UKC

Your GP health records are about to be 'grabbed'.

This topic has been archived, and won't accept reply postings.
 Slackboot 05 Jun 2021

Apologies if this has been covered already. I couldn't find anything so here goes. I think it is important.

You have until the 23rd June to opt out of having all your personal healthcare data grabbed from your GP and put onto a central database accessible by 'outside sources'. I read that as commercial organisations or in fact anyone. There is some sort of commitment to anonymise the data.

This was tried in 2014 but defeated when MP David Davis and a group of Doctors brought it to wider attention on ethical and moral grounds. 

 I may be slightly wrong with some of the detail but it is worth checking out. 

Post edited at 06:25
11
 Slackboot 05 Jun 2021
In reply to Slackboot:

Although the stuff I have read makes it sound as if you have to opt out by the date above I suspect you can opt out any time if you so wish. Some of the news stories are scaremongering but it is worth giving some thought to how you want your data used.

Also I should have used the term pseudonymise not anonymise.

Post edited at 07:13
3
 Gordonbp 05 Jun 2021
In reply to Slackboot:

There are two optouts.

One is opting out from GP data sharing, where the deadline is 23 July, but the 2nd is opting out from NHS data sharing which is different and far more open to commercial use and abuse. There is apparently no deadline for the 2nd opt out.

https://www.nhs.uk/your-nhs-data-matters/

https://digital.nhs.uk/about-nhs-digital/our-work/keeping-patient-data-safe/how-we-look-after-your-health-and-care-information/your-information-choices/opting-out-of-sharing-your-confidential-patient-information

 Slackboot 05 Jun 2021
In reply to Gordonbp:

Thank you for the links.

 Pedro50 05 Jun 2021
In reply to Gordonbp:

> There are two optouts.

Followed the 1st link and opted out. The second link seemed to go round in circles and end up in in what looked suspiciously like the same place.

1
 Crewey-Rob 05 Jun 2021
In reply to Slackboot:

Alarming; however couldn't it be as detrimental to opt out as to stay opted in?

On the one hand, every Tom, Dick and Harry could find out embarrassing personal information; on the other something treatable could be missed because records aren't being shared.

Is this the gist of it?

1
 Slackboot 05 Jun 2021
In reply to Crewey-Rob:

> Alarming; however couldn't it be as detrimental to opt out as to stay opted in?

> On the one hand, every Tom, Dick and Harry could find out embarrassing personal information; on the other something treatable could be missed because records aren't being shared.

> Is this the gist of it?

Not quite. I think your details are encrypted in a way which can be retrieved when a code is entered by say your doctor for your health care. Commercial organisations will only see the anonymous data. It's just the fact that your data is being used for purposes you have not agreed to at a time when nearly every website gives you that choice. Surely the same courtesy should be accorded to your very personal health data.

I think that by opting out your data stays with the GP and is still available to others who are only concerned with your care, just as it is now.

Post edited at 13:56
1
 Stichtplate 05 Jun 2021
In reply to Crewey-Rob:

> Alarming; however couldn't it be as detrimental to opt out as to stay opted in?

Could certainly be detrimental to your health if the people treating you can’t easily access your health records. 

> On the one hand, every Tom, Dick and Harry could find out embarrassing personal information; on the other something treatable could be missed because records aren't being shared.

All your information will still be treated in accordance with Calldicott principles. Give it a Google, it’s fairly reasonable.

2
 Gordonbp 05 Jun 2021
In reply to Stichtplate:

The problems are:

1. Do you trust this government not to sell any of your data if it makes their mates a profit either now or in the future?

2. The data mining company involved with the NHS is Palantir which doesn't have a good reputation concerning privacy.

https://www.bbc.co.uk/news/technology-56183785

2
 Stichtplate 05 Jun 2021
In reply to Gordonbp:

I don’t trust this government at all but what you have to decide is what’s likely to cause you and yours the greater harm; clinicians being unable to access timely information when treating you or a private company having access to your anonymised data.

1

In reply to:

NHS trusts routinely use patient data for purposes which aren’t directly related to the individual patient’s health, for example analysis of data in pursuit of targets. The data is anonymised (“pseudonymised” as the NHS call it) to protect patient confidentiality but this is imperfect, especially if you have something really unusual wrong with you which can help to identify you. In the ideal world all this data would be stored very securely and safely, not on a server under someone’s desk. So I’m not personally that bothered about my data being additionally used for other research in a similar way. 
In fact, I’d be over the moon at having my data harvested by a third party if it solved the seemingly very difficult problem of sharing my data between different NHS services or locations. 

 Gordonbp 05 Jun 2021
In reply to Thugitty Jugitty:

the problem is the third party the NHS is contracted with.

Palantir was formed by Peter Thierry, who was the head of Cambridge Analytica which, as you recall was involved in major illegal data collection and manipulation in the Brexit referendum.

https://www.bbc.co.uk/news/business-54348456

 Crewey-Rob 05 Jun 2021
In reply to Thugitty Jugitty:

That aspect of it sounds similar to being an organ donor (which is also opt out these days) although it's your information that you're volunteering.

 Crewey-Rob 05 Jun 2021
In reply to Gordonbp:

> the problem is the third party the NHS is contracted with.

> Palantir was formed by Peter Thierry, who was the head of Cambridge Analytica which, as you recall was involved in major illegal data collection and manipulation in the Brexit referendum.

Malodorous, although if this technology can be so powerful in a deceitful way, think what good it could achieve if applied with wholesome intentions.

3
 Gordonbp 05 Jun 2021
In reply to Crewey-Rob:

Absolutely. Unfortunately this government is only interested in lining their own pockets....not the good of the electorate....

2
 Ciro 05 Jun 2021
In reply to Slackboot:

If you own a smartphone, it will be relatively easy for the data analytics companies to de-anonymise your health data.

1
 neilh 05 Jun 2021
In reply to Slackboot:

About time they got on and digitalised this info so that it can be used to help advance medical science. 

The NHS data on us has been used for years to help all sorts of stuff in medical research. 
 

It cannot come fast enough imho 

7
 Slackboot 05 Jun 2021

It would be interesting to know what percentage of health professionals are happy to go along with the change and what percentage aren't. 

I just think there should be some debate. Most people don't even know it's happening.

 JMarkW 05 Jun 2021
In reply to Ciro:

I've heard this mentioned before. Regarding location data and patient registration GP practice codes.

I might have a dig into it. Medical data is shared, NHS numbers are de-id'd. I don't believe GP practice data and org data is.

Post edited at 19:06
 Gordonbp 05 Jun 2021
In reply to neilh:

I have no argument with that.

What I do have an argument with is a) the US company the NHS is using to do this, and b) I just don't trust this government farther than I can spit.

the US company, Palantir,  was set up by the head of Cambridge Analytica, he's a right-wing libertarian tech investor, Peter Thiel, and America's Central Intelligence Agency.

1
 Root1 05 Jun 2021
In reply to Pedro50:

> Followed the 1st link and opted out. The second link seemed to go round in circles and end up in in what looked suspiciously like the same place.

I think it's not meant to be found. But it is there if you persist  This is the link.

https://assets.nhs.uk/nhsuk-cms/documents/Make_and_manage_your_choice_or_your_childs_choice_PDF_224kb.pdf

 Kalna_kaza 05 Jun 2021
In reply to Ciro:

Each person is likely to have an almost unique health record regards symptoms reported, injuries and illnesses. 

Some one who broke their nose playing rugby would be hard to pick out of millions of records. But if you know their approximate age and that they also have diabetes and have been treated for an ingrown toenail then suddenly the potential number of people drops to single digits.

This government has shown it has no qualms about giving preferential treatment to their mates, even if breaking procurement laws. Trust them with valuable data that can be exploited for profit? No chance. 

2
 Root1 05 Jun 2021
In reply to neilh:

> About time they got on and digitalised this info so that it can be used to help advance medical science. 

> The NHS data on us has been used for years to help all sorts of stuff in medical research. 

>  

> It cannot come fast enough imho 

There is already a system in place for info to be used for medical research, but this go's way to far. Our data is being sold to the likes of google and Amazon. Its also going to a company called Palantir, originally set up by the CIA and with an appalling history of poor security and dodgy dealing.

The data is anonymous, but in certain situations  this can be overidden. We have no control over that, unless as individuals we opt out now.

 Root1 05 Jun 2021
In reply to Stichtplate:

> I don’t trust this government at all but what you have to decide is what’s likely to cause you and yours the greater harm; clinicians being unable to access timely information when treating you or a private company having access to your anonymised data.

Your records are still available to the NHS just as they are now. Its the selling on to dubious companies that's wrong.

 Stichtplate 05 Jun 2021
In reply to Root1:

> Your records are still available to the NHS just as they are now. Its the selling on to dubious companies that's wrong.

Not currently easily accessible to all branches of the NHS and even harder for the multitude of private firms providing various patient services for the NHS.

In reply to Stichtplate:

The data sharing in question is explicitly described by NHS digital as being “for purposes other than your individual care”. Opting out shouldn’t therefore make any difference to how easily a treating clinician can access your data.

 Stichtplate 05 Jun 2021
In reply to Stuart Williams:

> The data sharing in question is explicitly described by NHS digital as being “for purposes other than your individual care”. Opting out shouldn’t therefore make any difference to how easily a treating clinician can access your data.

I’m sure you’re right, I’ve not looked into the ins and outs.

What I do know is that access to GP records can beca tortuous process due to GPs practices overwhelming existing as individual private businesses. Something worth reflecting on by all those up thread worried about private businesses getting their grubby mitts on “our NHS data”.

4
In reply to Stichtplate:

The NHS app already has a fair bit of data about me from my GP’s records. I can’t remember whether that required my consent or not. I think my GP’s surgery uses one of the more mainstream IT systems. There’s a lot of free text; I don’t know whether it’s more machine-friendly behind the scenes but I’d guess not. 
A very long time ago I worked on a GP IT system which encoded smear test results into individual bits before storing them in a horrible niche database, which might take someone a while to unpick. 

 Bob Kemp 06 Jun 2021
In reply to Root1:

Problem is that the data will be pseudonymised, not truly anonymised. That makes it much easier to identify individuals. The information to do that is stored separately but that in itself is no guarantee of security. 

 Bob Kemp 06 Jun 2021
In reply to Stichtplate:

You’ll remember that that Fiona Caldicott was not very impressed with the government’s last attempt at data-sharing, care.data. Lack of transparency and information for practitioners and patients were key issues. I don’t see any signs that these have been addressed. It looks like the government are trying to sneak out another version of care.data under cover of the pandemic. They’ve made no attempt to present the public and the medical profession with an honest discussion of the risks and benefits. 

 JMarkW 06 Jun 2021
In reply to Kalna_kaza:

I'm not sure how knowing three pieces of medical information about a person helps u identify them?

Unless you know where they were treated as well, and can then as others have said use smartphone location data to cross check against the GP practice, CCG, trust locations?

This organisation data, eg where a pseudo NHS number  was treated isn't part of the GP data sharing, but I'm going to check that.

I don't work on the GP data but I do work for NHS Digital on other patient related data.

 Bob Kemp 06 Jun 2021
In reply to Slackboot

Here’s some information on NHS data breaches that have occurred already. Not a great track record.

https://medconfidential.org/for-patients/major-health-data-breaches-and-scandals/

 Stichtplate 06 Jun 2021
In reply to Bob Kemp:

Read through the breaches and tell me what the resulting negative impacts on actual people were? 
 

I know I’m in a small minority on this but I really don’t get this obsession with privacy on the most mundane aspects of our lives. From what we earn to whether we had an in growing toenail in 1998... nobody really gives a shit do they? And if they do, so what?

On the other hand, on almost a daily basis, I see real world impacts of poor data sharing on patient care. Impacts that aren’t just detrimental to the patient but also attending clinicians and the wider public.

Anybody on here got a tale to tell where lax medical data security had a negative impact on them? (Not holding my breath).

3
 Slackboot 06 Jun 2021
In reply to Stichtplate:

Surely the fear is that your medical data might be used for the wrong reasons by the wrong people. It may be relatively safe at present but who knows what type of Government we will have in the future. Who knows what bodies will have access to our most private records. It's not just about ingrown toenails is it? For example if 1 in 5 people have mental health problems and a prospective employer gets access to the fact then there are consequences. There are many other examples I could cite. The strictest controls should be maintained on privacy and confidentiality. It is the only way to ensure some sort of standard in the future. As I have already mentioned somewhere if websites can ask for permission as to how they use your browsing data then individuals should be accorded the same courtesy with regard to their most private and personal data.

Post edited at 14:15
 Stichtplate 06 Jun 2021
In reply to Slackboot:

So you can’t come up with real world examples of people being negatively impacted by leaked medical data and the best you can come up with is a hypothetical employer accessing information on the mental health of a prospective employee?

Forgive me if I come across as a bit of a nervous nelly but the next time I board an easyJet flight to somewhere sunny, I’d rather the flight crew didn’t compose of an epileptic prone to frequent seizures and a schizophrenic suffering frequent suicidal ideation.

There are plenty of job roles where your medical history has a direct impact on your employability, and for very good reason. Sorry, but this stuff isn’t black and white.

17
 neilh 06 Jun 2021
In reply to Root1:

This sort of data is flowing freely anyway.  It’s a data driven world .

If you are that bothered about this sort of stuff go off grid and stop posting on ukc etc etc.  
 

11
 Slackboot 06 Jun 2021
In reply to Stichtplate:

I think the point is that it is my data.and I want a say in who sees it. Simple as that really.

