[Nottingham] NHS care.data ('Anonymized' data really isn't - and here's why not)
Martin
martin at ml1.co.uk
Wed Mar 26 19:13:28 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
A few weeks later and a selection of "care.data" related headlines are:
http://www.informationweek.com/healthcare/electronic-health-records/feds-praise-open-data-health-cloud-launch/d/d-id/1112224
Feds Praise Open Data Health Cloud Launch
Taking advantage of more-open data standards in other countries,
MedRed BT Health Cloud will provide public access to aggregated
population health data.
http://www.theguardian.com/society/2014/feb/24/hospital-records-nhs-patients-insurance
Hospital records of 47m NHS patients obtained by insurance society
Report says data covering in-patient stays between 1997 and 2010 were
used to track patients' medical histories
http://www.theguardian.com/society/2014/mar/03/nhs-england-patient-data-google-servers
NHS England patient data 'uploaded to Google servers', Tory MP says
A prominent Tory MP on the powerful health select committee has
questioned how the entire NHS hospital patient database for England
was handed over to management consultants who uploaded it to Google
servers based outside the UK.
http://www.wired.co.uk/news/archive/2014-02/26/demand-transparency-from-nhs
NHS data blunders mean you can't trust Care.data
The Institute has also told us that the data is "totally anonymous",
but we know that jigsaw attacks can reidentify patients. The dataset
included a unique patient identifier, age, gender, the date they
started [treatment], date finished, admission method, dates of
operations, postal district and diagnosis.
http://www.wired.co.uk/news/archive/2014-03/03/care-data-leaks
NHS patient data made publicly available online
Updated 20:40 03/03/2014: Earthware UK has issued a statement saying
the data it used was mock HES data, not real patient data.
http://www.theguardian.com/technology/2014/mar/17/online-tool-identify-public-figures-medical-care
Online tool could be used to identify public figures' medical care,
say critics
OmegaSolver's Patient Analyser tool has been taken offline after
concerns over use of 'patient-level' data
http://www.cio.com.au/article/540579/don_t_upload_health_care_data_google_cloud_uk_groups_say/?utm_medium=rss&utm_source=authorfeed
Don't upload health care data to Google cloud, UK groups say
Such sensitive data should never be uploaded to a provider outside the
jurisdiction of the UK, the groups said
http://theconversation.com/foi-reveals-cynical-logic-that-compromises-nhs-data-privacy-24750
FoI reveals cynical logic that compromises NHS data privacy
... HSCIC believes that sharing of care.data will be exempt from the
Data Protection Act as long as pseudonymisation is applied. An FoI
response just received by Dr Neil Bhatia confirms this even more
explicitly. This conclusion cannot be derived from the Information
Commissioner Office’s guidelines on anonymisation, which take a more
sophisticated line.
Kelsey and his NHS spin doctors cannot afford to lose this argument on
behalf of the HSCIC. If pseudonymised care.data information is truly
anonymous, no-one who holds or receives such data incurs any
obligation towards the data subjects. They will therefore be free to
process the data in any way they like...
http://www.bbc.co.uk/news/uk-16026827
Everyone 'to be research patient', says David Cameron
Every NHS patient should be a "research patient" with their medical
details "opened up" to private healthcare firms, says David Cameron.
My personal opinion is that your medical records should remain your
personal data... There is huge scope for abuse otherwise...
Martin
NHS data acronyms:
HES: Hospital Episode Statistics
http://www.datadictionary.nhs.uk/data_dictionary/nhs_business_definitions/h/hospital_episode_statistics_de.asp?shownav=1
As collected by SUS: The Secondary Uses Service
SCR: Summary Care Record
http://en.wikipedia.org/wiki/Summary_Care_Record
And newly, there is to be introduced "Care.Data" for 3rd party use.
Those are summarised by the umbrella description:
NHS Connecting for Health
http://en.wikipedia.org/wiki/NHS_Connecting_for_Health
- --
- - ------------------ - ----------------------------------------
- - Martin Lomas - OpenPGP (GPG/PGP) Public Key: 0xCEE1D3B7
- - martin @ ml1 co uk - Import from hkp://subkeys.pgp.net or
- - ------------------ - http:// ml1 .co .uk/martin_ml1_co_uk.gpg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAlMzJqQACgkQ+sI3Ds7h07dGlgCfbpmtZidzZqLiWJRzNn9743Ej
hy8Ani1R31FMZw18jY5gd2swUrIEzIAT
=l0x4
-----END PGP SIGNATURE-----
More information about the Nottingham
mailing list