Let’s build a care.data that actually cares about your data.

Photo of medical professionals reviewing medical information — photo courtesy of Mercy Health

NHS England’s care.data programme can be implemented in a way that respects privacy and the right of people to own their own data. In this article, written in response to Ben Goldacre’s piece in The Guardian, I outline three indie data principles that any such implementation must satisfy.

Ben Goldacre wrote a well-balanced piece on The Guardian today on how the NHS plan to share our medical data can save lives — but it must be done right. In it, Ben lays out a plan for how the government can ‘regain our trust’ and states that the problem with the implementation was that there were two separate aspects to the projects: one, to use our medical data for lifesaving research and the other to give it to the private sector for commercial exploitation. I agree with Ben that ‘this was a clear mistake’ and, as Ben puts it:

the public support public research, but are nervous about commercial exploitation of their health data

This is definitely part of the problem, but not the whole of it, as I will explain later.

In his article, Ben proposes a number of things that the government can do to reassure people:

  1. Make a proper announcement about exactly what will be done during the six-month delay
  2. Show the public how lives are saved by medical research
  3. Implement stiff penalties for infringing medical privacy (‘on a grand and sadistic scale’)

Although these are all good suggestions (and, furthermore, ones that I would wholeheartedly support), I believe that we are missing a core component of any solution that involves people’s personal information: giving people control over their own data.

Opt-out is not an option

In his article, Ben says ‘opt-outs would destroy data’ and that ‘opt-in killed people by holding back organ donation’. While it is difficult to argue against either point, there is an issue that we are glossing over here and it is a central issue: what is personal data and, crucially, who owns it?

“As much as we have a right to our own bodies, we have a right to the data about our bodies.”

Any government system that is opt-out has an underlying assumption that your personal data is not yours but the government’s property. How else would they have the right to simply take it and use it (and even sell it) without your permission? This is the road to digital feudalism. It is the road to a future in which our privacy, civil liberties, and human rights are hugely compromised. As much as we have a right to our own bodies, we have a right to the data about our bodies. Our personal medical data is the metadata of our bodies. If we own our bodies (we do), we own the metadata of our bodies. Any use of this data, therefore, must be subject to our permission as would any use of our bodies. This falls squarely within the remit of Article 12 of the Universal Declaration of Human Rights — the right to privacy.

All that said, I am not against some implementation of care.data as long as it respects our fundamental human right to privacy. There can be no debate about whether such a system would be opt-in or opt-out — of course it would be opt-in. You cannot simply disregard the ownership rights of people to their own data because the alternative is too hard. Yes, it will require more work but the onus will be on the government to prove that the medical research is worth compromising our privacy. Yes, it will cost more money, but surely if ‘money is no object’ when saving the second homes of wealthy Tory donors from flood water, it can also be no object when educating the public about the crucially important subject of how their medical data can help to save lives.

Equally, transparency must be a core element of the system and people should, at all times, be in control of their own data. This includes having the ability to opt out of the system at any time and stop any future releases, use, or sale of their data.

Finally, if such a system is to include a commercial element — if data is to be made available to third parties for a fee — then people should be able to decide which entities can buy their data and, crucially, they should get a share of the price paid of their data. This can be based on the Apple App Store model of a 70/30 split: the person whose medical data is being sold gets 70% of the revenue and care.data gets 30%.

Three indie data principles that care.data must implement if it wants our trust

So, to Ben’s suggestions, I add three of my own which I would consider to be essential to any system that shares and/or sells medical data:

  1. It must be opt-in and respect the fact that a person’s medical data is their own property.
  2. It must be transparent in stating exactly how the data is being used at any point and give the user control over exactly what they share and with whom. This should be audited regularly by a third-party to assure compliance and provide a system of checks and balances.
  3. If the data is to be sold, the user should get a percentage of each sale (e.g., as per the Apple App Store model of a 70/30 split).

If NHS England implements care.data in accordance to these principles, they will have my wholehearted support. Anything less — any system that does not acknowledge the ownership rights of people to their own data or which does not give them control at all times over their own data deserves neither our trust nor our support.


Photo courtesy of Mercy Health.