Some six months after care.data1, the contentious plan to upload personal medical data held by GPs to big-daddy mainframes, was stalled to allow a FF style listening exercise, care.data2 has been announced. The Information Emperor, Tim Kelsey, insists NHS England has listened, and heard – ‘heard, loud and clear’ – but it seems to Dr No that instead of hearing the waves of discontent crashing on the beach, all NHS England has heard is the wind rushing through the night. Getting on for two million patients registered at ‘pathfinder’ practices will have their GP records, including date of birth, NHS number and postcode, uploaded to big-daddy, with the default being opt-in unless the patient explicitly opts out. Since care.data1 had GP records, including date of birth, NHS number and postcode, uploaded to big-daddy, with the default being opt-in unless the patient explicitly opted out, nothing key appears to have changed. The only high profile change, which does nothing to change care.data itself, is that, instead of a bungled central promotion, care.data will be now be promoted by GPs, many of whom, we may note in passing, are not happy to be cast as the Emperor’s new goons.
As a jobbing epidemiologist, Dr No can see the scientific appeal of care.data. For researchers, it makes longitudinal studies, studies that follow individual patients over time, much easier, with the added bonus that all manner of extra medical and lifestyle data about the patient come bundled with the package. Like a child before a Christmas tree, the epidemiologist in Dr No sees a dazzling array of glittering lights, sparkling gems and enticing parcels, a gorgeous tree of knowledge reaching up to the ceiling.
With a truth fairy on top. The other less childish Dr No sees another tree of knowledge reaching not just to the ceiling, but beyond, into the darkness of the attic, where unseen gloved hands extend from the shadows to pluck at the forbidden fruit. Were we ever to see those hands, we would see that they are dressed in the liveries of ‘indirect care’ – a bizarre Caldicott oxymoron that includes, amongst other ‘activities’, ‘financial audit’ and ‘risk prediction and stratification’.
Personal care.data, recall, includes your date of birth, NHS number and postcode, meaning that those who gain access to personal care.data not only know where you live, but who you are. Across England, back-room Billys in NHS boiler rooms will eagerly steam open the envelope of your medical records, and will know, after they have done their ‘financial audits’ and ‘risk prediction and stratification’, what illnesses you have, how much you have cost the NHS, and are likely to the cost the NHS. They will also almost always know too whether you smoke, what you drink and if you are overweight. Unless, that is, you ate all the pies, and then told your GP porkies.
Naturally, access to personal care.data is wrapped up in a strict approvals process, and can only happen in a so-called ASH – a rather unfortunate acronym, given that ash normally only occurs after something has gone up in smoke – or ‘accredited safe haven’. Back in March, the HSJ reported that some 57 organisations had registered their intention to become ASHs, with around 45 approved, 21 of them CCGs. We can be pretty sure that since March, a lot more smoke has gone up, and a lot more ASHs have been scattered round the country.
This about to happen explosion of personal medical data is unprecedented. In a perfect world where security never failed and the intentions of all were good, we might welcome care.data and what it offers. But the world is not perfect, and, according to Genesis, never was after the forbidden fruit on another tree of knowledge were plundered. The Ancient Greek version of the tree of knowledge is Pandora’s Box. In both myths, one bad call caused a lot of subsequent trouble. Somebody, somewhere, is trying to tell us something.
Had the Emperor’s new data been genuinely different, in particular by changing the default to opted out, Dr No might have considered buying in at least to the idea, on the basis that an explicit opt-in implies consent, insofar as we don’t, or at least shouldn’t, sign anything we don’t understand. But the retention of the default opt-in reeks to Dr No of a persistent cavalier attitude to our personal medical data that does not bode well for the future. Sadly, care.data2 is the Emperor’s new data. Dr No is going to opt out.