NHS Digital faces flak for sharing patient data with the Home Office
April 2, 2018
The UK government has justified the use of patient records stored by NHS Digital to weed out illegal immigrants, but doctors believe that by accessing patient information, the government is breaking the trust factor in doctor-patient relationships.
Controversial data-sharing deal
Back in 2016, the government quietly signed a data-sharing agreement that allowed it to access patient records stored by NHS Digital. Such records included only non-medical information and the government said it wanted to use the information to weed out illegal immigrants and those who had violated existing immigration rules.
YOU MAY ALSO LIKE:
The agreement came into force in 2017 and in the same month, NHS handed over non-medical information of more than 8,000 suspected immigrants to the Home Office. Details handed over by NHS included dates of birth, last-known addresses, and names of GPs examining such patients.
The data-sharing agreement has, since it came into force, attracted severe criticism from doctors as well as privacy advocates. Following major concerns raised by citizens across the UK alleging violation of privacy, the government released a statement in an attempt to quell such concerns.
"We share limited information between health agencies and the Home Office to trace immigration offenders and vulnerable people, and prevent those without the right to access benefits and services doing so at the expense of the UK taxpayer.
"Access to this information is strictly controlled, with strong legal safeguards. No clinical information is shared, and before anything at all is shared there has to be a legal basis to do so. Immigration officials only contact the NHS when other reasonable attempts to locate people have been unsuccessful," said a government spokesman.
Violation of privacy laws
In January this year, following a lengthy presentation made by doctors and patient groups, the Commons Health Committee, chaired by MP Sarah Wollaston, directed NHS Digital to "immediately withdraw from the memorandum of understanding, and cease sharing data with the Home Office for immigration tracing purposes, whilst it conducts a full review of its decision on the public interest test for such requests."
The Committee added that NHS Digital did not fully consider or take account of the public interest in maintaining a confidential medical service, or the ethical implications of their decision. It also found NHS Digital's sharing of data with the Home Office in violation of section 253(1)(ca) of the Health and Social Care Act 2012 which required the organisation to respect and promote the privacy of recipients of health services.
"We understand the government has a job to do, but going into health records to get patient information is not OK. The idea that any patient information is being shared with a government body immediately breaks their trust in a doctor-patient relationship," said Lucy Jones, director of programs at Doctors of the World UK.
A number of other doctor and patient groups have also warned that the sharing of their personal information by their doctors with immigration departments would dissuade many immigrants from accessing medical care or sharing their personal details with their doctors, which would, in turn, affect the quality of treatment.
Sarah Wilkinson, the head of NHS Digital, said that her department would consider the recommendations of the Commons Health Committee, but wanted citizens to know that NHS treated confidentiality as a high priority.
"I think we take into account and hold incredibly high regard for the public's belief that the NHS holds their data confidentiality. I totally believe that. I believe we've built an organisation in NHS Digital that places that principle at the absolute highest," said Noel Gordon, chairman of NHS Digital.
Jay Jay is a freelance technology writer for teiss. He has previously written news articles, device reviews and features for Mobile Choice UK website and magazine, as well as writing extensively for SC Magazine UK, Tech Radar, Indian Express, and Android Headlines.
The European Union’s General Data Protection Regulation (GDPR) will come into force exactly a year from now and is expected to extensively reform existing cyber-security and data protection practices. Here …