Diagnosing a Digital Disaster: Britain’s care.data
(This post was written as an assignment for MLD670M, a course at the Harvard Kennedy School of Government)
On July 6th 2016, buried in an official response to two national reports on data security in healthcare, the UK Minister for Life Sciences George Freeman MP announced the cancellation of the NHS care.data program. Despite spending a total of approximately £8 million, the Government decided that its continuation was untenable given mounting public opposition.
Officially launched in the summer of 2013, the care.data scheme aimed to expand the UK’s national database with anonymised information on hospital stays to include information on visits to primary care physicians. This new, centralized database could enable policymakers and medical professionals to more effectively spot patterns and trends across the whole of UK healthcare and make appropriate interventions.
However, even before the official launch, care.data’s opponents had begun mobilizing. In January 2013 an organisation called medConfidential, supported by civil liberties pressure groups and privacy advocates, was formed to oppose the alleged threat of data extraction. Their criticisms centred around the potential for data breaches, particularly around the deductive re-identification of anonymised or pseduonymized data, a concern later supported by the Care Quality Commission.
In August 2013, all GPs (UK primary care physicians) were sent a letter informing them that they had eight weeks to notify patients about the upcoming data extraction. This caused a significant backlash from medical professionals, who argued that they had neither the time nor the resources to deliver this message. NHS England responded by embarking on a national public information campaign, which included a £1 million leaflet drop to 99% of households. Later reports found that as many as two-thirds of households did not recall receiving a leaflet, and anecdotal evidence indicated that the delivery method arranged with Royal Mail meant that they were often hidden inside fast food leaflets and other junk mail. Another study levelled criticisms against the broader public information campaign, arguing that ‘there was no cohesive marketing campaign, no national TV campaign, no press conference, and the only supportive media was a video animation posted onto YouTube and the NHS England’s website.’ The final nail in the coffin came when The Guardian published an article in February 2014 highlighting that information on care.data could be accessed by insurers and drug-companies, who could then de-anonymise the data.
Following numerous scathing national headlines, a critical audit of the scheme’s parent organisation Health and Social Care Information Centre (HSCIC) conducted by PWC, and an unsuccessful attempt to develop a phased introduction, simultaneous reports by the Care Quality Commission and the National Data Guardian signalled the end of care.data in July 2016. The ultimate scrapping of the programme seems to have been caused by two mutually-reinforcing factors:
Poor Communication: Members of the public were never clear on the problem being solved by the creation of the new database, and the benefits to them and their families of sharing information. Further, there was never a clear message regarding uses of the data, which became extremely problematic when it was revealed that it could be shared with private organisations.
Underdeveloped regulatory framework: Given the programme’s ambitions, too little consideration was given to how it would fit within a nascent and fragile regulatory framework around patient data. There had already been numerous criticisms of how the NHS had handled sensitive patient information, and the scheme did not take enough time to consider how this new programme would address those concerns. Ultimately, this meant that there were not convincing answers when critical journalists and campaigning groups like medConfidential attacked the scheme.
(This post was written as an assignment for MLD670M, a course at the Harvard Kennedy School of Goverment)