1
 Crewey-Rob 06 Jun 2021
In reply to Stichtplate:

Aha! But huge amounts of people make a complete recovery from mental health issues, it could even be argued they are better placed to avoid them in the future due to their experience compared to someone who's been cushioned from some of the harsh realities of life. A hackable digital system is like a caste system on steroids.

I am playing Devil's advocate here but I think this is a valid point.

 Stichtplate 06 Jun 2021
In reply to Slackboot:

> I think the point is that it is my data.and I want a say in who sees it. Simple as that really.

You already have a say on it, so what’s your issue again?

2
 profitofdoom 06 Jun 2021
In reply to Crewey-Rob:

> Aha! But huge amounts of people make a complete recovery from mental health issues, it could even be argued they are better placed to avoid them in the future due to their experience.....

And of course there was the pilot who decided to deliberately crash his commercial flight in France in 2015, killing all 150 people on board

I am not saying Lubitz was mentally ill. I don't know. I'm saying it was a mistake to let him pilot that plane that day

https://en.wikipedia.org/wiki/Germanwings_Flight_9525#Investigation_of_Lubitz

2
 Crewey-Rob 06 Jun 2021
In reply to profitofdoom:

Granted.

1 in 4 people in the UK have mental health problems in any given year.

There is, due to the rare examples, such as yours above, a stigma surrounding mental health.

Post edited at 15:47
 duchessofmalfi 06 Jun 2021
In reply to Crewey-Rob:

Overall unless a massive number of people opt out (and ruining the statistical significance) _or_ you have a rare condition that makes you opting out alter the statistical significance of studies into your condition opting out is harmless to you.

On the latter point, rare conditions aren't cherry picked by pharma so in or out your condition is likely to be ignored in this data sale so you probably won't benefit anyway.

Quite simply I wouldn't trust them to be able to protect your data, manage to not identify you in a data breach or through fusion with other datasets or screw up in one of many other ways. 

While this is probably also true of your medical records already the difference is presumed consent.

Information exploitation like this is not far from issues raised by the exploitation of tissue taken without consent (look up Henrietta Lacks). 

 Crewey-Rob 06 Jun 2021
In reply to Crewey-Rob:

> Aha! But huge amounts of people make a complete recovery from mental health issues, it could even be argued they are better placed to avoid them in the future due to their experience compared to someone who's been cushioned from some of the harsh realities of life. A hackable digital system is like a caste system on steroids.

> I am playing Devil's advocate here but I think this is a valid point.

I should have added Terry Pratchett's quote "No-one goes crazy quicker than a totally sane person" to the end of this post.

I'm bowing out now as this is an important discussion and wider than just mental health.

 Gordonbp 06 Jun 2021
In reply to Stichtplate:

I suggest you read Permanent Record by Edward Snowden, and The Filter Bubble by Eli Pariser.

This mantra  "I have nothing to hide therefore I don't mind my data being collected" is a complete nonsense. the more data the commercial giants have on you, the more money they make by selling it to third party companies, some of whom may not be overly responsible in the way they use it.

https://lifehacker.com/why-you-should-care-about-and-defend-your-privacy-5904966

https://www.forbes.com/sites/quora/2017/03/21/why-data-collecting-can-be-dangerous-for-personal-freedom/?sh=58789b627ecc

 Gordonbp 06 Jun 2021
In reply to Stichtplate:

No you don't. Once it gets out of the confines of the NHS, how can you determine what it's used for?

 Gordonbp 06 Jun 2021
In reply to neilh:

That's just silly. There are plenty of ways to minimize or actually prevent the collection of your data. I'd be very surprised if UKC sells your data on to a third party companies, unlike Google (particularly), Microsoft, Apple et al.

 Stichtplate 06 Jun 2021
In reply to duchessofmalfi:

> Overall unless a massive number of people opt out (and ruining the statistical significance) _or_ you have a rare condition that makes you opting out alter the statistical significance of studies into your condition opting out is harmless to you.

Yeah, that's more commonly known as "freeloading". Opt out, keep your data secure (maybe) and reap the rewards of medical advances predicated on everyone else's data. Maybe brush up on Kant's categorical imperative?

> On the latter point, rare conditions aren't cherry picked by pharma so in or out your condition is likely to be ignored in this data sale so you probably won't benefit anyway.

You're even less likely to suffer any detrimental impact either but hey ho.

> Quite simply I wouldn't trust them to be able to protect your data, manage to not identify you in a data breach or through fusion with other datasets or screw up in one of many other ways. 

We're talking about data bases compiled by private GP practices here. Is there anyone on this thread who hasn't had interactions with overly inquisitive GP receptionists? If you're worried about data security in the real world, as opposed to the purely hypothetical, perhaps skim through the Caldicott principles and think about the questions typically posed to you by the average entirely non medically trained GP receptionist.

> While this is probably also true of your medical records already the difference is presumed consent.

Yep, presumed consent so if you're bothered withdraw consent. In the real world most people don't care. How do I know this? because I see an average of 6 patients a shift and 25-30% of those I contact their GP or other services to discuss their case. I always say "are you happy for me to discuss your case and share relevant information", since I started doing this in 2017 I've never had anyone say no. I've never even had anyone question the why's and wherefores in any way shape or form.

> Information exploitation like this is not far from issues raised by the exploitation of tissue taken without consent (look up Henrietta Lacks). 

Interesting case to bring up. Her information (tissue) was taken without consent, made an immeasurable contribution to medical advancement and the lives of others, had zero detrimental impact on her and Henrietta only became famous as a result of campaigners publicising her case. So who had the most impact on her privacy? the medics or the campaigners?

5
 Stichtplate 06 Jun 2021
In reply to Gordonbp:

> No you don't. Once it gets out of the confines of the NHS, how can you determine what it's used for?

GPs aren't in the confines of the NHS, they're overwhelmingly involved in small private businesses working under contract to the NHS.

1
 Gordonbp 06 Jun 2021
In reply to Stichtplate:

> We're talking about data bases compiled by private GP practices here. Is there anyone on this thread who hasn't had interactions with overly inquisitive GP receptionists? If you're worried about data security in the real world, as opposed to the purely hypothetical, perhaps skim through the Caldicott principles and think about the questions typically posed to you by the average entirely non medically trained GP receptionist.

Which will then be shared to (not good track record of security) NHS databases which will then be accessed by a private US  company, Palantir, who very definitely have a dodgy record when it comes to data security.

Do you REALLY want your personal medical records given to a US company backed by the founder of Cambridge Analytica, which if you remember was embroiled in accusations of illegal data collection and manipulation in the Referendum?

1
 Gordonbp 06 Jun 2021
In reply to Stichtplate:

You don't get it at all, do you? GPs are covered by GDPR as is the NHS. When the NHS allows access to your records by a US company, there's no GDPR applicable. Happy with that?

 Stichtplate 06 Jun 2021
In reply to Gordonbp:

Don’t care, not bothered, totally relaxed about it.

7
 Gordonbp 06 Jun 2021
In reply to Stichtplate:

Well. More fool you then.

i suppose you're quite happy for the NHS to be privatised and turned into a US insurance company product. Because a US company trawling through everyone's medical records is just the thin end of the wedge.

Post edited at 18:25
5
 Gordonbp 06 Jun 2021
In reply to Stichtplate:

And when medical records are used by insurance companies to up or refuse premiums because of a "mistake" or by potential employers, or by any other organisation that can get their hands on them for non-health related purpose, you're quite happy?

 Stichtplate 06 Jun 2021
In reply to Gordonbp:

> Well. More fool you then.

Cheers, I’ll stress about real world problems like hackers emptying my bank account while you stress about US multinationals finding out you had piles in 2004😂

> i suppose you're quite happy for the NHS to be privatised and turned into a US insurance company product.

Nope, big fan of the NHS. You’re conflating completely separate issues.

>Because a US company trawling through everyone's medical records is just the thin end of the wedge.

 

Thin end of the wedge now is it? The phrase universally employed by everyone who ever wanted to get people worked up about an issue that hadn’t yet managed to manifest any real world impact.

6
 Gordonbp 06 Jun 2021
In reply to Stichtplate:

You really really need to do some research instead of burying your head in the sand.

Start with Palantir and see if they are a proper company to access all our medical records.

Post edited at 18:35
In reply to Gordonbp:

A GP was on a BBC program last week and said that everyone should be concerned with giving medical data to private sector (he wasn’t the first Doctor on the BBC to say this in recent weeks btw).

Two, theoretical, examples were given as realistic possibilities when commercial companies get hold of the medical data.

 Just giving the examples as I recall they were roughly stated:

1. Insurance companies could process medical conditions and their frequency by postcodes, and in future limit insurance/charge more/place more restrictions/etc., for anyone living same postcode area irrespective of their actual medical history.

2. Financial companies, could similarly process data and refuse/restrict mortgages in certain postcodes purely based on typical medical conditions if it suited them.

 Stichtplate 06 Jun 2021
In reply to Gordonbp:

> And when medical records are used by insurance companies to up or refuse premiums because of a "mistake" or by potential employers, or by any other organisation that can get their hands on them for non-health related purpose, you're quite happy?

Yeah Gordon, in common with almost all people I worry mostly about things that are happening than getting worked up about what ifs.

Global warming, pandemics and sourcing a decent plumber are enough for me to be getting on with at the moment 😂

5
 Gordonbp 06 Jun 2021
In reply to Climbing Pieman:

Maybe reply to Stichtplate. He's burying his head in the sand.

2
 Gordonbp 06 Jun 2021
In reply to Stichtplate:

Jeeeeeze......

 Stichtplate 06 Jun 2021
In reply to Gordonbp:

> Jeeeeeze......

I know! I’ve got loads on my plate already

does this stuff really keep you awake at night?

In reply to Stichtplate:

> does this stuff really keep you awake at night?

At least for some of your medical colleagues it appears so; to go onto tv and state their concerns they must have carefully considered it. See my post above.

Post edited at 18:53
 Bob Kemp 07 Jun 2021
In reply to Stichtplate:

> Cheers, I’ll stress about real world problems like hackers emptying my bank account while you stress about US multinationals finding out you had piles in 2004😂

Data protection is a real world problem. Data breaches cost money, disrupt services and cause reputational damage. 

> Nope, big fan of the NHS. You’re conflating completely separate issues.

If you're a big fan of the NHS you should be concerned about data breaches for the reasons noted above. It makes sense to insist on protections like full anonymisation, proper monitoring procedures and so on to protect the NHS. And full transparency combined with getting the population to understand the trade-offs involved in extensive data scraping and sharing can only enhance the NHS's standing in this context. 

In reply to Stichtplate:

> I know I’m in a small minority on this but I really don’t get this obsession with privacy on the most mundane aspects of our lives. From what we earn to whether we had an in growing toenail in 1998... nobody really gives a shit do they? And if they do, so what?

People like this are experts in obtaining multiple databases and cross-correlating to identify the same individual and obtain more information about them than could be obtained from any one source.  They also have a track record of complete contempt for data protection law - specifically during Brexit.  And they have associations with insurance and financial service companies.   They will do the particularly obnoxious stuff in throwaway organisations / companies which can be folded and walked away from when the complaints catch up with them.

The obvious risks are:

a. damaging prominent individuals who cross them by correlating sensitive medical information  with public information to identify an individual and then leaking allegations to journalists or police.  They don't need to be 100% sure based only on the computer search, it just needs to be enough to put an investigator on.

b. blackmail

c. obtaining a more accurate prediction of medical risk in financial services situations in order to get a commercial advantage.   For example being able to offer instant quotes where others would require a long form, or avoid risky cases.

d. identifying customers/voters who might be susceptible to specific targeted advertising on social media.

e. 'screening' services for employers which give a rating without being honest about how they determine it.

Post edited at 06:50
In reply to Gordonbp:

> the US company, Palantir,  was set up by the head of Cambridge Analytica, he's a right-wing libertarian tech investor, Peter Thiel, and America's Central Intelligence Agency.

As someone with a background in computer science I can think of about 10 dodgy things to do with medical data to make money, damage rivals or influence consumers and voters with about five minutes thought.

People who have spent their entire career thinking about dodgy stuff to do with data in the service of intelligence agencies and politicians will be way ahead of me.

For example they could specifically look for folk with mental health issues and target then with social media advertising designed to set them off in a particular direction.   People who use nefarious means to get psych profiles on millions of Facebook users can't be trusted not to go after real mental health information.

https://en.wikipedia.org/wiki/Facebook%E2%80%93Cambridge_Analytica_data_scandal

2
In reply to Stichtplate:

I told my GP about my mental health issues under an assumption of privacy, the idea that my innermost fears and worries could now be processed by private companies utterly terrifies me, and had this been in place at the time I would have not accessed those services in the first place. If others feel the same it may well affect how many people step forward for help which obviously will have real world impacts

 Offwidth 07 Jun 2021
In reply to Stichtplate:

GPs as subcontracted services have been part of the NHS since it's inception, you can argue all you like about that being flawed but they are the main part of the NHS Primary Care system. They are also part of the NHS pension scheme. Those worried about the privatisation aspects should be more concerned with specific changes of how GPs are being managed thanks to recent governments.

https://www.nhsforsale.info/sector/gps/

The data experts I know all think the sale of this data (and the way it's been handled) is a disaster on the most important fronts: security in the widest sense (including working with companies we can trust) and maximising the value and utility for future medical development and the public good, in an open and transparent way.

But hey, feel free to insult fellow NHS workers and play ostrich on a massive data disaster in the making. 

2
 Slackboot 07 Jun 2021
In reply to willworkforfoodjnr:

> I told my GP about my mental health issues under an assumption of privacy, the idea that my innermost fears and worries could now be processed by private companies utterly terrifies me, and had this been in place at the time I would have not accessed those services in the first place. If others feel the same it may well affect how many people step forward for help which obviously will have real world impacts

Well said.

