Building a new social norm for health data

We must throw away our current assumptions about ownership, rights, storage, and control

September 22, 2016
©Peter Byrne/PA Wire/Press Association Images
©Peter Byrne/PA Wire/Press Association Images
Read a companion piece, "It's time for a public debate about data sharing," here

Why is it that we don’t trust the people in the NHS to look after our data? Research from the Information Commissioner and the Royal Statistical Society over recent years repeatedly shows that somewhere between a half and a third of us trust the NHS with our data, compared with the nine out of ten people who trust their doctor to look after them clinically. We trust people in the NHS quite literally with our lives and our children’s lives, but not our data. Maybe we don’t trust because we shouldn’t; Symantec’s global information security monitoring indicates that health is the leakiest sector when it comes to personal data breaches.

The problem is not a lack of trust, but that we’re collectively offered choices on the wrong axis. We can choose to trust that which is not trustworthy, because the consequences of not trusting are so catastrophic. We can choose not to trust, but then our data cannot be used to save our lives, run things efficiently, and develop a better future. Very clever, very well-intentioned people, are currently wrestling with the place to put all of us on that axis, for the common good, when the real problem is that we cannot envisage how things could be along a different axis.

In the commercial world, trust in data is even more terminal, and commercial organisations can’t choose to avoid an issue by changing the law. Government can enact “just let us get on with it” laws and we have little choice; customers can vote with their feet. This has forced some in the commercial world to question the nature of the axis; the problem forces innovation where in the public sector it can result in resignation (both “to the problem” and “by the Chief Executive”).

The key to a different axis is throwing away our current assumptions about ownership, rights, storage, and control. For example, we tend to think in terms of “data held by the NHS” rather than “data relevant to my health.” They are clearly not the same, and increasingly the most relevant data about our health is in the hands of multiple private sector organisations. The paradox is that while politicians and leaders repeatedly tell us we “own” our own data in the NHS despite not really being able to do anything with it, we do have access to all sorts of rich data about our health that we can’t share usefully with our GP. Data held by the NHS is clearly the wrong axis of thinking.

Rather than have the NHS “treat us like customers” when it comes to data, the NHS needs to become a customer of our data. We need to be able to get all of our data and, under our own control, let someone who works for us manage it. Then, crudely, the NHS can get as much relevant data as it needs—as long as it plays by our rules. The change is to focus on what our health needs rather than the data the NHS has technical (but not moral) control over.

This would also enable us to make really simple but powerful decisions; donating access to our data to a medical charity, or giving access to a pharmaceutical company for a fee. Both of these are choices we might make, but are beyond our grasp at the moment. Some bits of our data will be too important not to share, and our individual choice may need to be restricted, but this will give both visibility and specificity to what is otherwise an opaque and broad-brush debate.

Two good analogies are social norms in criminal justice and banking.

The police are highly trustworthy and professional. It therefore follows we can trust that the people they arrest and prosecute are guilty and should be sent to prison. When the government, prosecuting and enforcement authorities were all the local Lord or chieftain, this was accepted as logical, sensible and expedient. Yet we’ve evolved a system that separates the police, judiciary, government and legislators in ways that would seem overly complicated and abstract—and entirely unnecessary—to that local Lord.

Although we tend not to notice, banks are actually extremely good at some important things; they keep our money safe and they enable us to transact. We might immediately think of the edge cases where these things are not true, but the ratio of safe and convenient transactions to the other kind is mind-boggling. The reason this is the case is because not only do banks keep things safe inside their own walls, they regulate the behaviour of every organisation we transact with, up to and including government! In turn, they are regulated by government in a very detailed and complicated manner that few understand and most of us are grateful we don’t have to. We need to have the freedom not to have to think about—let alone worry about—our data in the same way we ignore banks and the courts while constantly relying on their good effect.

When it comes to data, we are the modern equivalents of those that had to carry all their gold about their person, and who believed that whoever the thief-taker dragged in front of the magistrate was guilty. We don’t see any other choices but to hand over our data (or not), and government and corporations don’t see any alternative but to take as much of it as they can get.

People in the NHS need to take decisions on our behalf every single day, and no amount of theorising about the future changes what they can do now. We can’t pretend that a perfect choice is possible; we need to give NHS leaders space to make the best of the choices they have available to them. However, we can’t give up on the problem either; in exchange for that temporary license on trust we need commitment and action to developing some new choices. We need collectively as a society to come to terms with care.data being both the best idea available and a really fundamentally bad idea all at the same time. That may well lead us to accept the trade-offs we have to make today, but with commitment and investment in a future with better choices. That would be a government position worthy of public trust.

With the support of BCS, The Chartered Institute for IT, Prospect hosted a series of panel discussion at the 2016 Party Conferences on health data. These discussions were chaired by Jon Bernstein, Associate Editor for Prospect. Speakers included: Chi Onwurah MP, Shadow Minister for Business, Energy and Industrial Strategy; Diane Abbott MP, Shadow Secretary of State for Health; Jo Churchill MP, Chair of the APPG on Personalised Medicine; Andy Kinnear, Chair of BCS Health; Dr Jeni Tennison, CEO, Open Data Institute (ODI); Dr Mohammad Al-Ubaydli, Founder & CEO, Patients Know Best; Dr Mike Fisher, Chief Clinical Information Officer, Royal Liverpool and Broadgreen University Hospitals; and Jeremy Taylor, Chief Executive of National Voices.

For more information about these events, Prospect’s complete conference programme can be found here. For more information, please email: events@prospect-magazine.co.uk.

For speaker and partnership opportunities, please contact david.tl@prospect-magazine.co.uk.