Sign up for our newsletter
Policy / Privacy and data protection

UK leads Europe in health data sharing policy but public trust is still lacking

The UK tops a new league table ranking the quality of policies for sharing secondary health data. But policies "won't work if you can't take your population with you," its creator warns.

The UK has the strongest policies around the use of secondary health data, according to a new league table released today by the Open Data Institute (ODI). The UK tops the table pile thanks to strong infrastructure which enables the use of patient information for research into new therapies and the development of medtech devices. However, the reports warns there is still work to do for the UK when it comes to considering the ethical implications of using such data and gaining the trust of the public.

Entitled Secondary use of health data in Europe, the ODI report ranks 29 countries on six policy areas relating to the secondary use of health data, both in terms of the quality of the policies themselves and the success of their implementation. With an overall score of 82%, the UK comes first, just ahead of Finland and Denmark. Sweden and Austria complete the top five, while Greece and Bulgaria are bottom of the list.

What is secondary health data?

Secondary health data is health information which is aggregated from population-level sources, such as anonymised electronic health records and data from wearable devices, health insurance claims and clinical trials. This information can be used for targeted research into new drugs, as well as for predictive modelling to anticipate future demands on healthcare systems. It is hoped using this data will enable health services such as the NHS to operate more efficiently.

White papers from our partners

But the use of secondary health data in the UK has been controversial, and plans to put all NHS patient records into a central database which could be accessed for research purposes, the General Practice Data for Planning and Research (GPDPR), were shelved earlier this year after widespread criticism from doctors and privacy campaigners. They argued that pseudonymisation of patients could be reversed and that people had not been given sufficient time and information to opt-out of what was dubbed the NHS's biggest ever data grab.

Speaking to The Guardian, Dr Ameen Kamlana, a GP opposed to GPDPR, explained: “There’s an immense amount of good that can come from responsible and secure use of public data, public health records. However, our issue here with this particular proposal is that it’s been rushed through."

GPDPR had been due to come into force in July, and after initially being delayed until September has now been suspended indefinitely. Nevertheless, the ODI report highlights that the UK already has strong policies in place around secondary health data.

How the UK performs on secondary health data

The UK's strongest area according to the ODI report is data infrastructure, which refers to the availability of data sets and the adoption of things such as open data standards. Out of a possible 52 for this section, it scored 48 for the quality of its infrastructure and 44 for the way this is implemented. Examples of this infrastructure cited by the authors include the Clinical Practice Research Datalink (CPRD) which links data from GP surgeries to disease registries, clinical audits and biobanks. This already covers data from more than 10 million patients.

The National Institute of Health Research (NIHR) has also been working to link together health datasets, and has launched a digital hub to help pool information from different teams of scientists working on new therapies. Speaking to Tech Monitor earlier this year, Justin Riordan-Jones, head of systems and information (research) at the Department of Health and Social Care, said: "Researchers knew the data existed, but getting access to it was frustrating. We wanted to find a way of making all that information easily discoverable."

Projects like the NIHR hub helped the UK score so highly, according to Dr Milly Zimeta, the ODI's head of policy and one of the report's authors. "The UK scored exceptionally well on infrastructure, and it is encouraging to see it putting serious effort behind creating and implementing policies for secondary use of health data," she said.

However, when it comes to secondary health data ethics, the UK scores poorly on both the indicators assessed in the ODI report, which cover the trust level of trust in healthcare systems, and the ethical and accountability framework in place for secondary use of health data. The authors note that the NHS draft data strategy, Data saves lives: reshaping health and care with data, lacks any detail on ethical data use, instead relying on a code of conduct and some broad statements.

Dr Zimeta says this lack of trust in the NHS to protect shared health data may need to be resolved on a political, rather than policy, level. "Our report assesses the readiness of the policy environment," she says. "You can have the best policies in the world, but they won't work if you can't take your population with you. We see from the UK and other examples highlighted in the report that you need to get people's buy-in and their engagement. If the political environment isn't right you won't be able to use data in the ways you want to."

How can secondary health data be better used across Europe?

The ODI report says that European healthcare systems "are maturing to support secondary use of health data", but warns "many of the initiatives are still fragmented and significant work is needed to establish strong health-data ecosystems and infrastructure for reusing data."

"One particular area of fragmentation is around data standards," explains Dr Zimeta. "If you don't have a common way of capturing data within an individual country and across different countries, it makes it very difficult for data to flow and be used in combination with other sources. That lack of consistency was really surprising for us."

Implementation of the EU's General Data Protection Regulation (GDPR) also causes problems for data sharing, she adds, often making organisations "risk averse" when it comes to making information available. "GDPR was never intended to inhibit innovation," she says. "But it is being interpreted in different ways. Privacy and innovation have to exist together, and we hope this report will trigger a conversation around how GDPR should be interpreted to enable the sharing of data and to achieve better outcomes for patients."

Home page image courtesy shapecharge/Getty Images

Matthew Gooding

News editor

Matthew Gooding is news editor for Tech Monitor.