This site is intended for health professionals only

UK Biobank writes to all GP practices requesting they share patient data

UK Biobank writes to all GP practices requesting they share patient data

UK Biobank has written to all GP practices, with the support of the RCGP and NHS England, asking them to release patient data via their IT systems. 

This would allow the data from 503,000 consenting adults to be shared and used for ‘all types of health-related research’.

NHSE’s national medical director Professor Sir Stephen Powis and RCGP chair Professor Kamila Hawthorne are co-signatories to the letter, which was sent to practices last night.

The body of the letter stated that the request to release data is also ‘endorsed’ by the BMA.

UK Biobank confirmed to Pulse that this was an error and chair of the GP Committee in England Dr Katie Bramall-Stainer highlighted that she did not give permission to support the letter. 

‘Sadly, this now affects my trust in how you’ll gain patient consent for their health data if you ignore mine so freely,’ she wrote on X (Twitter).

Dr Bramall-Stainer also said that adhering to this request to share data is ‘not contractual’

UK Biobank, which receives some of its funding from the UK Government and the National Institute for Health and Care Research (NIHR), is a ‘large-scale biomedical database’ containing genetic and health information from half a million UK participants. 

Their data is anonymised and made ‘widely accessible’ for health-related and scientific research. 

The letter last night said that ‘special regulations’ during the pandemic allowed the transfer of primary care records from GPs to UKBiobank for research, which ‘resulted in 200 peer-reviewed studies’ on Covid-19. 

It said: ‘However, since the extraordinary provisions for COVID-19 ended, each GP practice must now take action as the ‘data controller’ to approve release of the coded primary care data to UK Biobank. 

‘Releasing these data to UK Biobank will allow consenting patients to participate in this important research.’

This request applies to practices using EMIS or TPP systems, and requires either GPs or their practice manager to ‘simply’ tick a box on the system. 

The letter also sought to mitigate GP concerns about sharing patients’ data, saying the Information Commissioner has confirmed that the existing written consent obtained from patients ‘is compliant with current data protection legislation’.

It added: ‘UK Biobank has already been making de-identified NHS health outcome data (e.g. deaths, cancers, and hospitalisations) available to approved researchers for the past 10 years.

‘The same strict data protection and information governance processes would be applied for access to the primary care data, which would be restricted to coded information.’

Earlier today, NHS England announced £2m of funding for an engagement campaign to gather views from patients on how their health data is used. 

In June, NHSE indicated that it could become a co-data controller of patient records in order to help relieve individual GP liability. 

Data from the UK Biobank was used in a recent study which found that raised blood glucose is associated with greater risk of cardiovascular disease (CVD) even when below the threshold for diagnosing diabetes.



Please note, only GPs are permitted to add comments to articles

David Church 29 September, 2023 12:12 pm

So did the RCGP and BMA consent to be included in this request?
And don’t you just love it when NHSE and Government make it appear they don’t know what is going on in the data world, where very soon NHSE, on behalf of Government, and via Palantir, will control access to all GP data anyway, within a couple of months.
It seems individual GPs, nor Practices, are any longer actually ‘data controllers’, since the NHSE and government gets to ‘control’ who does and does not have access – except that once Palantir have, they will have Control.

Not on your Nelly 29 September, 2023 1:00 pm

Why can’t the ICB , NHSE or the Health minister be made the data controller? Then he can do what he wants? Until that point, as GPs say no to everything.

Mr Marvellous 29 September, 2023 2:54 pm


Agree to do this: possible data leak and cries from patients about their confidentiality. No benefit for the practice.

Don’t agree: Nothing happens. No benefit or loss for the practice.

Tough choice.

Dylan Summers 30 September, 2023 9:24 am

It’s a real shame we’ve come to where we are.

Sharing truly unidentifiable data with proper patient awareness, proper safeguards and proper accountability (IE the buck not stopping with the GP practice) could indeed be a major benefit to medical science – and ultimately to patients.

But 2 decades of bungled attempts (with minimal patient awareness, poor safeguards and unfair accountability) has made this happy outcome less and less and achievable.

stephen friel 30 September, 2023 12:37 pm

Perhaps a more accurate headline would be “writes to all English GP practices…”

Anonymous 1 October, 2023 7:05 am

It really is quite shocking how corrupt the elite from RCGP has become.

Andrew Schapira 1 October, 2023 4:31 pm

I am not sure I have a point here, but practices code the data at their expense which is sold by the nhs to private firms for considerable sums . I wonder how much finds it’s way back to primary care for benefit to the practices

Rogue 1 2 October, 2023 5:31 pm

Wasnt there something recently about the Health secretary becoming the data controller for the NHS?
If so we shouldnt be involved in any of it. All SARS requests and everything like that should be directed to a central office!