1
 Stichtplate 07 Jun 2021
In reply to the thread:

Lot of people getting worked up about privacy breeches on here. First off I asked yesterday lunchtime- "Anybody on here got a tale to tell where lax medical data security had a negative impact on them? (Not holding my breath)." Nobody has coughed so right from the off we're in the realms of pure speculation as to the negative impacts.

As to positive impacts, here's what the British Medical Association had to say on this matter 3 days ago “Drawing insights from health-related data is vital for health service planning, and is a crucial way to monitor public health, organise local services and look at population-level health needs." The BMA has been involved in this matter since inception and their major qualm is the lack of publicity on the programme allowing people the option to opt out thus preserving the core principle of informed consent.

All data collation and sharing should adhere to the Caldicott principles:

The Caldicott principles, which were updated in 2013, should be employed to examine the conditions under which patient-identifiable information is used or shared. They are as follows.

Principle 1 — justify the purpose(s) for using confidential information.

Principle 2 — only use confidential information when absolutely necessary.

Principle 3 — use the minimum information that is required.

Principle 4 — access to confidential information should be on a strict need-to-know basis.

Principle 5 — everyone must understand their responsibilities.

Principle 6 — understand and comply with the law.

Principle 7 — the duty to share personal information can be as important as the duty to have regard for patient confidentiality.

Overall there should be a balance between the protection of patient information and the use and sharing of this information between agencies to improve care.

Now if you want to get all upset about unnecessary disclosure and dissemination of sensitive personal data ask yourself if the GP receptionist needs to know every detail of a patients clinical presentation every time a fellow medic rings up for a discussion about their patient, because ask they do, every single time.

5
 Stichtplate 07 Jun 2021
In reply to willworkforfoodjnr:

> I told my GP about my mental health issues under an assumption of privacy,

Nobody will be processing personally identifiable information. No exterior data farm will be receiving your medical records with your name at the top.

>the idea that my innermost fears and worries could now be processed by private companies utterly terrifies me, and had this been in place at the time I would have not accessed those services in the first place. If others feel the same it may well affect how many people step forward for help which obviously will have real world impacts

Please take note thread, the above is an example of the real world damage keyboard warriors cause when they start scaremongering.

8
In reply to Stichtplate:

> All data collation and sharing should adhere to the Caldicott principles:

> The Caldicott principles, which were updated in 2013, should be employed to examine the conditions under which patient-identifiable information is used or shared. They are as follows.

The Caldicott principles are irrelevant.  Things have gone way too far, we now have a government of proven liars, Johnson, Handcock et al all have multiple breaches of the ministerial code behind them, they have a track record of appointing cronies to investigate and whitewash their misdeeds and appointing their pals to lead public bodies.

No matter how good the principles look on paper this lot can't be trusted to apply and enforce them.  Their track record of handling personal data during the Brexit referendum campaign and the people and organisations they associate with make it even worse.

The only sensible thing is to not let Vote Leave Tories and their data mining friends anywhere near your confidential data.  You wouldn't put Ronnie Biggs in charge of the Bank of England's gold reserves just because he signed a code of conduct.

Post edited at 09:44
4
In reply to Stichtplate:

They can unlock the data for unspecified legal reasons, and even they accept that data is only pseudo anonymised. So what you are saying is I have to trust the intentions of the government, from now to perpetuity, with no concrete guarantees what this will and will not be used for? It may not make you nervous, in which case I doubt you have similar 'situations' listed in your medical record, but I cannot imagine anything worse

 mondite 07 Jun 2021
In reply to Stichtplate:

> Lot of people getting worked up about privacy breeches on here. First off I asked yesterday lunchtime- "Anybody on here got a tale to tell where lax medical data security had a negative impact on them? (Not holding my breath)."

The flaw here is you are asking people to talk about the current state as an argument that it is okay to massively change that state.

Or to put it another way. How many people complained about their username, email and passwords getting leaked in the 1980s? No one? Excellent then why are people complaining that those columns should be hashed in databases.

Anyone with an interest in data knows three things.

Firstly anonymisation is very very hard to do on most datasets in a useful way. Obviously zeroing everything out works nicely but buggers up the ability to study it.

Secondly people find lots of ways of using data you dont expect.

Thirdly once its out there its damn hard to get back in.

> Now if you want to get all upset about unnecessary disclosure and dissemination of sensitive personal data ask yourself if the GP receptionist needs to know every detail of a patients clinical presentation every time a fellow medic rings up for a discussion about their patient, because ask they do, every single time.

So you are arguing because the data security is shit there we should make it shit on a far larger scale

A novel argument.

In reply to Stichtplate:

Sounds like the BMA have their concerns, too. I note their use of 'should', which suggests they fear this data disclosure will not meet the Caldicott principles.

 Stichtplate 07 Jun 2021
In reply to tom_in_edinburgh:

> The Caldicott principles are irrelevant.  Things have gone way too far, we now have a government of proven liars, Johnson, Handcock et al all have multiple breaches of the ministerial code behind them, they have a track record of appointing cronies to investigate and whitewash their misdeeds and appointing their pals to lead public bodies.

The Caldicott principles are irrelevant even though they're the standard the project is adhering to?

Luckily Hancock and Johnson are unlikely to be busy typing away, compiling the data.

> No matter how good the principles look on paper this lot can't be trusted to apply and enforce them.  Their track record of handling personal data during the Brexit referendum campaign and the people and organisations they associate with make it even worse.

> The only sensible thing is to not let Vote Leave Tories and their data mining friends anywhere near your confidential data.  You wouldn't put Ronnie Biggs in charge of the Bank of England's gold reserves just because he signed a code of conduct.

So your main objection is The Bastard Tories (again)... what's the SNP said on the matter?

4
In reply to mondite:

Agreed. I've lost track of the number of data breaches I have been included in but its at least 10. I use a password manager and rotate passwords, and in the case of a breach I can reset my password and get rid of the issue. But I can never use that password again.

However, those breaches still have enough info for me to be linked to my postcode, and my postcode will be linked to my nhs data, already there is danger for cross use.

And once its breached once, I can't go back and change my NHS history, its out there, on the dark web, forever, for anybody to access. The wider the net of companies with access to our data the higher the risk of breach. Its not good at all

 Stichtplate 07 Jun 2021
In reply to willworkforfoodjnr:

> They can unlock the data for unspecified legal reasons, and even they accept that data is only pseudo anonymised. So what you are saying is I have to trust the intentions of the government, from now to perpetuity, with no concrete guarantees what this will and will not be used for? It may not make you nervous, in which case I doubt you have similar 'situations' listed in your medical record, but I cannot imagine anything worse

You think the legal reason is likely to be a low bar then? I'd imagine it'll be a bar set so high it'll require judicial oversight. As to pseudo anonymised, look up the definition and further consider your record will be one amongst 65 million.

5
 Bob Kemp 07 Jun 2021
In reply to Stichtplate:

Comments from others so far haven’t been against the broad idea of data sharing but more concerned with the lack of information and transparency. For instance Slackboot: 

“I just think there should be some debate. Most people don't even know it's happening.”

Or they are concerned with future threats to security and possible misuse of data. It’s not enough to say ‘Well you haven’t been harmed so why worry?’. Crying wolf isn’t desirable but nor is complacency. (We should understand this from the ways in which early news of the coronavirus pandemic was received). At the moment the whole data sharing realm is like the Wild West, and we don’t know what the consequences will be, or what potential misuses ‘bad actors’ may invent. It is worth being careful. 

As far as the Caldicott principles are concerned, these provide useful guidance if they are adhered to. But as I said above, Caldicott found the earlier incarnation of this NHS initiative to be in breach of her principles. The new version should be properly discussed and scrutinised, and people should have more involvement in what is shared. 
 

 mondite 07 Jun 2021
In reply to Stichtplate:

>  As to pseudo anonymised, look up the definition and further consider your record will be one amongst 65 million.

I have looked up the definition and, assuming you are referencing the GDPR version, the key bit is "without the use of additional information".  As for 65 million lets go back to the BMA statement you were using as a defence and look at the "local services". So ermm no longer 65 million if thats going to be achievable.

You are relying on a)the standards being kept high b)no breaches and c)no misuse.

Thats a level of trust many of us simply dont share especially for companies like Palantir.

 Stichtplate 07 Jun 2021
In reply to mondite:

> The flaw here is you are asking people to talk about the current state as an argument that it is okay to massively change that state.

> Or to put it another way. How many people complained about their username, email and passwords getting leaked in the 1980s? No one? Excellent then why are people complaining that those columns should be hashed in databases.

> Anyone with an interest in data knows three things.

> Firstly anonymisation is very very hard to do on most datasets in a useful way. Obviously zeroing everything out works nicely but buggers up the ability to study it.

> Secondly people find lots of ways of using data you dont expect.

> Thirdly once its out there its damn hard to get back in.

Weigh up known benefits of the programme against potential pitfalls and decide which is the best course to follow. Its how rational people make decisions.

> > Now if you want to get all upset about unnecessary disclosure and dissemination of sensitive personal data ask yourself if the GP receptionist needs to know every detail of a patients clinical presentation every time a fellow medic rings up for a discussion about their patient, because ask they do, every single time.

> So you are arguing because the data security is shit there we should make it shit on a far larger scale

No, I'm arguing that people are upset at the idea of unspecified third party companies accessing their anonymous data. Meanwhile they apparently have few qualms about Janet the receptionist that lives down the road, shops in the same shops and probably has acquaintances in common, asking clinical questions on identified patients without clinical training.

4
In reply to Stichtplate:

> You think the legal reason is likely to be a low bar then?

The point is I don't know the bar until its too late to do anything about it

 duchessofmalfi 07 Jun 2021
In reply to Stichtplate:

The issue here is presumed consent vs informed consent.  We've moved on since the HeLa cell line was developed without informed consent and medical ethics now require informed consent (with fine grained consent) for all tissue samples. 

While I use HeLa cells frequently I would never take and use a tissue sample without informed consent.  The same applies to medical records and this data grab breaks this basic tenet of modern research ethics. As we move between a world where physical artefacts represent property to one where information represents property we have to accept an equivalence between an physical sample and some forms of data and therefore the same informed consent should apply.

Fine grained consent is also required.  For instance, I'm happy to grant consent for restricted purposes but not for unlimited purposes or purposes that might lead to patents being taken.  This data grab does not permit this to be controlled and the binary presumption of total consent is ethically unsound and objectionable.

 mondite 07 Jun 2021
In reply to Stichtplate:

> Weigh up known benefits of the programme against potential pitfalls and decide which is the best course to follow. Its how rational people make decisions.

Okay so as a rational person my default position is that security breaches will occur. Since I wont be able to vet each company in advance therefore I have to assume at least one will have substandard security especially in the big data world.  Although AWS and co have been improving some of the default settings were way beneath what they should have been and the amateurs didnt know how to secure them.

> No, I'm arguing that people are upset at the idea of unspecified third party companies accessing their anonymous data.

The problem is I know "anonymous" data doesnt really exist. The only way data can be made truly anonymous is by rendering it useless for any analysis.

 wercat 07 Jun 2021
In reply to captain paranoia:

> Sounds like the BMA have their concerns, too. I note their use of 'should', which suggests they fear this data disclosure will not meet the Caldicott principles.


I'm sure Baroness Harding can be trusted with ensuring it's all "OK" when she takes over the NHS

In reply to Stichtplate:

> I know I’m in a small minority on this but I really don’t get this obsession with privacy on the most mundane aspects of our lives. From what we earn to whether we had an in growing toenail in 1998... nobody really gives a shit do they? And if they do, so what?

I'm with you.  Not sure how comfortable I am with any exclusive data-sharing deals (assuming that's what what's proposed) and if they are going to do it I hope they have Kate Bingham negotiating a good deal, but I have no problem with having my medical records accessible online (as they are on the NHS app).

Why people are so concerned about the hypothetical risks around their medical records whilst being completely comfortable having all their money online is beyond me.   

6
 Bob Kemp 07 Jun 2021
In reply to Stichtplate:

You’re attaching too much weight to the receptionist analogy. The information you give the receptionist is not digitised and is not likely to be shared with organisations on a global scale. You are also able to control what information you give to the receptionist. That can sometimes mean an awkward negotiation but the point is that you still have a measure of control. The NHS data sharing project would be far more acceptable if it offered that degree of control. 

In reply to Dave Garnett:

Having my money online isn't a one time risk. I have ways of reclaiming stolen money. My medical history on the other hand is not something I can rebuild, replace or insure

 Bob Kemp 07 Jun 2021
In reply to Dave Garnett:

You’re making the assumption that people are completely comfortable with having their banking online- maybe they aren’t. But as using a bank at all these days means that our money will at some stage be in digital form we don’t have any choice. Keeping cash under the mattress has its own risks - as ever there are trade offs. The point is to be properly informed as to the relative risks and benefits.

In reply to willworkforfoodjnr:

> Having my money online isn't a one time risk. I have ways of reclaiming stolen money. My medical history on the other hand is not something I can rebuild, replace or insure

I don't understand what stealing your medical history would even mean.  Someone hacking in and deleting it could be a problem but then they treat people in A&E everyday without having their medical records now.  Having electronic records that are secure but universally available to medical professionals is a no-brainer but we are still nowhere near achieving it.    

6
 duchessofmalfi 07 Jun 2021
In reply to Bob Kemp:

Properly informed and to give consent...

In reply to Dave Garnett:

> I don't understand what stealing your medical history would even mean. 

