The House of Commons Health and Social Care Committee delivered a report into the memorandum of understanding on data-sharing between NHS Digital and the Home Office. It said NHS Digital, which supplies information and data to the health service, was failing to uphold patients’ interests.
The memorandum of understanding (MoU) between NHS Digital and the Home Office came into effect on 1 January 2017. The committee received a number of representations expressing concern over the practices of data-sharing governed by the MoU, including incompatibility between the disclosure of information about people in contact with health services and the obligations of confidentiality assumed to apply to that information; and the risk that sharing of patients’ addresses with other government departments would become accepted as normal practice.
In January 2018 the committee asked NHS Digital to suspend its involvement in the agreement. The request was rejected, so the committee took further evidence on the issue and came to the same conclusion.
“The leadership of NHS Digital has not been sufficiently robust in upholding the interests of patients or in maintaining the necessary degree of independence from government,” the committee said in its report.
“We also have serious concerns about government policy on the confidentiality of data collected for the purposes of health and social care,” the MPs said.
The committee said NHS Digital should suspend its participation in the MoU until the ongoing review of the NHS Code of Confidentiality was complete.
The report added that NHS Digital should make a decision on whether the practice of data-sharing for immigration tracing purposes should continue in the light of the reviewed code.
Although the MPs said they supported the sharing of patient data with consent, that relied on public confidence in NHS Digital’s commitment to respecting confidentiality.
“The principle remains in place that data held for the purposes of health and care should only be shared for law enforcement purposes in the case of serious crime. It is not only the GMC [General Medical Council] and NHS Codes which reflect this principle, but even NHS Digital’s own guidance on confidentiality. It is entirely inappropriate that NHS Digital should be sharing data in a manner inconsistent with that principle,” the committee said.
"It is unfortunate that NHS policy and practice in relation to the management and use of patient data in England continues to be subject to parliamentary criticism," said digital health expert Matthew Godfrey-Faussett of Pinsent Masons, the law firm behind Out-Law.com. "The effective use of data is central to the creation of further efficiencies within the NHS, but those efficiencies depend on patients trusting the NHS to safeguard this most sensitive category of data. With the stakes so high, a lot more work is required to secure the political support needed to allow NHS Digital to deliver its remit."