There are plenty of great moments, learnings and tips still yet to be mined from our archive of talks at the first ever HTN Digital Primary Care conference earlier this month. You can discover and watch back the sessions in full by visiting the video section of the HTN website, where you’ll also find a range of webcasts from healthcare and health tech professionals at our other virtual event series.
Here, however, we’ll focus on recapping and sharing the video from Dr Osman Bhatti’s discussion on GPDPR (General Practice Data for Planning and Research), from 4 August 2021.
A GP from east London and the Chief Clinical Information Officer (CCIO) for NHS North East London CCG, Dr Bhatti said: “[GPDPR] is one of those things we need to be well aware of. [It] may well have paused but I think it’s something we need to continue to keep an eye on.”
Providing background context on GP data, he explained: “Everyone knows that GPs have historically held data for patients. Patients give us the information, GPs code this in the records, and this helps in the care of patients. I think the fundamental, important thing for me – and all clinicians really – is that patients give us that information in confidence and they don’t often reveal it to anyone else. Therefore, trust is what’s paramount – that’s basically the thread I want to run through this presentation.”
“Anything that breaks this trust will impact what we record and also what patients tell us. Ultimately, that’s detrimental, not only for us as clinicians but also for the patients and for their healthcare,” he said.
Discussing data in direct care, Dr Bhatti outlined how data is used – such as GPs sharing patient information for reasons such as hospital referrals and seeing that data flow back to primary care. “That’s not an issue,” he stated, “that’s something that’s upheld and the data is done very securely. That’s not the issue here.”
“The issue, really, is around planning and research and how we do this. We all agree that it’s a really good thing to do and, actually, we’re involved in this locally – certainly I am where I work – and what we need to do is, when we’re doing planning and research, we need to do [this] securely and [ensure] the confidentiality of patients is maintained. That’s where the issue is and how we do this is what we need to be questioning with GPDPR,” he said.
“So what do the NHS want to do with our data?” questioned the CCIO. “NHS Digital, which actually is a government organisation… [and] works off the direction of the health secretary…want to take the coded data from GP records – all of the data, which is different to care.data…which took selected bits of data…and they want to combine this with other sources. They want to build their own data warehouse.”
“They want to use that data,” he continued, “for what they say is research and planning, which sounds like a good idea generally. But the problem here is that, actually, they issued a legal direction – so they mandated this to happen and this occurred on 12 May  and then they said ‘in six weeks’ time we want the data to flow’ – they just basically gave, initially, a six-week period for this data to flow. And that’s where the term ‘data grab’ was initially coined. Then the campaign happened and everyone got involved…and then NHS Digital were essentially forced to postpone this.”
On what the issues are at the very heart of the debate on GPDPR, he highlighted the status of GPs as “data controllers” who “control the data of patients securely” – with the problem being that he felt NHS Digital wanted to “take the data, essentially without patients knowing about it and then using that data for whatever they felt necessary.”
Maligning a “lack of transparency” around this, he added: “I think this is where we need NHS Digital to be really open about the data and be transparent about its use.”
That lack of transparency, he explained, was why people called for a Data Protection Impact Assessment – which, to date, the results of which had not yet been revealed.
After highlighting the opt-in process for patients that usually happens when identifiable data is to be used for something such as a clinical trial, he went on to explain the difference between that and anonymised data, and the situations in which that would be used – for example, calculating the number of people in your practice with high blood pressure.
What NHS Digital intended to do with data was, according to Dr Bhatti, “something in the middle, called pseudonymisation”.
“This is where they take the identifiable data – so they know who the patients are – they apply a pseudonym to it, basically a code so only they know how to unlock that code, and the reason they say that’s important is so they can then link it to another data source…once they’ve linked it to a data source it’s pseudonymised so that nobody else can identify the patient – unless NHS Digital say so,” he explained.
“NHS Digital want that right to choose when they apply the pseudonymisation and when they can take it off to make it either identifiable, or the flip-side, to make it anonymous.”
After explaining the benefits of having and using Trusted Research Environments (TREs), Dr Bhatti moved on to the 19 July letter from MP Jo Churchill and its assurances of consultation, the ability for patients to opt-out of data flow and data deletion for those who choose to, as well as TRE development, and a public campaign to increase communication – but he was still mindful of the lack of detail included in these points. “That’s the problem with a lot of these letters that come out to us. It’s a good overview but the detail is often missing,” he stated.
“Could we differentiate data going to NHS Digital to be used for planning and research?” he asked, “increasingly, in the future, I think we’ll want to be doing planning and research within our CCGs, for example, or localities. To do that we’d need good governance or some kind of process.”
He also wondered, “if patients opt-out it opts them out for everything…could there be a way of opting out between local and national?”
Bringing the presentation full circle, back to the trust between doctors and patients, he commented: “Anything that is done that undermines this will affect that – how we record information, [and] not only patient care but also future research and planning, which will become quite skewed if we don’t think about this and take our time to do this and not just rush through within a short timescale.”
In conclusion, he added: “We need to focus on what the future is going to hold. For now we can carry on…but actually, we need to be mindful of any future state of a data extraction and to avoid it being a data grab, really.”
Watch the full presentation, as well as extras such as an audience Q&A, below: