Cookie policy notice

By continuing to use this site you agree to our cookies policy below:
Since 26 May 2011, the law now states that cookies on websites can ony be used with your specific consent. Cookies allow us to ensure that you enjoy the best browsing experience.

This site is intended for health professionals only

At the heart of general practice since 1960

Revealed: Independent experts overseeing care.data have approved 31 releases of identifiable patient data since April

Exclusive Requests for identifiable patient data have been approved more than 30 times since April by the group of independent experts which will oversee access to confidential records uploaded to the controversial care.data scheme.

A Pulse analysis of applications to the Confidentiality Advisory Group (CAG) reveals there have been 31 releases of confidential patient information since April 2013 - 12 of which were to bodies outside the NHS.

The frequent releases of data under the little-known Section 251 exemption are significant because a similar process will govern the release of identifiable patient data once GP records are extracted via the care.data programme.

NHS England announced last year that it plans to sell care.data access to private companies and researchers for a nominal £1 - and private companies will be able to make applications to access identifiable data via the Section 251 process.

Supporters of care.data have played down the prospect of identifiable patient data being shared as part of the scheme, and much of the debate to date has focused on the release of data which will be ‘pseudonymised’. NHS England is currently in the process of sending a leaflet to every household in the country which reassures patients that their ‘identity is protected’.

But Pulse’s analysis reveals that identifiable patient data is already being regularly approved for release by the NHS.

Under Section 251 of the NHS Act 2006, the health secretary is able to set aside patient confidentiality for ‘defined medical purposes’, but he has to take advice from the independent Confidential Advisory Group (CAG).

The CAG is based at the NHS Health Research Authority and assesses requests to see if there is a ‘sufficient justification’ to access confidential patient information.

A Pulse analysis of data published on the CAG website shows that in total 31 requests for identifiable patient data have been approved since April 2013.

In addition to this, at least 30 requests for identifiable data were ‘conditionally’ or ‘provisionally’ approved, as long as the applicant sought further approvals. Some 15 requests were rejected for lacking sufficient evidence.

The applications were mainly for commissioning or life science research, with information such as names, dates of birth, postcodes and NHS numbers requested alongside other medical data.

Approved applications include:

  • A request from the University of Hertfordshire to access patient notes at six GP practices and pharmacies in order to review prescribing errors
  • A request from the CQC for all the names and addresses of all adults who had one overnight hospital stay from June to August 2013
  • A request from the Royal College of Anaesthetists for NHS number, hospital number and dates of birth and death for 40,000 patients who had an emergency laparotomy
  • A request from Cardiff University for name, NHS number, date of birth, postcode and gender of all children presenting with a thermal injury

Dr Grant Ingrams, former chair of the GPC’s ICT subcommittee and a GP in Coventry, said it was important that patient consent was explicitly obtained before identifiable data was given to researchers, particularly as GPs were held responsible for any complaints.

He said: ‘I do not see why any researcher anywhere should have access to information without consent. I do not believe it’s the right model to upload peoples’ data without properly informing them that it’s being done this way.’

But Dr Tony Calland, chair of the BMA’s Medical Ethics Committee, said that identifiable patient data would only be given out if there was a ‘particular research project’.

He said: ‘[HSCIC] could only give out some or any of their identifiable data with Section 251 approval, which would only be given for a specific purpose.’

Dr Neil Bhatia, a GP in from Hampshire with an interest in IT and information governance, said: ‘What patients don’t realise is that once their information is out there it stays out there. If patients object to these organisations on ethical grounds that won’t make any difference, because the data could still be sent to them.’

A spokesperson for NHS England said: ‘Confidential information is sometimes released to approved researchers, if this is allowed by law and meets the strict rules that are in place to protect your privacy. 

She added: ‘Patients who have objected to their data being used for anything other than direct care would not have their data shared under Section 251.’

Related images

  • Online Help Computer Screen

Readers' comments (10)

  • Neil Bhatia

    That is why the 9Nu4 code is significant - it blocks the release of information from your combined care.data record under s251

    Unsuitable or offensive? Report this comment

  • Neil Bhatia

    The proposed EU regs would make Section 251 care.data releases illegal
    http://www.england.nhs.uk/iscg/wp-content/uploads/sites/4/2014/01/ISCG-Action-Update-Proposed-European-General-Data-Protection-Regulation.pdf
    Until then, patients should know that they can get 9Nu4 added to their records if not happy to allow such releases of their identifiable data by the HSCIC

    Unsuitable or offensive? Report this comment

  • Your headline does not give the true horror. 31 "releases " approved, one of which was for 40,000 patients!!!!!!!!

    Unsuitable or offensive? Report this comment

  • "Horror", Robert Morley?? A request from a Royal College to undertake a study regarding patient outcomes after an emergency procedure? Perhaps you might want to consider a career as the headline writer for the Daily Mail.

    Unsuitable or offensive? Report this comment

  • A request from a Royal College to undertake a study regarding patient outcomes after an emergency procedure?
    ----

    Could you explain why they would need the names and addresses of these patients?

    Unsuitable or offensive? Report this comment

  • Richard Jenkins

    Finally the media are picking up the story, see today's Guardian;

    'NHS patient data to be made available for sale to drug and insurance firms'

    Unsuitable or offensive? Report this comment

  • We want our share of the profit made out of data sharing.......researchers are paid, managers are paid, the healthworkers are paid .the public want a share of what has already beendisclosed seemingly unlawfully

    Unsuitable or offensive? Report this comment

  • Just to clarify, we do not oversee care.data. It is an NHS England programme, and HSCIC has been commissioned to extract data. Our Confidentiality Advisory Group will, however, provide expert advice on applications to access patient information without consent.

    Unsuitable or offensive? Report this comment

  • Tony Calland practices in Wales. Wales has it's own health administration. There has been no publicity about this scheme as being applied in Wales. Cardiff University has requested intimate identifiable personal data about idividuals and families see above article. Were they informed at any stage? Did they get it?Who authorised it? Are we waiting for yet another scandal to break .
    Inside Health this morning debated this issue with Dr Mark Davies from Health and Social Care England who assured listeners no person identifiable data would be revealed...supported by Dr Liam Smeed from N London who stated all identifiable data is stripped out and re=coded. Wonder who in N London has received a leaflet yet. Then yet another shocking strand was revealed..Atos which has brought so much misery to thousands already and brought many medics working for it into disrepute.is also involved in the initial stage, thereafter passing the information gathered to Health and Social Care. All through this debate the moral virtues of sharing data were emphasised in a very patronising manner by both advocates .But it stinks .

    Unsuitable or offensive? Report this comment

  • In the interests of transparency it would have been logical for the programme to declare that Dr Smeeth is part of a campaigning group and is involved with research.it came across as simply his opinion.

    Unsuitable or offensive? Report this comment

Have your say