Update on the NHS digital data collection - The choice is still yours

You may recall a few weeks back we talked a bit about how on the 6th of April, NHS digital announced on their website their intention to collect all GP practice personal identifiable data from approximately 55 million patients and their children into a central database for research purposes, as well as health and social care and public health reasons. The initial deadline was in the end of July 2021 to opt out of your GP surgery sharing your personal data, and a second opt out form had to be sent in to stop NHS digital sharing other data with public and private entities.  

Safe to say this decision did not go down well with the public (once they were finally made aware of it!) and after a series of complaints and public outcry by various interest groups the move was pushed forward until an unspecified future date to allow NHS digital more time to inform the public about their intentions with their data. As the minister for primary care and public health promotion, Jo Churchill, stated: "we are continuing to work on the infrastructure and communication of the project, we are not setting a specific start date for the collection of data."

This move is so important we decided it was worthy providing an update to, as a lot has happened in a relatively short period of time.


Let’s remind ourselves of what data they want to collect:

NHS digital want to collect data on for instance your sex, ethnicity, sexual orientation, clinical codes, data about diagnoses, symptoms, observations, test results, medications, allergies, immunisations, referrals and recalls, appointments, including information about your physical, mental and sexual health, in addition to data about what type of staff have treated you (i.e. physio, psychologist, cardiologist, oncologist etc). They claim the data will be ‘pseudoanonymized’ – or ‘depersonalised’ using software to make it more difficult to identify you. It is worth noting privacy experts are saying this may not be sufficient as pseudoanonymisation is easy to reveal, and critics are worried the data could be easily misused by 3rd parties.

NHS Digital will in any case still be able to use the same software to convert the unique codes back to data that could directly identify you. Some data, such as fertility treatment and gender re-assignment records, will at the moment not be shared as GP’s are prohibited to do so by law.

NHS digital list the following as examples of where you’re information may be recoded to identify you:

  • where the data was needed by a health professional for your own care and treatment
  • where you have expressly consented to this, for example to participate in a clinical trial
  • where there is a legal obligation, for example where the COPI Notices apply
  • where approval has been provided by the Health Research Authority or the Secretary of State with support from the Confidentiality Advisory Group (CAG) under Regulation 5 of the Health Service Regulations 2002 (COPI) - this is sometimes known as a ‘section 251 approval’.

So what has happened since then?

Well, first of all they have created the NHS Digital Data Uses Register, which is a database that intends to provide an overview of which companies and organisations they have created data sharing agreements with. Here is an example of such a data sharing agreement and what it looks like.

They have also updated their opt out page explaining in further detail to the public and to companies wishing to get access to sensitive patient data that they will be removing certain patient records from the data they release if a patient has requested an opt out.


NHS Digital has now decided they will not collect any patient data until a certain number of conditions have been met:

  • the ability to delete data if patients choose to opt-out of sharing their GP data with NHS Digital, even if this is after their data has been uploaded;
  • the backlog of opt-outs has been fully cleared;
  • a Trusted Research Environment has been developed and implemented;
  • patients have been made more aware of the scheme through a campaign of engagement and communication.


They have also decided to improve the opt-out process and have made the following updates:

  • Patients do not need to register a Type 1 opt-out by 1st September to ensure their GP data will not be uploaded;
  • NHS Digital will create the technical means to allow GP data that has previously been uploaded to the system via the GPDPR collection to be deleted when someone registers a Type 1 opt-out;
  • The plan to retire Type 1 opt-outs will be deferred for at least 12 months while we get the new arrangements up and running, and will not be implemented without consultation with the RCGP (Royal College of GP’s), the BMA (British medical association) and the National Data Guardian.

They creation of ‘Trusted Research Environments’ are intended to give people a sense of security that their data is going to be handled safely and their privacy protected – companies and organisations will only be able to access the data within a ‘secure NHS environment’ and they state they will not be able to copy or remove it outside of the TRE and reiterate they have no intention of selling the data for commercial gain.

They have also released a review of the impact sharing data has had on real world outcomes – again likely in an attempt to rebrand their image and backlash from the initial roll out and to regain the trust from patients regarding the use of their data.

In conclusion:

So there you have it, the roll out deadline has been removed, they have put in place several action plans to regain the trust of the population and we believe they are taking this seriously. As we mentioned in our initial post, we understand the need for data collection in order to improve health outcomes and propel the health service into the future. Data drives innovation, and there is no getting around it – data has played an instrumental role in getting us through the current pandemic, and will do so for future pandemics to come. But data security, trust and privacy are so fundamentally important to protect and govern, and the risk of malicious intent from 3rd parties, abuse and manipulation intentionally or accidentally is significant, particularly if one is trying to roll out a program that will collect 55 million data sets all at once.

The choice is still yours, and it is up to you to decide if they are doing enough to earn your data.