Millions of GP patients data are sold to US companies for research under a Government scheme to allow third parties access to anonymised data, it has been revealed.
Data collected by The Observer show that international pharmaceutical companies, including Merck & Co and Bristol-Myers Squibb, pay the UK Government up to £330,000 a year to access anonymised patient data as part of their studies.
The report analysed studies used by the Government-run research service Clinical Practice Research Datalink (CPRD) from 1 July 2018 to 31 July 2019. It concluded that the CPRD received more than £10m in revenue last year.
MedConfidential – an advocacy group that campaigns for data confidentiality – said that one in seven GP practices give anonymised patient data for this purpose.
Phil Booth, coordinator of MedConfidential, told Pulse there is no transparency in the processes despite CPRD being ‘required to publish a list of its direct clients and funding organisations that may benefit directly from the research’, according to its website.
He said: ‘CPRD says the data is “anonymised” but it’s clear from the linkages that the data is in fact pseudonymised and therefore (under GDPR & DPA 2018) must be considered personal data.
‘The level of rich detail in an individual-level, linked, longitudinal medical history makes it uniquely identifiable even if the patients’ name and NHS number have been removed/replaced with a pseudonym.’
He added: ‘One does have to be concerned about individual re-identification. Especially as there is no indication how (or even that) CPRD does any proactive monitoring or audit of how the data it sells is used by its customers.’
Dr Grant Ingrams, a GP partner in Leicester City, said: ‘This is about the CRPD, which many practices sign up to. It complies with information governance requirements, and provides information to researchers that is vital to enable research for health improvements to happen.
‘I would be concerned if the CPRD aren’t being transparent and their list of clients etc is not being kept up to date.
‘In essence, researchers need access to patient data, and CPRD allows access in a controlled, lawful manner. However, this process should be transparent.’
Medicines and Healthcare products Regulatory Agency chief executive Dr June Raine said licensed data supplied to commercial organisations are fully compliant with ‘ethical, information governance, legal and regulatory requirements’.
She told The Observer: ‘Ethically conducted research using CPRD patient data sets has brought enormous benefits to patient care, including providing evidence for the National Institute for Health and Care Excellence blood-pressure targets for patients with diabetes, as well as working with universities, regulators and the pharmaceutical industry who research the safety of their medicines.’
Many GPs warned the proposals could undermine the doctor-patient relationship and deter people from seeking medical help.