcomes are determined largely or mainly by lifestyle issues — data which health services do not collect. Which means that even if the Health Commission solution was implemented, many of its promises could never be realised.

But never mind. The bandwagoneers have an even better answer. In their proposals for the creation of an NHS Data Trust, Tony Blair and William Hague recognise this, talking of the need to integrate data about individuals’ “lifestyle, genetics, personality and physiology”, all of which could go into the individual’s ‘personal health account’ … and put up for sale to private sector ‘researchers’ for the purposes of ‘commercialisation’!

What started out as a promise of citizen empowerment and seamless service provision somehow ends up as a Big Brother agenda for Big Tech.

  • It limits the uses to which this data can be put. The biggest opportunity for improvement in health services today is not access to medical records per se but the organisation, coordination, planning, handovers and administration of all the activities that surround them. It’s about the ability to access and share exactly the right data at the right times. That requires a modular approach to data management, capable of instant and endless configuration and reconfiguration, that these centralised systems can never deliver.

Making real progress possible

Empowering citizens with their own data is the alternative approach to the problems the bandwagoneers are now claiming to address. Under this decentralised approach (which Mydex has been building for decades, and which is now live and operational) individuals are equipped with tools to collect all the data they need to manage their lives in their own database. This database remains directly under their control, in systems that work independently of the systems used by organisations that hold data about them.

These organisations deposit copies of key data in the individual’s personal data store. Individuals can choose to selectively share relevant portions of this data to service providers they trust and want to deal with.

This approach avoids all the problems associated with the new centralised systems now being campaigned for by the bandwagoneers.

  • Far from requiring vast, expensive, time consuming new and risky IT contracts, the infrastructure already exists and can be implemented incrementally on a very low cost, case-by-case, test-and-learn basis.
  • It simplifies data logistics issues because it is designed at heart to enable automated data sharing (via APIs that create safe links between key data points) directly under the individual’s control (like a direct debit).
  • It simplifies issues relating to consents and permissions via standardised data sharing agreements that make it clear what data is being shared, with who, for what purposes. It builds implementation of human rights into the day-to-day operations of service provision.
  • It expands the range of data that can be collected, to include lifestyle data and data from other sources such as data from individuals’ own wearable devices. The only people able to see all of this data are the individuals themselves — because all the data is encrypted and only they have the encryption key that provides access to it. But they can share relevant bits of it whenever they need to.
  • It can simply be plugged into existing systems and services directly impacting operational delivery of health and care services, helping to heal the multiple flaws of the current organisation-centric approach.

Conclusion

It’s good that at last the great and good are beginning to acknowledge that instead of simply hoarding data, to streamline processes, create seamless services and deliver better outcomes, this data needs to be shared. The central question in health today is not whether we should do this, but how.

Elsewhere in Government, some genuine progress is being made. For example, the new UK Identity and Attributes Trust Framework envisages equipping people with their very own Personal Holder Service (personal data store) by which they can collect, receive, store and share data about their lives, where and when they want. These Holder Services give citizens agency and control while enabling safe, efficient, fit-for-purpose data sharing.

What’s needed is new citizen-empowering data infrastructure such as this — infrastructure that tackles data sharing challenges at their root. But this is not what the bandwagoneers are proposing. Instead, they are simply offering more of the same, only at a different, higher level. Our health services and citizens need and deserve much better than that.

--

--

Alan Mitchell
Mydex

Written by Alan Mitchell

119 Followers
Editor for

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams