Coding for Failure: HSCIC & You.

There have been many recent announcements which could easily be cause for concern. Russia is standing fast on the borders of the Ukraine. Uganda have published the names of leading homosexuals in an effort to clamp down on something which is now, unbelievably, illegal. An ex-actor from The Only Way is Essex* ALMOST stepped in a puddle. Oh, alright, forget that last one. But, somewhat hidden in the daily mire of speculation, opinions and well-dressed adverts for the latest phone or makeup was little announcement regarding our medical records.

(*for readers in the US, think Jersey Shore without the class.)

I was first made aware of the potential problem through Facebook. Not, you might think, the first place a potentially life-changing bit of information would be posted, but rather insidiously it would appear that making a big song and dance about this subject was hardly high on the agenda for our healthcare leaders.

The essence of the scheme is simple. In order to ‘provide the best level of care’ and to enable developers of new techniques and medicines to work more effectively, our medical records will soon be shared with third parties. These interested groups would not, I have been assured, have access to the full details, but would see something called ‘Pseudonymised’ information – something I am not 100% sure can actually exist. As far as I can tell, this is to be organised by a group called HSCIC – Health and Social Care Information Centre.

So far, so good. If this works properly then I would remain unidentified and healthcare professionals throughout the UK would gain access to very important, extremely valuable data. Ah – valuable. Is that perhaps the point?

So, a few concerns perhaps.

The first one was triggered by the information that I was able to Opt Out of the system of data sharing by sending a brief letter in to my doctor, asking for my information to be withheld. Now, with information held on a centralised computer – the better to enable emergency care to be provided to me when eventually my luck cycling on British roads runs out – this withholding CANNOT take place at a local level. All this Opt Out will do is tick a little flag on the database, so that my information will not be included in the data sent to the interested third parties. As far as data security goes – and we all know how brilliant the people in this field are expected to be – there is nothing there to calm my rasping nerves.

Secondly, this system is supposed to be implemented in order to save lives. It is our healthcare bosses that are bringing this in, is it not? So you would think they take the saving of lives seriously. Well, I would. But the system is an opt-OUT choice. It is INCLUSIVE rather than the very EXCLUSIVE (opt-IN) Organ Donation system. It seems that the government finds the donation of data a far more important goal than, say, the hearts, lungs, livers, kidneys, corneas and other hugely ‘valuable’ body parts that go to waste every day, because someone failed to opt in to the donation scheme. (I also find it disgusting that even when people HAVE opted in to the Organ Donor system, their family can override their wishes, but that is a rant for another time). Could it be, perhaps, that the harvesting and selling of organs is too squeamish a subject for our NHS ministers and leaders? The VALUABLE data they are getting, on the other hand, is perfectly saleable. If these people are serious about the importance of this information, and about saving lives, the very least they can do is make BOTH scemes either opt-in or opt-out. Stop the hipocrisy.

My next immediate concern was where the information could possibly go. Once you have a huge amount of data, it becomes a commodity. And with healthcare data, one direct and immediate customer is our beloved insurance industry.

(I’m going to have an aside here to mention what happened a few years ago, when the time came for me to renew my insurance. As usual, my premium had nearly doubled due to my insurance company once again taking advantage of the average person’s unwillingness to look elsewhere, so I did the usual thing of calling them to have a laugh, and get them to reduce it to a reasonable level. The phone jockey informed me that this was not possible, because of data from crash (sorry – incident) reporting they had received. I asked what he meant. It boiled down to this – in the past 12 months, the (rather rare and imported) model of car that I had chosen to drive had been involved in a higher number of accidents. Note – this was nothing to do with accidents involving MY car, just cars of this MODEL countrywide. This – in their eyes – increased the risk inherent in covering me to continue to drive my, undamaged, machine, and they had adjusted the figures accordingly. It was only when I pointed out that, due to the evidence of this data and the fact that I had NOT been involved in any collissions, I was by definition a SAFER driver than the rest that he shut up. I eventually found insurance cheaper elsewhere, which possibly showed that it was not industry statistics they were working on, but a small sub set – prehaps their own information?)

Anyhow – the point is this: The data has a value to our healthcare services because it can be used to target services, develop medicines and potentially reduce the long term burden on the NHS. I’m sure (spot the sarcasm) that it will also be responsible for reducing waiting times for vital operations, and will be of huge benefit to the nation as a whole. But who else will benefit? The other group who have an interest in the sharing of this data are those insurance companies. ‘Pseudonymised’ or not, by definition we remain identifiable – otherwise the data would have been called anonymous instead. And if we are identifiable, the insurers can adjust our individual premium accordingly. And here was I thinking insurance should be there to protect us. Soon, insurance will simply be unavailable to anyone who needs to buy it.

