Half a million 'de-identified' patients records to be shared in Bradford The UK city of Bradford is to share the "de-identified" medical data of half a million patients from 88 GP surgeries across the region. We're told this will help improve treatments for frailty and childhood obesity. Under the Connected Health City project, the data will be shared across two trusts, three clinical commissioning …
Why do any charities need to have access to data, regardless of whether it has been 'de-identified' or not?
Sue Ryder do carry out research, although their website doesn't really go into a huge amount of detail about it.
If I put my scientific data geek hat on I can see how this data could be useful in palliative care. You could investigate something like how long HIV or cancer patients live depending on which drug protocols are used or seeing if you can predict which patients suffer the most pain according to their medical history which could then alert doctors to act.
Yep, nailed it. We have very strict Information Governance criteria for what we deem to be "non patient identifiable data" and stripping name and MRN number is not even close to sufficient. If they keep even part of the postcode for regional reporting, for instance, that's a huge nono.
Also, bonus points to the article because I didn't know SystmOne was so completely fucked.
I could probably be identified using "anonymized data" giving a 10+ year age window, my sex, my medical conditions. and the county let alone post code, from speaking to Dr's these details alone are enough to get a 100% match as me. I have a rather unique set of medical conditions.
funnily i give the do not share codes to my GP and wrote a letter to the data protection officer of the hospital Trust saying under the data protection act i didn't authorise the sharing of my data even when anonymized with the HSCIC or any other 3rd party organisations outside the NHS. I have since seen the letter in the front of my medical file.
i do allow it to be used for teaching purposes WITHIN the trust.
I temped in a paper medical records library for a bit. They kept the "interesting" files locked in the supervisor's office. "Interesting" meant people like players in the local (major) football team or a notorious criminal residing at Her Majesty's pleasure. Had the latter record ever been leaked then the tabloid press would have been all over the story...
HSCIC (NHS Digital) was granted a "get out of jail free card" so it can and has Legal authority given by parliament to be exempt from some of the regulation of the data protection act.
which is partly why it is not the NHS (directly) so as its separate it is not overseen by the Health Minister Directly so they cannot be culpable for data loss.
I'm not sure how new this kind of data sharing is. A lot of this information is in CPRD, which has millions of anonymised* British patients' medical records in.
*you can only see that a patient is at a surgery in say the South West of England, so arguably is more anonymised than just having surgeries in the Bradford area as in the article.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