For me, it would mean very private discussions with my GP being available on the dark web, which is where most breached data ends up

In reply to willworkforfoodjnr:

> For me, it would mean very private discussions with my GP being available on the dark web, which is where most breached data ends up

Maybe I'm naive, but of what possible interest do you think think your medical history would be to anyone else, even if it weren't anonymised?  Things that have some financial value end up on the dark web.  Having your credit card details on the dark web would be a worry but who's going to pay to find out what your last prescription was for?

I get that there's a concern about prejudicing medical insurance (although this is more of a concern in the US I guess) but there are rules about what medical insurance companies are allowed to ask (and obligations on you to tell them certain things anyway).  Is that your main concern?

I'm not saying you're not entitled to your privacy.  I just think that some people have an odd way at looking at the risk/benefit calculation.  I completely agree that it would be nice to have the benefits more clearly explained and, as I've said, I have reservations about monetising the bulk data but that's a separate issue from the disproportionate squeamishness many Brits seem to have about the dark revelations in their medical records.  I have access to mine but have never even bothered to read them. 

7
In reply to Dave Garnett:

Any number of ways by insurers, potential employers or criminals. I could easily be blackmailed with the info in there just to start with, and its not like online criminal gangs don't use breached data to blackmail people.

If you only have a series of stomach bugs reported to the GP maybe that seems over the top, but I would be utterly devastated if someone threatened to share mine with, say, my family or employer

 Slackboot 07 Jun 2021
In reply to Dave Garnett:

It all depends whats on your medical record and how you perceive it may be used. Its about an individuals perception .Not anyone else's. It is data that belongs to that individual. If governments want to use an individuals data for some reason let them convince the individual. Change their perception. Then ask them. It is all about consent. It is more important now than ever.

It's a basic principle of decent human interaction. Don't use someone else's stuff unless you have permission. Presumed consent needs to be built on trust.

Post edited at 12:20
 Bob Kemp 07 Jun 2021
 Slackboot 07 Jun 2021
In reply to Bob Kemp:

That says it all really. Well spotted.

 EddInaBox 07 Jun 2021
In reply to wercat:

> I'm sure Baroness Harding can be trusted with ensuring it's all "OK" when she takes over the NHS

Yes, because I am confident she will have learnt important lessons from the massive TalkTalk data breach that happened while she was in charge.  And the experience she gained at the outsourced Test and Trace means she probably won't use old versions of Excel for transferring records between databases again.

For those who don't know what she looks and sounds like, I have found a random clip on YouTube, here she is helping out the Cambridge Analytica Public Relations Department.

https://www.youtube.com/watch?app=desktop&v=7zrymE6kjbg

In reply to EddInaBox:

> Yes, because I am confident she will have learnt important lessons from the massive TalkTalk data breach that happened while she was in charge.

I suspect the only thing she will have learned is "don't get found out"...

 mondite 07 Jun 2021
In reply to captain paranoia:

> I suspect the only thing she will have learned is "don't get found out"...


Nah she became a expert in "sequential attacks". 

 Offwidth 07 Jun 2021
In reply to Dave Garnett:

The concerns I am raising are from people who support NHS data use. The problems they raise are about to way our government are going about doing this and the risks arising from that.

The arguments Stichtplate is using are based on strawman concepts including pretending the critics are data luddites, when its often just the opposite. A quick search finds numerous links that match the expert concerns I hear from data academics. The BMA view is not unique...look at Open Democracy, Digital Health, The Good Law Project.... I'm just waiting for John Naughton now.

 Offwidth 07 Jun 2021
In reply to Slackboot:

It's way bigger that that. It's also about potential corrupt tendering, major governance problems, breaches of democractic process, dishonest behaviour of politicians. It's also been a massive issue for months now.

https://www.opendemocracy.net/en/ournhs/why-were-suing-over-the-23m-nhs-data-deal-with-palantir/

 gravy 07 Jun 2021
In reply to EddInaBox:

...here she is helping out the Cambridge Analytica Public Relations Department

Doesn't that give you a nice safe feeling?

 SDM 07 Jun 2021
In reply to Dave Garnett:

> Maybe I'm naive, but of what possible interest do you think think your medical history would be to anyone else, even if it weren't anonymised? 

You are massively underestimating the potential commercial value of your medical history and its potential to be used against you.

You also have to assume, given the lack of cast iron protections and records of previous data leaks, that all of your records will at some point find their way in to the hands of someone with the ability to depseudonymise your records and match them up with the vast data that big tech companies already hold on you (who have a poor record of selling it to the highest bidder to use against you).

A few examples where it could end up working against you:

- Medical/travel/life/car insurance. This data is a gold mine for the insurance industry. Good luck finding any affordable cover (or any cover at all!). In extreme circumstances, this could potentially lead to mortgage companies being unwilling to lend money to someone who is at a higher risk of an early death or being unable to work. Landlords could refuse to accept tenants who are at risk of being unable to work in the future. Carehomes could potentially use it to increase costs or refuse to offer care to people who are at a higher risk of developing conditions in the future that might make them less profitable. This could also work in reverse: if your medical history (and that of your family) indicates a longer than average life expectancy, good luck getting a reasonable price on your pension annuity.

- Exploitative advertising such as unscrupulous companies targeting products/scams at people who they know are in a vulnerable mental/physical state. Or targeting alcohol/gambling to known addicts, or targeted political adverts (where have we seen this before...?)

- Potential employers refusing to employ people due to past/present conditions, or even the conditions of relations. Unless you could prove that they rejected you due to a protected characteristic (which is essentially impossible), you would have no recourse.

- Blackmail of vulnerable people such as someone who has sought treatment/advice for an abortion/contraceptive/sexual health etc. Cross referencing the records of mothers/fathers/children/other relations could be a potential paternity nightmare.

The problem is that all of the above outcomes (and, no doubt, many worse ones that I haven't considered) are possible. Without sufficient guarantees in law that these cannot happen, this opt out is your last chance to stop it happening to you. Once the 23rd June deadline has passed, if you haven't opted out, the box is open and cannot be closed.

As you cannot do it later on, you have to make a decision now on the likelihood of these hypothetical problems and the severity of their outcomes. For me, there are not sufficient safeguards to prevent medical records being used against you so I have no choice but to opt out. If there was an option to allow your data to be shared solely for academic researcher with no exceptions and with strict controls to prevent it getting in to the wrong hands, I would not be opting out of anything. This is not currently an option.

2
 SDM 07 Jun 2021
In reply to Stichtplate:

> Lot of people getting worked up about privacy breeches on here. First off I asked yesterday lunchtime- "Anybody on here got a tale to tell where lax medical data security had a negative impact on them? (Not holding my breath)." Nobody has coughed so right from the off we're in the realms of pure speculation as to the negative impacts.

Are you seriously asking for people to provide evidence of how they have been harmed by a change that has not yet come in to effect?

2
 Stichtplate 07 Jun 2021
In reply to SDM:

> Are you seriously asking for people to provide evidence of how they have been harmed by a change that has not yet come in to effect?

Nope. I'm asking exactly what I said I was asking. Perhaps read it again?

As a counterpoint I could provide you with multiple harms caused by poor access to patient records.

6
 JMarkW 07 Jun 2021
In reply to Slackboot:

Though generally many people don't want their data sharing, but they are happy to reap the rewards of research on other peoples for new drugs and treatments?

How about you opt out but you don't get to have access to any new treatments that come from this research.

We don't have enough organ donors so we went for an opt out scheme. That seems reasonable but opt out should maybe mean if you are not prepared to donate then you don't get to receive?

I don't actually think this.

Post edited at 15:51
6
 profitofdoom 07 Jun 2021
In reply to mondite:

> The problem is I know "anonymous" data doesnt really exist......

Really? What about "60% of my class like our textbook, 40% dislike it"? Or "The average age of people coming to the surgery last year was 66"? How are those data not anonymous? Looks anonymous to me, thanks 

1
 JMarkW 07 Jun 2021
In reply to profitofdoom:

> Really? What about "60% of my class like our textbook, 40% dislike it"? Or "The average age of people coming to the surgery last year was 66"? How are those data not anonymous? Looks anonymous to me, thanks 

How did you get to those numbers though? To get the average age of people coming to the surgery you need to supply all the ages for patients and the GP Surgery itself. Then someone aggerates it. 

 mondite 07 Jun 2021
In reply to profitofdoom:

> Really? What about "60% of my class like our textbook, 40% dislike it"?

Perhaps I should have made it clearer that it is in terms of being able to anonymise individual level records when they havent been designed for that job. However if you are basing it off someones information gathered for other reasons then its very hard.

To take the surgery example. Once you say I want to know their age and then I also want to be able to group by street then you have a pretty good chance of deanonymised records. Add in gender and you will be pretty much all the way there.

Or for the liking the text book. Now yes you could probably make it anonymous if they dropped a card saying like or dislike. However if you then ask a few more questions comparing it to the other books they use then the anonymous factor would start to drop and so on.

In reply to Stichtplate:

> As a counterpoint I could provide you with multiple harms caused by poor access to patient records.

There is a big difference between data being available within the NHS for individual treatment, and being made available to people outside the NHS, for purposes other than individual treatment.

This release is intended for the latter purpose.

Post edited at 16:31
 profitofdoom 07 Jun 2021
In reply to JMarkW:

> How did you get to those numbers though? To get the average age of people coming to the surgery you need to supply all the ages for patients and the GP Surgery itself. Then someone aggerates it. 

Yes, but "anonymous" means "not identified by name", which is true for my simple example 

1
 JMarkW 07 Jun 2021
In reply to profitofdoom:

> Yes, but "anonymous" means "not identified by name", which is true for my simple example 

well clearly it is for the example but the use case is just not valid. 

In reply to profitofdoom:

> Yes, but "anonymous" means "not identified by name", 

They're not calling it anonymous, though, are they; they're calling it 'pseudonymous'. Whatever that means; many commentators suggest this data can be de-anonymised by correlation with other data sources.

This is potentially big money, so big money will be put in to do that correlation.

 profitofdoom 07 Jun 2021
In reply to mondite:

> Or for the liking the text book. Now yes you could probably make it anonymous if they dropped a card saying like or dislike. However if you then ask a few more questions comparing it to the other books they use then the anonymous factor would start to drop and so on.

Thanks for your reply. I was talking about unnumbered student questionnaires which are dropped in a box at the end of class - with just one question on it. Thanks 

 Dave B 07 Jun 2021
In reply to profitofdoom:

If you were really bothered you could use fingerprint techniques on the paper, then link it to ink analysis to determine how much people paid for their pens, then only offer opportunities to those you feel (having paid for expensive pens) would most likely be able to afford them.

Just because you can't be bothered, doesn't mean that no-one can be bothered. Of course, if its cheap to do, and there is some gain, then someone will do it for sure. 

 Stichtplate 07 Jun 2021
In reply to captain paranoia:

> There is a big difference between data being available within the NHS for individual treatment, and being made available to people outside the NHS, for purposes other than individual treatment.

Yeah, in one case the individual benefits from treatment over their lifetime and in the other everybody benefits from the advancement in medical treatments for ever. Medicine has advanced due to the study of individual cases since Galen, without such case studies Doctors would still be sticking leeches up your arse and telling you to piss on the corpse of a dead cat at midnight in the hope of curing your brain tumour.

> This release is intended for the latter purpose.

I know, but data breeches are data breeches whether the scale is micro or macro.

It's pretty straightforward: the proposed data changes will benefit how resources are targeted as well as advancing medical knowledge. On the downside some dodgy company might access the data and target individuals. Note "might".

So it's down to social conscience really, whether you put the clear benefits of the many below the possible detriment to yourself. Personally speaking, I believe that if you think your data is at risk through this scheme but you continue to use social media, google, store loyalty cards, etc, etc then at best you're naive and at worst you're a total hypocrite.

7
 Slackboot 07 Jun 2021
In reply to JMarkW:

> Though generally many people don't want their data sharing, but they are happy to reap the rewards of research on other peoples for new drugs and treatments?

> How about you opt out but you don't get to have access to any new treatments that come from this research.

> We don't have enough organ donors so we went for an opt out scheme. That seems reasonable but opt out should maybe mean if you are not prepared to donate then you don't get to receive?

> I don't actually think this.

I don't mind sharing my data if it will help others. But I want to know who is seeing it, and I want the right to give my consent. I want a debate where the public are properly informed before any changes. As I said before presumed consent is based on trust and this is obviously something that is sadly in short supply at the present time.

Post edited at 17:18
 Stichtplate 07 Jun 2021
In reply to SDM:

> If there was an option to allow your data to be shared solely for academic researcher with no exceptions and with strict controls to prevent it getting in to the wrong hands, I would not be opting out of anything. This is not currently an option.

Now that's a fair point and one I'd support.

In reply to SDM:

> You also have to assume, given the lack of cast iron protections and records of previous data leaks, that all of your records will at some point find their way in to the hands of someone with the ability to depseudonymise your records and match them up with the vast data that big tech companies already hold on you (who have a poor record of selling it to the highest bidder to use against you).

OK, that's a reasonable argument and I'm not really comfortable with monetising this information at all.  I'm similarly concerned about the possible commercial use of UK Biobank data, which I have enthusiastically supported up to now. 

That's a different argument to the general reluctance to digitise medical records, but I agree it's really unhelpful in trying to increase public conference in it.

In reply to Stichtplate:

> The Caldicott principles are irrelevant even though they're the standard the project is adhering to?

We have already found out the ministerial code, anti-corruption laws and data protection laws are irrelevant when the people running government break them.   If the system worked Johnson and Handcock would be in jail by now for the PPE contracts , the Arcuri thing, the Downing street refurb and for the sh*t Vote Leave got up to.

The fact that a Tory project is supposed to be adhering to a standard doesn't mean it will adhere to the standard or that anything will happen when it doesn't.

