In July last year, the Department of Health published Your Data: Better Security, Better Choice, Better Care.1 It was the UK Government’s (somewhat delayed) response to the previous year’s Review of Data Security, Consent and Opt-Outs2 from the National Data Guardian (NDG) for Health and Care as well as to the Safe Data, Safe Care3 review of the Care Quality Commission. Much is already awry in the debate on patient data sharing, and the government’s response is likely to make things worse for at least three reasons.
It goes back to front relative to patient priorities
The response, and to a large extent the NDG’s review, have become about data sharing for service improvement and research as opposed to data sharing for direct patient care. The latter is practically omitted from the government’s action plan, with the exception of commissioning a review on it.
Yet it is a far greater priority for most patients and health professionals. Service improvements and research breakthroughs are an uncertain possibility for the future, and it is often somebody else’s future (and we acknowledge this as researchers). In contrast, the relief of a patient is far more certain, present, and personal if they feel known to services. They do not need to repeat information ‘like a parrot all the time’ (a patient’s words) and they can trust that their doctor will have the information they need to make the best decision possible.
Why, then, has data sharing for individual care almost disappeared from recent reports? Most likely it is because there is broad agreement that it is a good thing, thus appearing less ethically and legally problematic. Yet it is extraordinarily difficult practically, as any GP would testify. It happens far less frequently than most of the public believe and expect.
Data sharing for individual care needs to return to the centre stage of the data-sharing debate so that appropriate action can follow. It also needs to be there because the two debates are inextricably linked. This is partly due to the (unfortunate) use of identical terms, and partly because there are many grey zones between the two. If we do not specifically address the similarities and differences between using data for ‘improving health, care and services through research and planning’ vs. using data for ‘individual care’ (terminology recommended by the Wellcome Trust’s Understanding Patient Data initiative)4 we will only be compounding the confusion. If we try to ‘phase’ the two, we will only be priming decisions about the second type of sharing, whichever it happens to be, through discussions and decisions about the first type of sharing.
The language and context spell trouble
Words create worlds. The government response acknowledges (in a footnote) how important it is to be using the right words and making things absolutely clear to the public. It then chooses and sticks firmly (over 80 times) with a term like the ‘national opt-out’. By now, we have seen the National Opt-out Programme appear in managerial role titles. The national opt-out will be a ‘single and simple’ mechanism by which individuals will be able to state that they do not want their identifiable information shared for purposes of service development and research. The response expresses a hope that, through appropriate awareness raising and communication, most people will understand the benefits of sharing their data for service improvement and research, and will choose to do so.
Perhaps. But a ‘national opt-out’ sounds to us dangerously close to a ‘national walkout’. Context matters too. The topic accompanying data sharing in all three reports is data security. ‘Stronger criminal sanctions’ for breaches are promised. This context will inevitably affect attitudes and actions around data sharing. It will affect them in different ways from those in a context discussing, for instance, care coordination and incentives for it.
‘Everything should be as simple as possible, but not simpler.’
Both the NDG’s review and the government’s response emphasise the importance of developing a consent model that makes things ‘absolutely clear’, and which is simple and easy to understand. Of course things should be made as simple and clear as possible. But patient data sharing is not simple. In a study we are completing, we have identified over 1800 challenges and drivers to it. Although many patients may be happy to give the simplest and most generic forms of consent possible, some will want more details. Our consent models should enable such layered understanding, rather than go for the lowest common denominator.
If we do not want a repeat of the Care.data experience, we need, among other things, to keep data sharing for individual care strongly in focus, be extra thoughtful about words and context, and avoid turning simplification into misinformation.
- © British Journal of General Practice 2018