This site is intended for health professionals only

Pulse Today At the heart of general practice since 1960
Could GPs actually go private? Why are GPs rethinking LESs?

Could GPs actually go private? Why are GPs rethinking LESs?

Listen to our new podcast episode here

Login Register
Home News Technology No new GP data to be shared by Biobank until security improved

No new GP data to be shared by Biobank until security improved

No new GP data to be shared by Biobank until security improved
Getty Images
By Harry Hetherington
08 June 2026

A health data project will stop sharing any new GP patient data with researchers until it has boosted its security, it has said. 

The UK Biobank project uses the health data of around 500,000 volunteers and is set to benefit from the Government’s move to extract GP data for research purposes, but it has been the subject of a series of data breaches. 

In April, it emerged that the participants’ ‘de-identified’ health records had been offered for sale online in China

report by UK Biobank’s Oversight Committee in response to this incident said: ‘No new linked health outcome data (including GP data) will be made available to researchers until we have implemented the security measures recommended by the Board-led review, as agreed with the data providers.  

‘The security measures include developing a robust output checking system, which will prevent de-identified participant data from being taken off the platform, while still enabling the research of the tens of thousands of scientists who use UK Biobank. ‘ 

UK Biobank said it had identified the research projects associated with the breach and had banned ‘the individuals and the academic institutions responsible’. 

The report added it was intending to publish a ‘timeline for resuming access to the platforms’ for researchers later this month. 

The ‘de-identified’ information that was listed for sale may have included gender, age, month and year of birth, socioeconomic status, lifestyle habits, and measures from biological samples.  

It did not include identifiable data such as names, addresses, contact details, NHS numbers or telephone numbers. 

However, the report admitted it would need to review the likelihood of the ‘re-identification’ of the data by ‘current and prospective technology’ including ‘next generation AI models’. 

In February, NHS England began to extract identifiable patient data for research from GP records, on an opt-in basis.  

The legal direction allows NHS England to establish a service to enable GP data to be ‘collected and disseminated’ for specific research studies that have been approved to access the information. 

‘Explicit consent’ needs to be provided ‘by or on behalf of the participant to their data being shared with that study for health research’, the direction said. 

UK Biobank, which was one of the research projects previously unable to access its volunteers’ GP records, welcomed the move as a ‘major milestone for health research’. 

Responding to the report, Anna Steere, head of the group Understanding Patient Data, said: The Oversight Committee’s report marks an important step in setting out clear actions for UK Biobank to tighten governance, improve oversight and enhance security – all essential to maintaining confidence in the use of health data. 

‘Consented cohort participants make an exceptional contribution to health research in support of the public good, so it is right to recognise that UK Biobank responded quickly and openly, while also showing that systems and safeguards must continue to evolve to meet the highest standards. 

‘As these measures are implemented, UK Biobank will need not only to strengthen protections, but to communicate them clearly to participants and the wider public. Maintaining trust will depend on transparency, accountability and clear evidence that lessons have been learned – not least to avoid any wider impact on public confidence in how health data is used across the NHS.’ 

It comes as NHS England chief executive Sir Jim Mackey said the level of cyber security risk to the NHS as a whole was ‘dramatically’ increasing. 

Speaking at an NHS England board meeting last week (4 June), Sir Jim said: ‘We have all been a bit uncomfortable about how well prepared we were to cope with potential risk, but the risk environment has now changed really dramatically, and is accelerating. We have got colleagues working on this. We’re going to hopefully send something out tomorrow to the service to say, let’s all just do these basic things, because we’re in a much different risk environment.’ 

In June, NHS England paused the ‘ground-breaking’ HDR Foresight project which used GP data to train an artificial intelligence (AI) model, following concerns raised by GP leaders.  

Pulse has contacted the Department of Health and Social Care to comment on the Oversight Committee’s findings.  


			
			
					


          				        
			          

            
                        

              

                

                  

                    
Related Articles

                  

                  					
					                        

                          

                             Government confirms UK health data appeared for sale on Chinese website
                            
23 April 2026

                          

                        

                    				
                    					
					                        

                          

                             GP patient data to be made available for research on an opt-in basis
                            
10 February 2026

                          

                        

                    				
                    					
					                        

                          

                             Government poised to allow GP patient data access beyond ‘pandemic only’ scope
                            
17 October 2025

                          

                        

                    				
                                        
                                    

              

            

          


          

            

              	 
  



  
            

          

			
        

        

          

                      

          

                      

        

      

    

    

      


		

		

	 		

			
			

				
			

			
		

		

			
			

				
			

			
		

				

		

		 	
				

				

		 		

			
			

				
			

			
		

				

		
	
		 		
		

  

    

      

        

          

                                                                                                			  
			              

                               
                          

            

                              Allergic rhinitis: A guide for General Practitioners. Promotional Content – UK HCPs.              
Read Now

              
                          
			  
			  
			 
                                              

        

      

    

  



	
	

				

		

			
		

			
			

				
			

			
		

			
					

		

						


	

		

			
Most 
				
				
			

		

		

			
			

                
												
								
							

		

	


    

	 
		
		

		  
		

			  
  


  

    

      
    

  






  

              								  
				  

					
				 

				  
			  	              







  

		

			

			    
				
FOLLOW US

					
			

			

			

			

			

        	
IMPORTANT LINKS

                    

			

	         
MORE FROM COGORA

                    
			

		
	  
  





  

    

      

        
© Cogora 2026
Cogora Limited. 1 Giltspur Street, London EC1A
          9DD Registered in the United Kingdom. Reg. No. 2147432

      

      

        Cogora