> Luckily Hancock and Johnson are unlikely to be busy typing away, compiling the data.

No, but they will give the access or contracts to their pals and donors.

> So your main objection is The Bastard Tories (again)... what's the SNP said on the matter?

Yes, and it is again and again because this is the worst shower of sh*t we have had in government probably for 100 years.

The SNP doesn't need to say anything, this is an English thing.  Health is devolved and the Scottish NHS is not controlled by Handcock.

2
 Stichtplate 07 Jun 2021
In reply to tom_in_edinburgh:

> We have already found out the ministerial code, anti-corruption laws and data protection laws are irrelevant when the people running government break them.   If the system worked Johnson and Handcock would be in jail by now for the PPE contracts , the Arcuri thing, the Downing street refurb and for the sh*t Vote Leave got up to.

> The fact that a Tory project is supposed to be adhering to a standard doesn't mean it will adhere to the standard or that anything will happen when it doesn't.

> No, but they will give the access or contracts to their pals and donors.

> Yes, and it is again and again because this is the worst shower of sh*t we have had in government probably for 100 years.

> The SNP doesn't need to say anything, this is an English thing.  Health is devolved and the Scottish NHS is not controlled by Handcock.

Cool. NHS Scotland must be super keen on preserving individual patient data:

Depending on the situation, and only where appropriate, we may share personal information with the following types of recipients:

citizens and patients registered with NHS Scotland

family, carers, associates and representatives of the person whose personal data we are processing

NHS staff

current, past and potential employers

healthcare, social and welfare organisations

suppliers, service providers, professional advisors and consultants

legal representatives

auditors and audit bodies

educators and examining bodies

medical researchers

medical education institutions (for example College of Nursing)

when dealing with enquiries or complaints

financial bodies

professional bodies

trades unions

business associates

police forces

security organisations

central and local government, government agencies and regulatory bodies

voluntary and charitable  organisations 

https://www.nhsinform.scot/care-support-and-rights/health-rights/confidentiality-and-data-protection/how-the-nhs-handles-your-personal-health-information#transferring

...or maybe not.

3
 Bob Kemp 07 Jun 2021
In reply to Stichtplate:

Spot the difference…

‘When sharing information, NHS Scotland only provides the minimum information required and only if there is a legal basis for that, otherwise the NHS will ask for your consent prior to sharing your data.’

 Stichtplate 07 Jun 2021
In reply to Bob Kemp:

> Spot the difference…

> ‘When sharing information, NHS Scotland only provides the minimum information required and only if there is a legal basis for that, otherwise the NHS will ask for your consent prior to sharing your data.’

I'll refer you back to the Caldicott principles that NHS England are following in the proposed data sharing programme. So not much meaningful difference whatsoever.

3
 Bob Kemp 07 Jun 2021
In reply to Stichtplate:

The NHS in England will not be asking for consent prior to sharing any information. It intends to scrape GP data and then allowing people to opt out- if they’re quick enough. In other words, instead of informed consent they are using presumed consent. 

1
In reply to Stichtplate

> I know, but data breeches are data breeches whether the scale is micro or macro.

Wrong trousers Gromit

> It's pretty straightforward: the proposed data changes will benefit how resources are targeted as well as advancing medical knowledge.

Or used to  exploit percieved (or perhaps manufactured) "failings" in the NHS to pave the way for budget cuts and widespread privatisation.

> On the downside some dodgy company might access the data and target individuals. Note "might".

The data is being handed, free of charge, to dodgy companies with a record of using information to target individuals.

> So it's down to social conscience really, whether you put the clear benefits of the many below the possible detriment to yourself.

The many being those who will profit from selling that information back to the NHS? I have no issues with giving informed consent for my medical information, suitably protected to the NHS for legitimate purposes. Giving it to some mate of Dido Harding or a company like Palantir to profit from and sell on to anyone who wants it? No chance.

> Person speaking, I believe that if you think your data is at risk through this scheme but you continue to use social media, google, store loyalty cards, etc, etc then at best you're naive and at worst you're a total hypocrite.

Facebook ads targeting me for clicking on a link to Wiggle is one thing. Ads targeted based on the content of confidential medical  records are a different kettle of fish.

Post edited at 22:56
1
 mondite 07 Jun 2021
In reply to Stichtplate:

> It's pretty straightforward: the proposed data changes will benefit how resources are targeted as well as advancing medical knowledge.

You would need to provide evidence for this claim rather than simply announcing it as fact.  You would then also need to explain why, exactly, companies like Palantir are required. For resource targeting for example they could take the approach of looking at resource usage rather than peoples records.

Bonus points if you manage to explain away the rather interesting background to Palantir getting that nice juicy contract and also manage to convince me that they are a lovable bunch and not a group with a very dubious track record to date. Even if you dont want to discuss their data background just giving a good explanation on why anyone sane would use Palantir as their name would be good.

> So it's down to social conscience really, whether you put the clear benefits of the many below the possible detriment to yourself.

Think of the children!  The thing is my own records are,luckily for me, pretty boring. The only thing in recent years has been my vaccine jab. However I would consider those who havent been so fortunate and so default to not providing data approach in the, probably,vain hope it might make the government reconsider.

Speaking of which it is rather amazing given how many things have had to be put on the back burner that this has managed to be priortised isnt it? Sod improving the system lets get the data give away in play.

> Personally speaking, I believe that if you think your data is at risk through this scheme but you continue to use social media, google, store loyalty cards, etc, etc then at best you're naive and at worst you're a total hypocrite.

Whereas I think that is a hopelessly naive argument and has a rather obvious flaw. All of those are opt in (admittedly with some of facebook and co shadow profiling not so much but....) so if you are making this comparison then logically you should be arguing for an opt in scheme.

Post edited at 23:15
1
 Maggot 08 Jun 2021
In reply to Slackboot:

I'm curious to know what information is up for sale.

I signed up on the NHS app just to have shifty at my vax record. All I can find about my medical history is two c19 jabs and a prescription for nicotine inhalers from 10 years ago. Nothing about my hospital  stay April 2010 for starters.

If people want to pay good money for that info, good luck to them, I couldn't give a ....

In reply to Stichtplate:

> and in the other everybody benefits from the advancement in medical treatments for ever.

The problem that you are stubbornly refusing to acknowledge is that there is no guarantee that our data will be used purely for lovely, benevolent purposes you describe.

As others have pointed out, the fact that the likes of Palantir are involved should be ringing a bloody great big alarm bell.

Does the warning from the BMA not sway you from your rather naive belief that there is nothing to worry about?

In reply to Stichtplate:

That seems like a reasonable list to me.

Most of the items on it are either obvious or legally required and the key words are "Depending on the situation, and only where appropriate."

Nobody is saying the NHS can't share ptient data, obviously it needs to share data to get its job done and support patients and medical research.

The problem is wholesale harvesting of data and the types of organisation that are involved - in particular people and organisations with extremely dubious history.

I am not against processing medical data on principle, but if I lived in England I would refuse consent for any scheme implemented by the current government for the same reason I wouldn't buy financial services from a convicted fraudster.

In my view the way this should be handled is to wait for professional bodies in the computer industry such as IEEE or ACM or trusted security standards bodies such as NIST in the US to come up with standards for protecting medical data and then to write the use of those standards into law.  I would also make managing medical databases a regulated profession requiring training, registration and a code of professional ethics, with the possibility of being struck off and a 'suitable person' criterion before acceptance.

In reply to Stichtplate:

> I'll refer you back to the Caldicott principles that NHS England are following in the proposed data sharing programme. So not much meaningful difference whatsoever.

I see a lot of respectable public bodies on the Scottish list like the College of Nursing, state agencies like the police, patient's relatives are obviously necessary - and so on.

What I don't see are people like Palantir.

A lot of this has to do with trust.   I'm willing to give the Scottish Government the benefit of the doubt.  I'd have given most previous UK governments the benefit of the doubt, even May or Cameron (maybe that would have been a mistake!) but the current lot are unquestionably not suitable people to be processing confidential medical information.  They've been caught red handed too many times. 

Post edited at 06:58
 Stichtplate 08 Jun 2021
In reply to captain paranoia:

> > and in the other everybody benefits from the advancement in medical treatments for ever.

> The problem that you are stubbornly refusing to acknowledge is that there is no guarantee that our data will be used purely for lovely, benevolent purposes you describe.

> As others have pointed out, the fact that the likes of Palantir are involved should be ringing a bloody great big alarm bell.

Maybe read what I wrote a few posts up at 17:09?

> Does the warning from the BMA not sway you from your rather naive belief that there is nothing to worry about?

Maybe read what the BMA actually wrote rather than projecting what you'd have liked them to have written? Their concerns outlined in the link are entirely with timescale and lack of publicity allowing people to opt out.

2
 Greenbanks 08 Jun 2021
In reply to Stichtplate:

I’d prefer to take the advice of a friend (25+ years as a GP - not mine) who advised me to opt out & do it straight away. She indicated that her work as an NHS clinician was being compromised, not enabled, by the large-scale incursion of commericial interests (often from the USA). Her views on both Palentir and Harding are pretty much unprintable. 

Post edited at 07:55
 Stichtplate 08 Jun 2021
In reply to tom_in_edinburgh:

> That seems like a reasonable list to me.

That list could be construed to include everyone from The Boy Scouts of America to the Russian FSB as I'm sure you'd be happy to point out if it'd been compiled by The Bastard English Tories. I'll set you a challenge, lets see if you can come up with any public, private, body, group or organisation that couldn't be included in the Scottish list?

> Most of the items on it are either obvious or legally required and the key words are "Depending on the situation, and only where appropriate."

And if it were Hancock or Johnson that were guaranteeing and defining the proviso "Depending on the situation, and only where appropriate."? A politician's word isn't worth an awful lot on either side of the border (ask the formerly sainted Salmond's opinion of the still saintly Sturgeon).

Luckily in this case, it won't be Hancock or Johnson that'll be able to identify individual patients; that'd be the NHS still. Here's what is actually happening:

NHS Digital will not collect patients’ names or addresses. Any other data that could directly identify patients (such as NHS Number, date of birth, full postcode) is replaced with unique codes which are produced by de-identification software before the data is shared with NHS Digital.

This process is called pseudonymisation and means that patients will not be identified directly in the data. NHS Digital will be able to use the software to convert the unique codes back to data that could directly identify patients in certain circumstances, and where there is a valid legal reason.

You might note the last bit Tom,

"identify patients in certain circumstances, and where there is a valid legal reason."

Not a million miles from the Scottish NHS,

"Depending on the situation, and only where appropriate."

5
In reply to Stichtplate:

> Luckily in this case, it won't be Hancock or Johnson that'll be able to identify individual patients; that'd be the NHS still. Here's what is actually happening:

Yes, it will probably be their mate Dildo Hardon, promoted to run the NHS after her stunning success as boss of Test and Trace.

https://www.independent.co.uk/news/uk/politics/dido-harding-nhs-test-trace-b1860907.html

It is so obvious what these guys are up to.  Just like with the PPE contracts access to NHS data is primarily a way for their pals to make money from the 100 billion NHS budget.  The favour will be returned to the Tories as donations and hand-outs to senior politicians such as consulting jobs after they quit and decorating their house.

The press is compromised because most of it is owned by billionaires and has received 350 million pounds of advertising money from the UK government channeled through a private company for the Covid information campaigns.    That kind of spending gives you influence and is one of the reasons the Tories are getting such an easy ride while behaving so egregiously.

1
In reply to Stichtplate:

Having read around this a bit, I've decided not opt out.  I think opting out reduces the value of my data for research and planning purposes and there's a clear statement here:

https://digital.nhs.uk/data-and-information/data-collections-and-data-sets/data-collections/general-practice-data-for-planning-and-research/advice-for-the-public

that the data will not be sold (although they will charge for access, which seem to me a nice distinction) and anyway will not be available for 'purely commercial purposes' such as promotong or selling products or services, market research or advertising.  I don't trust the current government not to try to get round this but I choose to trust the regulatory authorities, GDPR and parliamentary oversight to prevent this.

Here's what's available by way of transparency, if you really want to check it monthly:  

https://nhs-prod.global.ssl.fastly.net/binaries/content/assets/website-assets/services/dars/release-registers/releaseregister_20210401_20210430.xlsx

Not sure there's any confirmation that Palantir is currently involved (just rumours that they probably pitched for it).  I'm assuming that no government procurement would touch them with a barge pole after the Cambridge Analytica thing but then this government's shamelessness is seemingly limitless.

Post edited at 09:16
1
 Stichtplate 08 Jun 2021
In reply to tom_in_edinburgh:

> Yes, it will probably be their mate Dildo Hardon, promoted to run the NHS after her stunning success as boss of Test and Trace.

The Tories are a shower of shite and couldn't run a bath. You're preaching to the choir. As to the rest, no Tom, not everything that has any tangental government involvement is entirely a Tory plot to line their own pockets, though I wouldn't put it past them to try.

> It is so obvious what these guys are up to.  Just like with the PPE contracts access to NHS data is primarily a way for their pals to make money from the 100 billion NHS budget.  The favour will be returned to the Tories as donations and hand-outs to senior politicians such as consulting jobs after they quit and decorating their house.

When you say "these guys" are you including the BMA and the Royal College of General Practitioners who've been intrinsically involved and supportive of this programme since it's inception 5 years ago when the last data sharing programme collapsed under similar confidentiality concerns? "These guys" are primarily concerned with advancing medical research, clinical practice and saving the NHS an estimated £10 billion per year through better targeting of resources.

How about my original question to you? 

I'll set you a challenge, lets see if you can come up with any public, private, body, group or organisation that couldn't be included in the Scottish list?

...any luck?

