View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

As More Companies Eye NHS Data Trove, Code of Conduct sets AI Boundaries

“Technology providers derive significant value from the NHS beyond access to unique data sets."

By CBR Staff Writer

The UK Department of Health has published an AI code of conduct for data-driven health applications and artificial intelligence technologies, as enterprise interest grows in the NHS’s vast data trove.

The codes of conduct consists of ten principles that outline how the NHS should work with technology companies that are developing AI systems and algorithms for use in healthcare.

The NHS currently works with several technology companies to deliver AI based medical services, such as UK-based AI developers Ultromics, which helps increase detection of lung cancer and heart disease via AI systems. The NHS also works with Imperial College London, which has designed an AI system that predicts the survival rates for patients with ovarian cancer.

Read this: Gov’t Cautiously Welcomes Proposal to Sell more Public Data

NHS Codes of Conduct

The ten principles laid out in the code aim to foster innovation and tech company engagement with the NHS, while also ensuring that patients are protected from data abuse.

The first two principles deal with what the patient’s needs are, and whether the tech being developed fits into the context of those needs. This requires enterprises to clearly outline what their product is and how it will bring about the desired medical outcome.

Data Protection Requirements

The need to adhere to data protection regulations is established in the third and fourth principles which stipulate that companies and the NHS can only use the data for the reasons stated when it is first collected from patients, who are required to give express permission for their data to be used.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

The NHS AI Code of conduct states that its “responsibility as an internationally trusted health and care system is to use all the tools at our disposal to improve the quality and safety of care, including data-driven technologies, in a safe, ethical, evidenced and transparent way.”

NHS Codes of Conduct

Several principles detail how the NHS will require companies to be transparent about not only how their algorithms work, but they must accurately state the limitations of what can actually be achieved from the deployment of AI on medical datasets.

Andrew Grant, Business Development Director at Imagination Technologies told Computer Business Review that “The principles of the code are clear and well-written and understandable to all.”

“They identify potential pitfalls such as the need for diversity to be reflected in the data. For example, if an issue affects a specific part of the populace for genetic or sociological reasons then this should be accounted for in the training and validation datasets so that bias does not occur in prediction. This is fundamental, and it is imperative that what is, and what is not in the data is fully understood.”

NHS AI Code of Conduct: Concerns About the Value of Data

The codes come nearly two years after the Information Commissioner’s Office slammed the Royal NHS Foundation Trust for failing to comply with GDPR’s predecessor, the Data Protection Act, when it provided patient details to Google’s Deepmind.

A key issue highlighted by the ICO was that patients were not adequately informed how their data was going to be used.

“Our investigation found a number of shortcomings in the way patient records were shared for this trial. Patients would not have reasonably expected their information to have been used in this way, and the Trust could and should have been far more transparent with patients as to what was happening,” the ICO stated in 2017.

The third and fourth principles in the AI codes of conduct specifically address the concerns the ICO raised. However, principle ten goes a step further with regards the further commercialisation of patient data and acknowledges that access to this data has extended value to technology companies.NHS Codes of Conduct

“Technology providers derive significant value from the NHS beyond access to unique data sets – through medical and clinical involvement, test beds and pilots – and this value should be captured within the commercial arrangement,” the NHS states in the codes.

David Biden CEO at human+, a robotic process automation partner working with government and non-profits, told Computer Business Review: “This is absolutely a step in the right direction for the UK government and the NHS.”

However he told us that Principle 10, which defines the commercial strategy is a ‘little vague’ and he would like to see it fleshed out with further detail over time.

“Speciality data legal advice isn’t something that is easy to access and readily available for most project teams, so this will likely affect delivery of solutions. It will be interesting to see how these first few programmes, products and solutions are monitored and advised through the new code of conduct,” he commented.

The NHS Code of Conduct for Data-Driven Health and Care Technology is intend to function as a living document which will be continually assessed and updated as they increases the digitalisation of the Health service.

See Also: OpenAI’s Text Model so Disruptive it’s Deemed Too Dangerous To Release

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.