GP patient data to be made available for research on an opt-in basis

The Government has instructed NHS England to begin extracting identifiable patient data for research from GP records, on an opt-in basis.

A legal direction issued today, and coming into force tomorrow, said NHS England should establish a service to enable GP data to be ‘collected and disseminated’ for specific research studies that have been approved to access the information.

‘Explicit consent’ needs to be provided ‘by or on behalf of the participant to their data being shared with that study for health research’, the direction said.

A separate document explained that NHS England will collect data from GPs ‘via their GP system suppliers’ set out in the existing GP Data for Pandemic Planning and Research (GDPPR) data specification.

‘In order to minimise costs and reduce burden on GP Practices and their GP system suppliers, no new physical data collection by NHS England is therefore required,’ it said.

The Government argued that the ‘coded patient data held in the GP records is a rich source of information about health’ because ‘for some conditions it may be the only place where a diagnosis or risk factor is recorded’.

‘In other cases, it can complement other sources of healthcare data to give a more complete picture and avoid biases. However, many patients’ permissions for their GP record to be shared are unmet at the date of these Directions,’ it said.

‘Current studies must establish individual agreements with GP practices to access data held about their participants. This is burdensome for both research studies and GPs, who are not resourced to conduct the detailed review needed to ensure that requests from individual studies are appropriate.

‘To address these issues, the Secretary of State has therefore directed NHS England under the Directions to establish and operate an information system for the collection of certain information held in GP health records.’

Under the directions, NHS England will ‘operate a service’ to share this data with ‘Approved Research Studies’, for ‘certain patients’ where:

• explicit consent has been provided by or on behalf of the participant to their data being shared with that Approved Research Study for health research; or

• it is lawful (as described below) under the 2005 Act for the Approved Research Study to carry out the research on, or in relation to a participant who lacks capacity.

NHSE will need to issue a data provision notice to GP practices to set up the service.

For studies to become approved, by the DHSC and NHSE, they have to meet certain access criteria, the document said.

Responding to the issuing of the Direction, BMA GPs committee deputy chair Dr David Wrigley told Pulse: ‘The BMA has been in close conversations with NHS England and the Government for many years regarding third party use of confidential patient data, today’s announcement is only for those patients who have explicitly consented to share their data.

‘The Government will be taking full responsibility for what it assures us will be the safe and proper onward sharing of such patient data which originates from the GP record. We have been told that only data from patients who have given their informed consent will be shared. We are pleased that our request that those patients affected will be notified that their confidential data will be shared, and we have been advised that the NHS app will be updated to indicate when the dataflows are due to occur. This new form of data sharing is anticipated to come about in approximately six weeks, so the update to the NHS app must occur quickly, and as a matter of priority.

‘We also call for GP clinical systems to be rapidly programmed so that it is clearly indicated if such dataflows are in operation, and if a patient withdraws their consent or changes their mind, what steps need to take place – given the consent process for Biobank took place twenty years ago. Improved transparency is necessary for patient trust which is in everyone’s interests. As a profession, GPs take their patients’ data and its security extremely seriously. We will be scrutinising each step and ensuring Government commits to both transparency and the highest security arrangements possible for data protection and its appropriate use only, nil further.

‘The data was originally intended for pandemic-only promises, but this use is now being expanded by Government. GPs must comply with the mandatory direction to share the data and cannot refuse, unless their patients decide to change their minds and withhold consent. GPs as trusted family doctors will always be wholly honest with their patients about the use of their confidential data, and we look forward to reading the direction with care.’

The RCGP, which was consulted on the new service, said it understood GPs would not hold responsibility for the extracted data.

RCGP chair Professor Victoria Tzortziou Brown said: ‘The RCGP has long supported the sharing of data for appropriate research purposes, subject to the necessary safeguards to ensure data security and patient trust. In recent years, the College has sought to promote the sharing of GP patient records in cases such as these where patients have given their specific consent.

‘We understand that in issuing this Direction, the Secretary of State is relieving GPs of liability for this collection, and we are encouraged to see that DHSC and NHSE are taking careful steps to communicate this to practices and give them information about how the data will be collected and used.’

Pulse previously exclusively revealed the Government’s intention to change the rules to allow GP patient data access beyond their previous ‘pandemic-only’ scope.

More to follow