3
In reply to Stichtplate:

> Maybe read what the BMA actually wrote rather than projecting what you'd have liked them to have written

I did. Maybe you should take your own advice.

1
 Stichtplate 08 Jun 2021
In reply to captain paranoia:

> > Maybe read what the BMA actually wrote rather than projecting what you'd have liked them to have written

> I did. Maybe you should take your own advice.

If you did read it you either didn’t understand it or you’re simply misrepresenting it. They don’t mention anything to do with misgivings over data usage, third party data acquisition or confidentiality issues. Their concerns are over giving the public the necessary information and time to opt out if they do wish.

1
 mondite 08 Jun 2021
In reply to Dave Garnett:

>  I'm assuming that no government procurement would touch them with a barge pole after the Cambridge Analytica thing but then this government's shamelessness is seemingly limitless.

You are assuming wrong.

They heroically and kindly got involved last year in the Covid response only charging £1 for their services.

A great gesture only slightly undermined by the subsequent fees.

https://www.digitalhealth.net/2020/12/palantir-awarded-23m-deal-to-continue-work-on-nhs-covid-19-data-store/

 Bob Kemp 08 Jun 2021
In reply to Stichtplate:

Underlying all these concerns is the question of timeliness. It’s clear that the BMA and RCGP feel that the implementation of data sharing is being rushed. That puts an extra strain on general practices and gives the public little time to understand the pros and cons and to opt out if they wish: 
"The timeline is far too short because NHS Digital has not transparently and actively engaged the public in increasing awareness of the GPDPR programme since its announcement in early May."
(From the BMA /RCGP letter, quoted here.)
https://www.theregister.com/2021/06/04/bma_and_royal_college_of/

Personally I have few qualms about a properly implemented secure sharing of my data but we’ve seen many failures of large scale public IT projects, including in the health sector, and I have no great faith in NHS Digital’s ability to achieve a secure and useful implementation if it is being rushed. I’m also interested in the sudden haste with which this project is being pursued - why is this?

In reply to Stichtplate:

> I know, but data breeches are data breeches

Who would want access to someone else's virtual legwear?

 Greenbanks 08 Jun 2021
In reply to mondite:

Never thought I'd ever read a comment about Palentir or these other IT bandits which incorporated the phrase 'heroically and kindly'

In reply to Stichtplate:

> How about my original question to you? 

> I'll set you a challenge, lets see if you can come up with any public, private, body, group or organisation that couldn't be included in the Scottish list?

It is just a generic list.  This isn't about the list it is about the people at the top in England  not being  reputable and associating with companies like Palantir.

I'm just applying common sense like I would with any other purchase or business relationship.  If the people at the top look like crooks I try not to deal with them and if that is impossible I try and limit the amount of sensitive information they have access to.   We know the Vote Leave crowd and the companies they associated with grossly misused data during the Brexit referendum and they got away with it.  My operating assumption is they've not changed.

3
In reply to mondite:

> A great gesture only slightly undermined by the subsequent fees.

I still think it's odd that Palantir chose to take the name of a magical form of data transfer that only showed you the version of events that the administrator wanted you to see.

In reply to Dave Garnett:

> I still think it's odd that Palantir chose to take the name of a magical form of data transfer

Seems quite appropriate; at their creation, the palantiri allowed remote exchange of thoughts. It was only when they were subverted by an evil entity that problems arose...

In reply to Stichtplate:

Frankly, if you think that pseudonymised data cannot be deanonymised using third party data sources, you are being naive. In fact, if you do not understand how this is done I'm not sure how much you can add to this discussion. This is neither hypothetical nor far fetched, it's used by practically every online advertising company in existence, including Facebook and Google, and it's the reason behind Apple's push for tracking transparency (which they are using as a differentiating factor of their products). Hell, it's how third party app advertisers that display their ads on these platforms pay per install, it's entirely mainstream technology.

If this data is pulled by a third party that shouldn't have it, and I would treat Palantir as such a third party, it will be deanonymised, legally or not.

1
 Stichtplate 08 Jun 2021
In reply to Alkis:

> Frankly, if you think that pseudonymised data cannot be deanonymised using third party data sources, you are being naive. In fact, if you do not understand how this is done I'm not sure how much you can add to this discussion. This is neither hypothetical nor far fetched, it's used by practically every online advertising company in existence, including Facebook and Google, and it's the reason behind Apple's push for tracking transparency (which they are using as a differentiating factor of their products). Hell, it's how third party app advertisers that display their ads on these platforms pay per install, it's entirely mainstream technology.

OK go for it, relieve me of my naivety and explain how this data could be de-anonymised "by practically every online advertising company in existence"?

Edit: I have a feeling that this is the third time on here that I'll pose a question asking someone to correct my ignorance and then be left hanging, so yet again, not holding my breath.

Post edited at 13:14
6
In reply to Stichtplate:

OK I'll bite

I've been in data breaches before, so out there on the internet will be my name, age, postcode and gender for grabs.

Combine that with very basic info from my medical records, so say date of birth and postcode, between them they will almost certainly identify me personally. Thats just to start with, there will be loads of other possibilities.

Edit: you don't even need to get it from breached data, I'm pretty sure facebook will sell that data to anyone who wants it

Post edited at 13:25
In reply to Stichtplate:

First hit on google. There are many more articles on the subject, including plenty that go into more detail if you have the technical knowledge to understand them. 

https://www.theguardian.com/technology/2019/jul/23/anonymised-data-never-be-anonymous-enough-study-finds

If I had some cast-iron guarantee that my data is only going to be used for legitimate research I would have no issue with it being shared. Unfortunately I do not trust that to be the case, and I'm not comfortable with profits being made by selling my data either. It has also been highlighted that the data is not only being sold to medical researchers - anyone can buy it if they want so there is basically no protection here...

 wercat 08 Jun 2021
In reply to Stichtplate:

Why should I want to have my records in the hands of Waffen IT?  Waffen IT with a history of destroying things I believe in and that has as a result derated my wife's standing here and my own EU rights to zero.  (In fact they must not have been "rights" or I wouldn't have lost them.

Apart from the clear and present danger of unscrupulous weapons IT companies making money from getting their hands on our records it's another example of how nearly half of the voters in the binding referendum have been shat on by the Brexit Toffs

Dido "Cheltenham Festival must go ahead" Harding's friendly cosy relationship with these waffenmen says it all.

She's also befriended the Vennels woman who presided not over the implementation Horizon Scandal but over the legal shennanigans that perverted the course of justice by denying information to the victims that they should have had much much earlier.

Post edited at 13:35
 Stichtplate 08 Jun 2021
In reply to willworkforfoodjnr:

> OK I'll bite

> I've been in data breaches before, so out there on the internet will be my name, age, postcode and gender for grabs.

I'm not asking for data that's out there on the internet, I'm asking for data gleaned from NHS digital. 

> Combine that with very basic info from my medical records, so say date of birth and postcode, between them they will almost certainly identify me personally. Thats just to start with, there will be loads of other possibilities.

Yep, the identifying info that is on there will be locked and coded. This consists of your NHS number, date of birth and a postcode shared by several addresses, all locked with unique codes and since none of this info exists as words or sentences it's about as easy as it gets to encrypt.

7
In reply to Stichtplate:

If they *just* pseudonymise (well, hash really) the patient data and not the facilities used, then it's fairly straight forward if you have access to a database like Facebook (and they are not the only one). You correlate visits to various facilities to visits to public locations of other users until you get a match.

If the facilities themselves are hashed, then will have to group the data by the common fields and go on a more macro level to identify the facilities first.

If the facilities are hashed and salted (so that two people that visit the same facility appear to visit two different facility IDs), it's trickier but I'm pretty sure statistical analysis can be applied to find what is what, especially as people will be visiting some of those in fairly consistent procession.

Facebook can tell me who installed my app (and charge me for it), what their age, sex and geographical region is, having shown them an ad, even though they then installed the app another day, on another device that is not even logged onto Facebook. They track members and non-members across websites and devices, networks and geographical locations for the purposes of highly targeted advertising.

This isn't a future problem, it's been happening for years, I remember being blown away by what ad attribution companies could do with their models 5-6 years ago already.

Post edited at 13:40
 mondite 08 Jun 2021
In reply to captain paranoia:

> Seems quite appropriate; at their creation, the palantiri allowed remote exchange of thoughts. It was only when they were subverted by an evil entity that problems arose...

For those without strong minds or somesuch they were unreliable from the outset and then as soon as someone dodgy got their hands on it they went beyond unreliable into actively malicious.

See what you mean about appropriate.

In reply to Stichtplate:

You don't think there will be any indication of my age or location in the data? You're having an utter laugh.

Also I notice you didn't respond to the poster above who linked the article highlighting the risks, just my one example.

Post edited at 13:39
 mondite 08 Jun 2021
In reply to Stichtplate:

> Yep, the identifying info that is on there will be locked and coded. This consists of your NHS number, date of birth and a postcode shared by several addresses, all locked with unique codes and since none of this info exists as words or sentences it's about as easy as it gets to encrypt.

And,if you want to be able to do anything useful with it also pretty damn easy to figure out. NHS number you would protect but to get age information and postcode if it is not going to be rendered useless as a source then it will have a usable pattern to reverse.

 Stichtplate 08 Jun 2021
In reply to JohnSutherland:

> First hit on google. There are many more articles on the subject, including plenty that go into more detail if you have the technical knowledge to understand them. https://www.theguardian.com/technology/2019/jul/23/anonymised-data-never-be-anonymous-enough-study-finds

The only identifying data included is NHS number, date of birth and postcode, all encrypted with the unique codes held by the NHS. Fine if you don't think the NHS can be trusted but they already hold all your actual records anyway. Getting hold of the de-anonymised data would therefore be as straightforward as hacking existing NHS records, so why include the middle man and not just go for the intact records?

> If I had some cast-iron guarantee that my data is only going to be used for legitimate research I would have no issue with it being shared. Unfortunately I do not trust that to be the case, and I'm not comfortable with profits being made by selling my data either. It has also been highlighted that the data is not only being sold to medical researchers - anyone can buy it if they want so there is basically no protection here...

What they've actually said is that the data won't be sold at all but whatever

3
In reply to Stichtplate:

> The only identifying data included is NHS number, date of birth and postcode, all encrypted with the unique codes held by the NHS. Fine if you don't think the NHS can be trusted but they already hold all your actual records anyway. Getting hold of the de-anonymised data would therefore be as straightforward as hacking existing NHS records, so why include the middle man and not just go for the intact records?

Patients 1, 2 and 3 visited locations A, B and C. Correlate with people that visited those locations in a similar time frame from other sources and voila, you've deanonymised the data without having access to the NHS servers.

What particularly annoys me about this is that I *want* my data used for research by reputable institutions and the NHS. The entities being proposed should have zero to do with this and that may cause me to opt out.

Post edited at 13:51
 Stichtplate 08 Jun 2021
In reply to willworkforfoodjnr:

> You don't think there will be any indication of my age or location in the data? You're having an utter laugh.

I can only go off what the NHS say they're doing. If you don't trust them what's the point of this discussion as you're already trusting them with all the data your so worried about leaking?

> Also I notice you didn't respond to the poster above who linked the article highlighting the risks, just my one example.

Give me a minute, I've got two hands and a life

3
In reply to Stichtplate:

OK fine you win, despite experts, doctors and IT specialists telling us to be worried, and despite my own 20 years of experience working with large scale datasets in various companies, on your word I'll stop worrying - its obviously all in my head, one to log among the rest of my mental health issues. While it feels like a total gaslight it definitely isn't and there is totally nothing to worry about, I feel a lot better.

 JMarkW 08 Jun 2021
In reply to Alkis:

> If the facilities are hashed and salted (so that two people that visit the same facility appear to visit two different facility IDs),

its this for certain bits of data. Other bits, are just not shared as part of this. 

patient addresses, DOBs are not shared

Anybody been referred to hospital recently? - that got shared already and anyone can access that data.....good luck identifying my eye clinic appointment......but if you can I'll but you new nut 1

https://digital.nhs.uk/dashboards/ers-open-data

 Stichtplate 08 Jun 2021
In reply to willworkforfoodjnr:

> OK fine you win, despite experts, doctors and IT specialists telling us to be worried, and despite my own 20 years of experience working with large scale datasets in various companies, on your word I'll stop worrying - its obviously all in my head, one to log among the rest of my mental health issues. While it feels like a total gaslight it definitely isn't and there is totally nothing to worry about, I feel a lot better.

The point is proportionality, benefit versus risk and whether its reasonable to get in a flap about NHS data security when you're totally relaxed about putting all sorts of stuff out there with zero concern.  Are you worried about all the personal info you've put out on UKC? if not why not? You think a forum accessible by literally anyone is more secure than an NHS database?

4
 mondite 08 Jun 2021
In reply to Stichtplate:

> Are you worried about all the personal info you've put out on UKC? if not why not? You think a forum accessible by literally anyone is more secure than an NHS database?

Are you seriously making this comparison between what someone chooses to post on a public forum vs their medical records?

I think I will join in giving up and letting you declare victory.

1
In reply to JMarkW:

From that data I can't, but give the inverse view, your pseudonymised medical record with a list of all referrals, procedures etc. you've had etc to a data scientist with access to a few external databases and I bet they'll be due a sparkling new Rock 1 in not so long.

 Stichtplate 08 Jun 2021
In reply to mondite:

> Are you seriously making this comparison between what someone chooses to post on a public forum vs their medical records?

if someone posts details of their medical history in a thread where they’re insisting that they’re terrified of details of their medical history being leaked then it would seem relevant.

