This site is intended for health professionals only


BMA to urge GPs to promote data opt-outs if patient data used ‘improperly’

BMA to urge GPs to promote data opt-outs if patient data used ‘improperly’
Getty Images

The BMA has written to all ICBs to request clarification which GP patient data they are extracting for use in the Federated Data Platform (FDP) and underpinned by which data sharing agreements.

The letter, sent 1 July, reiterated the BMA’s policy to ‘challenge the growing role’ of US data giant Palantir in NHS data services.

And it said that if the union sees evidence of data being ‘improperly used or disclosed in ways patients would not reasonably expect’ it would begin to ‘support’ GP members to remind patients of their data opt-out rights.

Meanwhile, NHS England chief executive Sir Jim Mackey admitted to the Health and Social Care Committee yesterday that an objective review of Palantir’s role in the FDP would be ‘helpful and necessary’.

The letter to ICBs, signed by then-BMA GP Committee chair Dr Katie Bramall and Joint GP IT Committee chair Dr Mark Coley, said: ‘The BMA and GPC England is clear – if we see evidence that patient data that GPs have been charged to protect, is being improperly used or disclosed in ways that patients would not reasonable expect – we will begin supporting our members to engage with their local populations to mitigate any detrimental consequences to patient confidentiality by reminding patients of their rights of opt-out.’

They added that it is ‘essential that all uses of patient data have a clear lawful justification to avoid damaging the fragile public trust in the confidentiality of healthcare services’.

‘The BMA and GPC England will work to ensure our patients’ data is handled in ways which maintain and promote that trust.’

The letter asked ICBs for confirmation of the ‘specific range of GP data that is currently being ingested into your ICB instance of the FDP’, what the data is being used for in the FDP, and whether any ‘patient level identifiable data is accessible to Palantir engineers’.

The National Data Opt-Out gives patients the option to choose if data from their health records is shared for healthcare research and planning. 

The FDP links data from across NHS organisations to support both planning and direct care, and began rolling out in NHS trusts in 2024. Palantir – a data analytics company known for its work with US intelligence and security agencies – was awarded a £330m, seven-year contract in 2023 to deliver the FDP.      

Last month, the National Data Guardian, which advises the Government on the use of health data, said it was concerned more Palantir staff had access to the FDP than it previously assumed

Yesterday, the NHS chief executive was pressed by MPs on the health committee on whether the Palantir contract should be ‘externally’ and ‘independently’ reviewed, amid recent analyses finding its effectiveness had been ‘overstated’.

Sir Jim responded: ‘So I had a discussion with the team a couple of weeks ago about the need… to have an objective review. My personal view is that would be helpful and necessary.’

However, he added: ‘I don’t think that can be done to inform the next step on the procurement process in this contractual process, because it will take months to do it properly.’

Following yesterday’s session, the Health and Social Care Committee followed the Science, Innovation and Technology Committee in recommending that the Government end Palantir’s current NHS contract, while ensuring the anticipated single patient record has ‘UK-owned’ suppliers instead.  

Pulse has contacted NHS England and Palantir for comment. 

As part of an ongoing escalation of collective action against this year’s imposed GP contract, the BMA advised GPs in May to notify their ICB that they are stopping voluntarily sharing data using an ‘editable’ template letter. 

In full: BMA’s data clarification request to ICBs

GPC England is writing to all ICBs in England to seek urgent clarity on the following: 

  1. The specific range of GP data that is currently being ingested into your ICB instance of the FDP 
  2. What Data Sharing Agreements (DSA) underpin this sharing 
  3. Whether these DSAs stipulate that data shared by GPs will be ingested into the Palantir-powered FDP 
  4. What the data is used for within the FDP, specifically with regard to the Commissioning Support Tools (CST) we know some ICBs have adopted 
  5. Whether patient data held within the FDP and sourced from GP data systems is patient level identifiable data 
  6. Whether any patient level identifiable data is accessible to Palantir engineers who have been granted access to FDP data stored in your ICB instance of the FDP and the mechanisms in place within your ICB for accrediting access. 

 

Source: BMA


			

READERS' COMMENTS [1]

Please note, only GPs are permitted to add comments to articles

So the bird flew away 9 July, 2026 5:23 pm

Research shows you only need between 2 and 4 data points to identify between 50% – 95% of people. Palantir knows this, but not many patients do. The BMA is right that GPs are charged to protect their patients.
The all-seeing Palantir….bet they didn’t see getting chucked out of the NHS.