Then there is the issue of who will be maintaining and storing the electronic information – therefore who is also going to be doing the ‘pseudonymising’ of the raw data. So far, and based on past form, I do not trust any government department to be able to do this either efficiently or effectively. (NB – I did hear that ATOS would be in line for the contract but had to dismiss this out of hand. Quite apart from the competency gap – canyon perhaps – there would also be the massive conflict of interest with their Benefits screwing department to think of…)

So where is the optimism here then? Well, for one this I hope it will bring enough interest to bear on the conflict between saving actual lives and saving potential lives. This will allow the Organ Donor scheme to become Opt-Out, with the objections of families overruled in order to allow us to save lives and qualities of life immediately. And do it soon.

Secondly, we can now rally for a ban on sale of our raw, identifiable information to ‘Interested’ but unqualified third parties. If they can show a need for access, they should be able to provide the search terms to the data-holder, who can then provide them with the report they need, with all personal and identifiable information properly scrubbed.

Third, it will be a great opportunity for competent and properly safe data management companies to enter government service. You can’t be any worse than the people currently in charge, surely.

And failing that, we all need to opt out until such time as we can be confident that the corporations benefitting from our own information are the ones we want to succeed. Even actuaries should be in favour of this – after all it is their lucrative positions in the job market that are at risk.

We are, I think, at an important juncture. To continue regardless of the risk is greasing an already slippery slope to the full commercialisation of our health and wellbeing – all for our government to benefit from the lucrative ‘back end’ of data sales. To cancel the whole plan would impact the fantastic potential of our future healthcare services.

A more sensitive route is needed, and one which needs consideration. A message to those making the desisions should be clear. It is the same one my teachers used to write when I handed in badly considered homework, and should be delivered in the same patronising tone – “Not good enough – try again.”


2 thoughts on “Coding for Failure: HSCIC & You.

  1. I work in consumer research (taste tests, product review surveys, focus groups, etc) and I’ve heard the word “pseudonymised” used several times, though it’s not, from what I can tell, a widely used term in the industry.
    With most consumer research studies, data is typically collected in a “psuedonymized” form and ultimately report a “bulk anonymity” form. It works basically like this:
    Company A hires Company B to conduct a taste test of their new product. Company B designs the study and then hires 6 contractors (of which my company is one) in different cities to recruit and execute the taste test, with a quota of 200 participants per city. We each have our own database from which we recruit enough people to complete 200 surveys and execute the study. When people come in, they are assigned a survey ID to participate with. We report, to our client the full demographic info that belongs to each individual person but that data is reported to them attached only to the Survey ID they were assigned upon arrival. They don’t get any Personal Identifying Information (PII) with the data. All PII like name, phone number, address, etc. is removed from the data file before we send it to Company B. This is how the other 5 contractors will do it as well, so Company B now has 1200 data points each with survey data and demographics but no information about who the person is. They analyze the data from there and report a further anonymized dataset to their client (Company A) that doesn’t even separate the information down to individual data points. Company A ends up with a report that has overall demographic breakdowns of the study (how many Caucasians, how many African Americans, how many Hispanics, how many males, how many females, so forth) and then a bunch of statistics of how well or poorly the product tested overall and then within specific demographic groups, but they don’t see “Participant #127 from market 3 answered this question this way.” So the end-client gets all the data they need to determine how to proceed with their new product and the only company that every has any PII for the 200 people at my location is my company, and they have volunteered that information in order to participate in studies with us.
    Potentially, substitute Medical Researchers for Company A, HSCIC for Company B and Hospitals/private practices for the 6 contractors. The data reporting can (and should) work exactly the same way I’ve described.
    Now, I don’t know that this is the process that they’re talking about when they discuss using pseudonymized data reporting for the healthcare system in the UK, but if so, it’s a pretty darned effective system, but for getting people the data they need and for protecting the personal information and general privacy of the people the data is coming from. If it isn’t what they’re talking about, which would make this post less than useful, then I hope it was at least informative.
    P.S. I regret to inform you that there are Americans who are fully aware of The Only Way is Essex.


    • Thanks for the info – very interesting to find out how works. I’m very sorry to hear that TOWIE has made it that far.

      In an ideal world, the method you have outlined would be great, but from what I understand, it is not the way it would happen. Instead, the surgeries and hospitals will pass on the full information, simply with the name and address of the patient removed. The NHS number, similar to NI number or SSN in the states, will be the remaining identifying factor.

      This sort of makes sense if you are dealing with medical issues.

      For example, with properly anonymous information, it is not only important to know how many people are obese and how many are diabetic, but also whether there is a correlation. That possibility is reduced with anonymous data.

      This is why I am thinking there needs to be a system in place which provides reporting to the agencies which may request information. For example, a pharmaceutical company may ask how many asthma sufferers are also allergic to birds and are underweight. With properly scrubbed data, this information would be difficult to extract, but with a reporting system between the company and the data, the report can be produced and published.

      I used to work extensively with databases. It is the equivalent to only ever allowing the reports to be published in summary, but ensuring the search terms are precise and executed properly. The data produced is still valuable, yet without any identifying markers.

      Thanks again for your comment!


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s