5
 Stichtplate 08 Jun 2021
In reply to Alkis:

> From that data I can't, but give the inverse view, your pseudonymised medical record with a list of all referrals, procedures etc. you've had etc to a data scientist with access to a few external databases and I bet they'll be due a sparkling new Rock 1 in not so long.

You’re assuming times and locations of appointments would be listed. Maybe they are, I don’t know, but this would seem to contravene the Caldicott principles they’ve declared they’ll adhere to.

3
 cdpej 08 Jun 2021
In reply to Stichtplate:

looks like the data sharing has now been delayed till September

In reply to Stichtplate:

To do any sort of research on any progressive disease, a timeline is important, so while exact dates may or may not be there, approximate timelines will be deducible from the data. Locations could also be inferred from the facilities at said locations. Would it be worth it? I don't know, depends on who is trying to harvest the data and what they are hoping to achieve. Either way, I wouldn't want the people behind Cambridge Analytica to be anywhere near it.

 veteye 08 Jun 2021
In reply to cdpej:

MPs have pushed the government also in line with moving the data sharing  to September, to also move the deadline for individuals to opt out of the data sharing to September as well, which may not necessarily have followed suit.

 Andy Gamisou 14 Jun 2021
In reply to Stichtplate:

> I don’t trust this government at all but what you have to decide is what’s likely to cause you and yours the greater harm; clinicians being unable to access timely information when treating you or a private company having access to your anonymised data.

I agree, clinicians having access to your medical records in a timely manner seems like a good thing, but why are you conflating this with private company having access to your "anonymised" data (my quotes).  Surely you can have the former without the latter.  Maybe you have no reasons to fear your data being linked to you, but many people will have - people with a history of certain health conditions, both physical and mental, can find their employment and insurance prospects severely limited if this knowledge becomes known and shared.  

I put anonymised in quotes because it's doubtful that such a thing exists.  Reidentification is a well known privacy issue in data sciences and the "big data" industry.  The following is an abstract taken from one of the current key data science text books - Data mining : practical machine learning tools and techniques, Witten, I. H et.al, 2016 (this is just one paragraph from this section of the book - there's a whole bunch of case studies detailing this sort of thing, and examples of misuse of "anonymised" data abound, including those from the health sector domain:

 "Work on what are being called “reidentification” techniques has provided
sobering insights into the difficulty of anonymizing data. It turns out, e.g., that
over 85% of Americans can be identified from publicly available records using
just three pieces of information: five-digit ZIP code, birthdate (including year),
and sex. Don’t know the ZIP code?—over half of Americans can be identified
from just city, birthdate, and sex. When the state of Massachusetts released
medical records summarizing every state employee’s hospital record in the
mid-1990s, the Governor gave a public assurance that it had been anonymized by removing all identifying information such as name, address, and social security number. He was surprised to receive his own health records (which included diagnoses and prescriptions) in the mail."

 Andy Gamisou 14 Jun 2021
In reply to Alkis:

>  Either way, I wouldn't want the people behind Cambridge Analytica to be anywhere near it.

Damn right - CA figures highly on the privacy/ethics module of a course I'm taking.  Prior to that I had a bit of an idea of the schenanigans behind what they got up to, but the more you delve into it the more appalling it seems.  From the parliamentary select committee report, it doesn't even seem to be known definitively all the people/organisations behind it.  Some"lovely" characters such as Steve Banon and Robert Mercer, various big Conservative party donors, but many others seemingly unknown.  This sentence from the report struck me as interesting regards the CEO at the time: "These concerns have been heightened by Mr Nix and SCL’s own links with organisations involved in the military, defence, intelligence and security realms." ....

The usual suspects here like to knock The Guardian, but without it, it's unlikely that any of this would have come to light, or at least not until several years down the line.  As it is, much of the harm's been done.

Post edited at 03:59
 Stichtplate 14 Jun 2021
In reply to Andy Gamisou:

> I agree, clinicians having access to your medical records in a timely manner seems like a good thing, but why are you conflating this with private company having access to your "anonymised" data (my quotes).  

Because vast swathes of the "NHS" (my quotes) are private companies, from the GP surgery that provided the data to the ambulance that you called 999 for to the company digitising the records.

>Maybe you have no reasons to fear your data being linked to you, but many people will have - people with a history of certain health conditions, both physical and mental, can find their employment and insurance prospects severely limited if this knowledge becomes known and shared.  

If potential employer or insurer wishes to know medical details because it may impact the role or cover they can just ask. If it won't reasonably impact the role or cover, why would they care? 

https://www.peoplemanagement.co.uk/experts/legal/when-legal-access-employees-medical-records#gref

> I put anonymised in quotes because it's doubtful that such a thing exists.  Reidentification is a well known privacy issue in data sciences and the "big data" industry.  The following is an abstract taken from one of the current key data science text books - Data mining : practical machine learning tools and techniques, Witten, I. H et.al, 2016 (this is just one paragraph from this section of the book - there's a whole bunch of case studies detailing this sort of thing, and examples of misuse of "anonymised" data abound, including those from the health sector domain:

>  "Work on what are being called “reidentification” techniques has provided

> sobering insights into the difficulty of anonymizing data. It turns out, e.g., that

> over 85% of Americans can be identified from publicly available records using

> just three pieces of information: five-digit ZIP code, birthdate (including year),

> and sex. Don’t know the ZIP code?—over half of Americans can be identified

> from just city, birthdate, and sex. When the state of Massachusetts released

> medical records summarizing every state employee’s hospital record in the

> mid-1990s, the Governor gave a public assurance that it had been anonymized by removing all identifying information such as name, address, and social security number. He was surprised to receive his own health records (which included diagnoses and prescriptions) in the mail."

You should be reassured to know that the identifying features listed by I. H et.al, 2016 are all unavailable as they're encrypted at source. Not sure how many big companies with the cash to chuck at breaking such encryption would get the go ahead for funding from HR. Likewise, I can't imagine many smaller companies being happy to trawl the dark web for info on the off chance that their potential new wages clerk was once prescribed sertraline.

There is a risk inherent to companies in employing people with certain conditions but those risks can be mitigated legally. There is a much larger risk, both to individuals and companies, in illegally seeking access to data to which they have no right. In your estimation do you think it likely that most HR managers would be much interested in risking career, fines and/or jail time to get an unauthorised glimpse at someones medical records?

2
In reply to Stichtplate:

> There is a risk inherent to companies in employing people with certain conditions but those risks can be mitigated legally. There is a much larger risk, both to individuals and companies, in illegally seeking access to data to which they have no right. In your estimation do you think it likely that most HR managers would be much interested in risking career, fines and/or jail time to get an unauthorised glimpse at someones medical records?

They'll use a service to vet employees and the service won't officially tell them what it is doing but it will be an open secret.  Eventually the company running the service will be chased down and forced out of business but it will have been set up on the expectation that will happen and will have been spending money as fast as it comes in.   All the clients will pretend to be shocked.

Then the same people will do roughly the same thing with a different name on the door.   It will turn into whack-a-mole with the rich people and companies who benefit from these services using their political influence to make sure that the law is always one step behind.

 Stichtplate 14 Jun 2021
In reply to tom_in_edinburgh:

> They'll use a service to vet employees and the service won't officially tell them what it is doing but it will be an open secret.  Eventually the company running the service will be chased down and forced out of business but it will have been set up on the expectation that will happen and will have been spending money as fast as it comes in.   All the clients will pretend to be shocked.

> Then the same people will do roughly the same thing with a different name on the door.   It will turn into whack-a-mole with the rich people and companies who benefit from these services using their political influence to make sure that the law is always one step behind.

Pure speculation or would you care to name a company providing such a service?

…and why go to all that bother when relevant data is legally accessible?

2
 mondite 14 Jun 2021
In reply to Stichtplate:

> Pure speculation or would you care to name a company providing such a service?

The consulting association was one such misuse of private data for business purposes.

Or if you want "health" related then there are countless cases of discrimination against women on the grounds they are young(ish), married and likely to have kids and so be off.

As for pure speculation I notice you havent provided any examples supporting your claims.

Post edited at 10:02
1
 Stichtplate 14 Jun 2021
In reply to mondite:

> The consulting association was one such misuse of private data for business purposes.

> Or if you want "health" related then there are countless cases of discrimination against women on the grounds they are young(ish), married and likely to have kids and so be off.

Not quite sure how being young and a woman could be presented as confidential data.

> As for pure speculation I notice you havent provided any examples supporting your claims.

Did you miss the link I provided? It’s two posts up from your own.

Post edited at 10:27
 mondite 14 Jun 2021
In reply to Stichtplate:

> Not quite sure how being young and a woman could be presented as confidential data.

sigh. I was pointing out how its pretty common for discrimination on a "health" matter although, of course, there are restrictions legally on what you can ask a woman in interview so having access to their health records and see for example they have been looking at fertility treatment could be useful for an unscrupulous employer.

> Did you miss the link I provided? It’s two posts up from your own

I am wanting clear demonstrations of when giving health information to Palantir and other dubious organisations directly benefited those whose information had been given away.  Come on stop speculating and provide information.

As for that article though. What do you think it shows? Because it doesnt show you can randomly request information but, if you do, its very tightly controlled and opens you up to a world of legal pain and discrimination charges.  Whereas if you acquire the information informally then you can simply not interview someone.

1
In reply to Stichtplate:

> Pure speculation or would you care to name a company providing such a service?

There's been similar things in the construction industry with small external companies providing illegal database services to 'respectable' large organisations.   Everything is speculation until it happens but the methods large companies use to get round database laws are fairly obvious.

Vote leave is another example - they weren't that bothered about data protection because they knew they would be shut down long before the enforcement mechanisms could catch up with them.

https://www.theguardian.com/uk/2009/mar/06/data-protection-construction-industry

> …and why go to all that bother when relevant data is legally accessible?

Because the data they want either isn't legally accessible or can't legally be used for the purpose they wish to use it for.

1
 Stichtplate 14 Jun 2021
In reply to mondite:

> sigh.

Sigh all you like, using "young and a woman" to demonstrate sensitive medical data is still a crap example.

>I was pointing out how its pretty common for discrimination on a "health" matter although, of course, there are restrictions legally on what you can ask a woman in interview so having access to their health records and see for example they have been looking at fertility treatment could be useful for an unscrupulous employer.

You doubling down on crap examples here? In what world would a potential employer think "this candidate is female and between the ages of 18 and 55... we'd better check she's not having fertility treatment" ???

> I am wanting clear demonstrations of when giving health information to Palantir and other dubious organisations directly benefited those whose information had been given away.  Come on stop speculating and provide information.

Where in this entire thread have I suggested providing Palantir or "dubious organisations" would benefit anyone? How would I provide an example of a possible future action that hasn't happened yet?

> As for that article though. What do you think it shows?

Err, what I said directly above the article's link? Namely this; "If potential employer or insurer wishes to know medical details because it may impact the role or cover they can just ask." It was right there, one line above the article link.

> Because it doesnt show you can randomly request information but, if you do, its very tightly controlled and opens you up to a world of legal pain and discrimination charges. 

Yeah, good job I didn't say it did then isn't it. Sigh.

2
 Stichtplate 14 Jun 2021
In reply to tom_in_edinburgh:

> There's been similar things in the construction industry with small external companies providing illegal database services to 'respectable' large organisations.   Everything is speculation until it happens but the methods large companies use to get round database laws are fairly obvious.

> Vote leave is another example - they weren't that bothered about data protection because they knew they would be shut down long before the enforcement mechanisms could catch up with them.

Great examples, but not examples that are really relevant since this wasn't anonymised data, wasn't medical data and wasn't data that was illegally obtained.

> Because the data they want either isn't legally accessible or can't legally be used for the purpose they wish to use it for.

Yeah, which puts us right back to pure speculation without a relevant example.

1
In reply to Stichtplate:

> Great examples, but not examples that are really relevant since this wasn't anonymised data, wasn't medical data and wasn't data that was illegally obtained.

I can remember the database course I took as part of my CS degree in the mid eighties had a section on anonymising databases and how people could try to de-anonymise data.   

Nothing has changed, it's a really hard problem to keep data anonymous if you have people able to construct queries in a flexible way and even harder in the general situation where you can have multiple people colluding to extract sufficient data.  Even if the system can show that no individual user has extracted enough information to identify an individual multiple users acting together may have.

 Stichtplate 15 Jun 2021
In reply to tom_in_edinburgh:

> I can remember the database course I took as part of my CS degree in the mid eighties had a section on anonymising databases and how people could try to de-anonymise data.   

> Nothing has changed, it's a really hard problem to keep data anonymous if you have people able to construct queries in a flexible way and even harder in the general situation where you can have multiple people colluding to extract sufficient data.  Even if the system can show that no individual user has extracted enough information to identify an individual multiple users acting together may have.

I totally agree with everything you say here but I remain unconvinced that we have enough information to write off the entire scheme.

The NHS holds, arguably the most detailed treatment database and certainly the largest patient database outside of China. The research potential to the wider medical community is enormous. The  potential to cost save within the NHS is immense and the only issues raised by the BMA and Royal College of GP’s (both heavily involved in the program) have been over providing sufficient time and information to the general public to ensure informed consent, not data security.

2
 mondite 15 Jun 2021
In reply to Stichtplate:

> Sigh all you like, using "young and a woman" to demonstrate sensitive medical data is still a crap example.

I was pointing out the obvious advantages in misusing information about someone to decide whether to employ them. I could, of course, have gone on to use some of the ways some companies try to anonymise information to avoid this whereas others do not.

> Where in this entire thread have I suggested providing Palantir or "dubious organisations" would benefit anyone? How would I provide an example of a possible future action that hasn't happened yet?

