NHS England is closing the much-criticised Care.data programme, ministers have announced.
The move follows publication today of Dame Fiona Caldicott’s review of data security, consent and opt-outs, which called on ministers to “consider” the programme’s future.<https://www.gov.uk/government/publications/review-of-data-security-consent-and-opt-outs>
As exclusively revealed by HSJ earlier today<http://www.hsj.co.uk/topics/technology-and-innovation/breaking-government-advised-to-keep-tight-controls-on-ccg-data-access/7006134.article?blocktitle=News&contentID=15303>, the review recommended that patients should be able to opt out of their identifiable data being used by commissioners, other than for invoice validation and other limited circumstances.
A statement published today by life sciences minister George Freeman said<https://www.gov.uk/government/speeches/review-of-health-and-care-data-security-and-consent>: “In light of Dame Fiona’s recommendations, NHS England has taken the decision to close the Care.data programme.
”However, the government and the health and care system remain absolutely committed to realising the benefits of sharing information, as an essential part of improving outcomes for patients.
“Therefore this work will now be taken forward by the National Information Board, in close collaboration with the primary care community, in order to retain public confidence and to drive better care for patients.”
Care.data was put on pause after it was accepted that sufficient care had not been taken over patients’ consent for having their data shared<http://www.hsj.co.uk/home/patients-uninformed-on-data-plan/5067719.article>.
The flagship NHS England programme was launched in 2013 and was an ambitious project to join up patients’ data across the different parts of the health and social care system. The first stages involved linking GP records with hospital episodes statistics data.
But it sparked a furious response from patient groups, privacy campaigners and GPs. They said patients’ data was being shared without legitimate consent.<http://www.hsj.co.uk/home/patients-uninformed-on-data-plan/5067719.article>
As of May 2016, up to 1.5 million people had registered to opt out of the programme,<http://www.hsj.co.uk/topics/technology-and-innovation/up-to-15m-opt-out-of-caredata-new-data-suggests/7004861.article> requesting their records not leave their GP practices except for direct care or in “exceptional circumstances”.
Dame Fiona’s recommendation on Care.data was one of 20 in the report, which set out proposals for the development of a new consent model to allow patients to opt out of their data being shared for purposes other than direct patient care.
While there is a model in place, it is largely viewed as confusing for patients, and health secretary Jeremy Hunt commissioned Dame Fiona to draw up new plans as part of the review.
She told journalists today that how existing optouts were dealt with was not addressed in her report and would require further work. The new model of consent should also be subject to a public consultation to ensure patients understand it, the report says.
The report says: “This is a report about trust. It addresses the question of what more can be done to build trust in how the NHS and social care services look after people’s confidential data and use it appropriately.
“The Department of Health should conduct a full and comprehensive formal public consultation on the proposed standards and opt-out model. Alongside this consultation, the opt-out questions should be fully tested with the public and professionals.”
Other recommendations include:
* Leadership of every organisation should demonstrate clear ownership and responsibility for data security, just as it does for clinical and financial management and accountability
* NHS England should change its standard financial contracts to require organisations to take account of the data security standards as set out in the report
* The Care Quality Commission should amend its inspection framework to include performance against the new data security standards
* “Harsher sanctions” should be put in place for where malicious or intentional data security breaches occur
* Ministers should also consider introducing stronger sanctions to protect anonymised data. This should include criminal penalties for deliberate and negligent re-identification of individuals
* The case for data sharing still needs to be made to the public, and all health, social care, research and public organisations should share responsibility for making that case.
The report has been welcomed across the sector, including from commissioners, who have long cited their inability to get hold of patient confidential data as a major block to intelligent commissioning.
Graham Jackson, co-chair of NHS Clinical Commissioners, said: “The recommendations in the Caldicott Report look to address some of the critical areas surrounding access to data, and we look forward to working with the DH, NHS England and others on the next steps to ensure that the right people who need access to patient records are able to do so responsibly to commission high quality care for their populations; as Dame Fiona says in her report: ”The duty to share information can be as important as the duty to protect patient confidentiality’.”
The DH has today “provisionally accepted” the recommendations and confirmed there will be a public consultation and further testing of the recommendations put forward.