UK

Palantir: privacy fears over handing NHS data to US defence provider show how lack of trust is holding back much-needed reform

Palantir: privacy fears over handing NHS data to US defence provider show how lack of trust is holding back much-needed reform

Shutterstock/Marian Weyo

Controversial US tech company Palantir has been awarded a £330 million contract to create a new system for sharing data – including patients’ medical details – within the NHS in England.

The move has been welcomed by NHS leaders as a way to enable healthcare workers to access live healthcare data at the “touch of a button”. But doctors’ organisations and human rights charities have expressed concerns about the contract and Palantir, including whether patient data would be suitably protected.

The NHS is in desperate need of a better way to share information between the many care organisations that comprise it. The inability of its many existing data systems to talk to each other can lead to delays in care, poor understanding of local health service needs and hide inequalities in who gets care.

However, our research shows the UK public are currently ambivalent about their medical data being handled by private companies. So actions that further increase mistrust risk holding back these vital reforms.

Data on the health of UK citizens is held in many databases across GP practices, hospitals, health authorities, care homes, pharmacies and many other organisations. This means a doctor seeing a patient from a different area of the UK would typically not be able to rapidly access their hospital records.

But we know things can be different. Close to real-time information on the trajectory of the COVID pandemic helped coordinate a nationwide response. (And some of these new capabilities were actually facilitated by Palantir.)

Sadly, the post-pandemic benefits of data sharing for patients with other conditions have been short-lived. Regulations have, for the most part, returned to pre-pandemic restrictions and data put back in silos.

Palantir’s trust problem

So a new system for sharing data across the NHS is vital. The issue highlighted by awarding the new contract to Palantir is how important public trust is to successful reform, and how missteps could damage that trust.

Palantir’s detractors, such as Conservative MP David Davis, say questions remain over whether it can be trusted with private information due, in part, to its record of working with intelligence, immigration and military organisations in the US and its founder’s financial backing for the successful 2016 Trump presidential campaign.

Privacy concerns have also been raised, by groups including the British Medical Association, about whether confidential data will be seen by Palantir and other organisations outside of the NHS.

In a television interview with Palantir’s CEO Alex Karp shortly before the announcement, concerns were raised about them selling NHS patient data. In response, Karp told the BBC: “We’re the only company of our size and scale that doesn’t buy your data, doesn’t sell your data, doesn’t transfer it to any other company … That data belongs to the government of the United Kingdom.”

However, if the public start to feel that their data will not be protected, it could erode the already limited trust they have in private companies to be involved in the NHS.

Our research is attempting to identify public attitudes to NHS data sharing. We work on Datamind – the Medical Research Council and Health Data Research UK’s Mental Health Data Hub. We have published a large-scale assessment of UK public opinion on NHS data sharing, which consulted almost 30,000 people. While the public are highly supportive of data sharing with the NHS, charities and university researchers, they are less trustful of private companies.

Meanwhile, previous examples of NHS-industry data sharing collaborations have not helped and show what can happen if trust isn’t secured. Care.data was a programme that aimed to increase the range of health information collected across all NHS funded services, including general practice, for service planning and research.

It was explicitly stated that information would only be shared with industry for the benefit of health and care, such as developing new drugs, but not where it was solely for commercial purposes, such as insurance or marketing. Despite this, the programme was scrapped because of remaining concerns over who would be allowed to see confidential patient data, what it would be used for and whether patients would have the ability to opt-out.

What can be done to improve trust?

We believe that the sharing of patient data across NHS datasets could have enormous public health benefits that improve outcomes across the whole of medicine. But to achieve that, there has to be trust in the private companies that will inevitably be involved.

As we sit in our clinics, medical staff view and enter electronic health records on a Dell computer running Windows software manufactured by Microsoft that uses a patient record management system provided by the InterSystems Corporation. In other words, many services in the NHS are already provided by commercial companies.

There is a pressing need for the public to have the knowledge, language and skills to properly engage in nuanced conversations about the use of their data and to build trust in its responsible use where appropriate.

We developed an online data literacy course for the public with our Research Advisory Group and the patient engagement charity McPin. We also developed a glossary tool so people could quickly look up data science terms in easily understandable language. These allow people to effectively understand the information presented to them and ask difficult questions.

These conversations need to happen now. Otherwise we will lurch from one apparently misinformed data sharing crisis to another, further eroding public trust. This risks all the opportunities responsible safe and secure data sharing could provide.

Fundamentally, however, both government and industry need to prove that they are worthy of public trust. They need to commit to engaging the public as equal partners on the potential beneficiaries of this and other data sharing initiatives. We all need to know who stands to benefit from sharing our health data so that we can make truly informed decisions.

The Conversation

Andrew M McIntosh receives funding from The Wellcome Trust, UKRI, The European Commission and the US National Institutes of Health. He is the Chief Scientist of Datamind, the Health Data Research UK Hub for Mental Health.

Ann John receives funding from the MRC, MQ and Wellcome and is Principal investigator and Co-director of Datamind. She is a former Trustee at Samaritans and MQ.