Well that has been what you are demanding from others when asking us to show that a db which isnt available yet is being misused.  So I thought I would return the favour. It is amusing that you manage to spot the flaw when its applied to your own position.

At the moment the government are proposing that the data is made available to companies with very dubious track records. So thats going to be a firm no from anyone with a clue about data management.

As has been repeatedly pointed out to you the anonymisation methods arent sufficient to protect against companies with large alternate data sets. They might impress someone without a clue about data analytics but for anyone with half a brain its obvious they are badly flawed. Since for them to be useful they cant be that well encoded.

If you feel it would be beneficial to have this data available then I would suggest that you put your efforts into arguing for a restricted version. Although even then we can then get onto all the ethical questions about who the data really belongs to and who benefits from it.

1
 Offwidth 15 Jun 2021
In reply to Stichtplate:

So you don't trust the data experts. You ignore warnings from the organisations you say didn't make them (an example BMA link from last Sept below). You throw out strawman arguments for UKC critics who all seem to say they favour use of NHS data to improve health? Has someone stolen your UKC account for propaganda purposes?

https://www.bma.org.uk/news-and-opinion/outsourced-and-undermined-the-covid-19-windfall-for-private-providers

I strongly support use of the NHS database to improve health outcomes but in a way that benefits health not data pirates like Palantir.

 Stichtplate 15 Jun 2021
In reply to mondite:

> I was pointing out the obvious advantages in misusing information about someone to decide whether to employ them. I could, of course, have gone on to use some of the ways some companies try to anonymise information to avoid this whereas others do not.

Pointing out that someone might be disadvantaged in seeking work due to being young and a woman remains totally irrelevant. If you wanted to make a point that was actually relevant you could have used examples such as HIV, Hep c or diabetic status. Of course you'd then have to explain away the fact that employers can legally demand such information when considering a candidate's suitability for a wide range of jobs...no illegal access necessary.

> Well that has been what you are demanding from others when asking us to show that a db which isnt available yet is being misused.  So I thought I would return the favour. It is amusing that you manage to spot the flaw when its applied to your own position.

No, never demanded any such thing. What I asked was if anyone had an example of illegally obtained medical data used to someone's detriment. That was what, a week ago? still waiting.

> At the moment the government are proposing that the data is made available to companies with very dubious track records. So thats going to be a firm no from anyone with a clue about data management.

> As has been repeatedly pointed out to you the anonymisation methods arent sufficient to protect against companies with large alternate data sets. They might impress someone without a clue about data analytics but for anyone with half a brain its obvious they are badly flawed. Since for them to be useful they cant be that well encoded.

> If you feel it would be beneficial to have this data available then I would suggest that you put your efforts into arguing for a restricted version. Although even then we can then get onto all the ethical questions about who the data really belongs to and who benefits from it.

There hasn't been the level of detail released to make to firm declarations about the level of data security inherent in the proposed system, however much of an expert you declare yourself to be.

1
 Stichtplate 15 Jun 2021
In reply to Offwidth:

> So you don't trust the data experts. You ignore warnings from the organisations you say didn't make them (an example BMA link from last Sept below). You throw out strawman arguments for UKC critics who all seem to say they favour use of NHS data to improve health? Has someone stolen your UKC account for propaganda purposes?

I don't trust self declared data experts. I don't trust our government. Not sure about alleged straw man arguments but I know that's your favourite go to when you can't be bothered arguing the point so whatever.

Talking of straw man arguments... If you could explain how a link outlining rushed pandemic responses involving inadequate and unsuitable private businesses has any relevance to an NHS programme that's been years in the making?

> I strongly support use of the NHS database to improve health outcomes but in a way that benefits health not data pirates like Palantir.

So are you opting out? I'm not because as I've said, several times now, the known benefits to everyone accessing healthcare far outweigh the potential pitfalls for the individual. It's a common enough equation applied throughout every society, every day.

Post edited at 11:05
1
In reply to Stichtplate:

> No, never demanded any such thing. What I asked was if anyone had an example of illegally obtained medical data used to someone's detriment. That was what, a week ago? still waiting.

If someone's being exploited by the threat of revealing previous abortions, or STDs contacted from a rape they haven't told a partner about, they're hardly going to advertise it on a public forum or go to the press, are they?

 Stichtplate 15 Jun 2021
In reply to Ridge:

> If someone's being exploited by the threat of revealing previous abortions, or STDs contacted from a rape they haven't told a partner about, they're hardly going to advertise it on a public forum or go to the press, are they?

Open a newspaper, switch on the TV or your computer. Plenty of cases of people revealing intimate details of themselves. Plenty of rape victims making anonymised statements. Plenty of court cases where illegally accessed or published data has lead to criminal convictions.

4
 Offwidth 15 Jun 2021
In reply to Stichtplate:

The covid crisis is very important context, it has helped out government put through changes that never would have been allowed in more normal times.

I'd very much rather not opt out as I have an interesting health record that could help others but I will if according to health data experts I trust it's not safe enough and will actively encourage others to do so as well; as opposed to listening to counter-factual statements of how safe our data is in the hands of known bad agents.

 mondite 15 Jun 2021
In reply to Stichtplate:

> Of course you'd then have to explain away the fact that employers can legally demand such information when considering a candidate's suitability for a wide range of jobs...no illegal access necessary.

Do you not understand how useful it is having the information without announcing it? If I know you have a medical condition (incidently something heavily restricted on application forms as opposed to once we are well into the recruitment process) then if I choose not to interview you you could challenge it on discrimination grounds. Whereas if I dont officially know it then you are just unlucky.

A casual example would be how in some industries you would have a fairly neutral reference since if I got my hands on it you could be in trouble but then have a phone call to say the blokes an idiot.

> No, never demanded any such thing.

You have done so repeatedly just above we have "pure speculation without a relevant example."

> What I asked was if anyone had an example of illegally obtained medical data used to someone's detriment. That was what, a week ago? still waiting.

Andrew Stewart, Chika Mbah and Adele Rennie are all recent cases investigated for misuse of access to medical records. There are also multiple other cases where people have been prosecuted for accessing data.  Arent you NHS and so I would assume have receive yearly data protection training which would cover case studies? I am surprised you arent aware of several.

On a larger level for the willingness to use data in dubious ways. Look up the Mosiac db and Emma's diary with the former using high level medical information. Now you might live in a fantasy world where the same brokers wouldnt love the more detailed information and wouldnt dream of using it but most people dont.

> There hasn't been the level of detail released to make to firm declarations about the level of data security inherent in the proposed system, however much of an expert you declare yourself to be.

As others have tried explaining to you. If you want the information to be useful and you are allowing the users to query the data directly themselves then it will hard to the point of impossible to anonymise. Just think for a second about the queries you might want to run and then how quickly you can narrow someone down by seeing who appears in several queries. Then a bit of cross referencing against other datas and you would be all good.

 Stichtplate 15 Jun 2021
In reply to Offwidth:

> The covid crisis is very important context, it has helped out government put through changes that never would have been allowed in more normal times.

I wrote up thread that the BMA had issued no warnings over data security concerns with regards to this program. You wrote "You ignore warnings from the organisations you say didn't make them (an example BMA link from last Sept below)." and then provided a link that doesn't mention this program at all.

Did you think I wouldn't read the link? Perhaps an apology for the blatant misrepresentation?

 Stichtplate 15 Jun 2021
In reply to mondite

> You have done so repeatedly just above we have "pure speculation without a relevant example."

A quotation shorn of context doesn't show anything. I note you've edited out the original with context as it doesn't fit with how you're misrepresenting my argument.

> Andrew Stewart, Chika Mbah and Adele Rennie are all recent cases investigated for misuse of access to medical records. There are also multiple other cases where people have been prosecuted for accessing data.  Arent you NHS and so I would assume have receive yearly data protection training which would cover case studies? I am surprised you arent aware of several.

Any links? Any details? Or (wild guess) just guff?

> On a larger level for the willingness to use data in dubious ways. Look up the Mosiac db and Emma's diary with the former using high level medical information. Now you might live in a fantasy world where the same brokers wouldnt love the more detailed information and wouldnt dream of using it but most people dont.

Yeah, can't really be arsed looking anything up for you. If you provide an actual link I'll give it a gander.

> As others have tried explaining to you. If you want the information to be useful and you are allowing the users to query the data directly themselves then it will hard to the point of impossible to anonymise. Just think for a second about the queries you might want to run and then how quickly you can narrow someone down by seeing who appears in several queries. Then a bit of cross referencing against other datas and you would be all good.

People have explained how the data could be deanonymised if specific times, dates and geographic locations are included. No detail has been provided to confirm this information will be available. Case made but not proven rather than your repeated insistence that it's obviously easy to access confidential data.

Edit: Edited to add that you'd also need access to hugely comprehensive mobile phone data to put an individual in said geographic locations, at said times, at said dates, on multiple occasions in order to extrapolate who's who. Rather a big ask if, to use one of your examples, a firm is desperate to know if their potential new recruit is having fertility treatment.

Post edited at 12:03
1
 Offwidth 15 Jun 2021
In reply to Stichtplate:

You said:

"the only issues raised by the BMA and Royal College of GP’s (both heavily involved in the program) have been over providing sufficient time and information to the general public to ensure informed consent, not data security."

The point I was making is that BMA (and the Royal College) have been headline concerned with wide aspects of the governance, transparency, value for money and practical NHS linkage of these outsourced contracts and the past track records of some companies who won contracts.

1
 Stichtplate 15 Jun 2021
In reply to Offwidth:

> You said:

> "the only issues raised by the BMA and Royal College of GP’s (both heavily involved in the program) have been over providing sufficient time and information to the general public to ensure informed consent, not data security."

> The point I was making is that BMA (and the Royal College) have been headline concerned with wide aspects of the governance, transparency, value for money and practical NHS linkage of these outsourced contracts and the past track records of some companies who won contracts.

Right, so your contention is that cos the BMA have raised concerns over totally unrelated matters this constitutes me, in your words " ignore warnings from the organisations you say didn't make them" when I've only been talking about the data program? 

Totally unsurprised that you'd rather resort to sophistry and bullshit rather than simply apologise and retract.

1
 Offwidth 15 Jun 2021
In reply to Stichtplate:

Safety that we will have good data security (a governance issue) as well as good wider governance,  transparency, value for money future and NHS linkage is only going to be bullshit to the ignorant. You can't just separate the specific data security from the wider concerns and people have explained patiently how the data security is clearly an issue.

In reply to Stichtplate:

> Edit: Edited to add that you'd also need access to hugely comprehensive mobile phone data to put an individual in said geographic locations, at said times, at said dates, on multiple occasions in order to extrapolate who's who.

You don't. That data is available through other sources. As I have already explained, Facebook, Google, other advertisers, other apps, etc. already have such data. A lot such databases exist and some have had security breaches that make them fair game on the dark web. 
 

Examples: mSpy was used by parents to track their kids' online activity. Unfortunately, it was an unencrypted piece of shit and leaked literally everything, their locations, emails, names, photos etc. Those are tied to them *for life*.

Accuweather was found to be sharing device locations and data with third party advertisers. Oh, and if you had GPS off it was sharing WiFi MAC addresses instead, which are on massive location databases already, even Google was found to be scrubbing those with the street view vans a few years ago.

Foursquare was hacked and leaked everyone's location data.

Uber has been found to be tracking user's locations after the end of their trips. All it would take would be a security flaw to leak that data, if there hasn't been one already.

Snapchat was hacked and leaked people's names, numbers and location data.

Tinder was exploited to triangulate everyone's locations.

Are you starting to get the picture now? These databases are not theoretical.

 Stichtplate 15 Jun 2021
In reply to Offwidth:

> Safety that we will have good data security (a governance issue) as well as good wider governance,  transparency, value for money future and NHS linkage is only going to be bullshit to the ignorant. You can't just separate the specific data security from the wider concerns and people have explained patiently how the data security is clearly an issue.

You're basically saying I'm ignoring home office advice not to travel to Uzbekistan when I've argued no such advice exists. Then you provide a link to home office advising against travel to Afghanistan and saying "there you go, you're a liar"

1
 mondite 15 Jun 2021
In reply to Stichtplate:

> Yeah, can't really be arsed looking anything up for you. If you provide an actual link I'll give it a gander

Ah well I cant be arsed trying to educate an idiot anymore. The sad thing is if you actually gave a toss about using the records as a research resource you would actually be arguing for maximum security and restrictions since without those people will inevitably opt out and undermine it.

Maybe TomInEdinburgh or Wintertree will continue to waste their time on you but anyone who somehow confuses the need for phone records to link into medical records isnt going to worth any time.

 Stichtplate 15 Jun 2021
In reply to Alkis:

Fair enough. So you're saying an employer would have to access data from a variety of sources to enable them to track their potential recruit's exact location over a sizeable timeframe (say three years?) in order to cross reference them with an anonymised medical data base of 56 million people which you'd then have to deanonymise. Oh, and you're also assuming, without evidence, that times, dates and locations will be included in the database.

>Are you starting to get the picture now? These databases are not theoretical.

Thanks for pointing that out. How many databases would need to be hacked, compiled and cross referenced to provide a three year window on the lives of 56 million people? Are you starting to get the picture of why I'm unconcerned yet? It's not that it's impossible, it's that it's highly improbable that some dodgy firm would have the resources and scale to undertake such a task.

How many job roles outside of the secret service do you think would demand such a byzantine level of scrutiny? Worth noting that the security services simply ask for access as part of the recruitment process. Totally legally.

 Stichtplate 15 Jun 2021
In reply to mondite:

> Ah well I cant be arsed trying to educate an idiot anymore.

Awww. Have I upset you diddums?


This topic has been archived, and won't accept reply postings.
Loading Notifications...