Public Sector
Doctors welcome joined-up care plan, but warn patient trust depends on safeguards, access controls, and knowing where Palantir fits in
The UK government has confirmed plans for a Single Patient Record (SPR), a major overhaul of NHS health data management that could involve the service’s controversial Palantir-run Federated Data Platform (FDP).
In the King’s Speech yesterday, the Labour government said it would push ahead with plans to introduce the NHS Modernisation Bill in the new Parliamentary year, which is set to include legislation for the introduction of the SPR.
Previous governments have found their efforts to bring together electronic patient records held by family doctors, hospitals, and other specialist services beset by technical complexity, a mind-bending web of rules and roles, and some cultural intransigence. Nonetheless, the government said its plan for the SPR would allow the NHS to “bring together patients’ health and social care records into one place to improve patient safety and experience.”
It said patients would be able to see their own health records securely on the NHS App. The plan is to roll out the service to those receiving maternity and frailty care by 2028, with wider implementation to follow.
An impact statement for the policy, published in January, said costs would encompass product development, tech, and data integration including alignment with external vendors, delivery and administration such as business case development, engagement, clinical and system input, as well as commercial costs.
“The broad scope of the SPR means it will require investment to ensure that staff such as paramedics and community pharmacists have the same access to their patients’ data as those working in GP surgeries and hospitals,” it said. “Depending on the approach to the SPR, in order to maximize its value, activities may need to include translating the medical terminology in care records into plain English so that they can be readily understood and used by the patient, and to digitize historic patient information.”
While the document says the SPR could support automated triage of patients, potentially reducing variation in the service, “there are risks to delivering the Single Patient Record due to the magnitude and complexity of the program and integration with legacy systems.”
The impact assessment said there was a risk of reliance on a single provider and “de-facto vendor-lock.”
“While many clinicians would support data sharing for the purposes of improving care, there may be a risk of clinical resistance to changes to data sharing if safeguards are perceived to be insufficient,” the document said.
Dr Emma Runswick, council deputy chair of doctors’ union the BMA, said: “The NHS Modernisation Bill is a huge undertaking and doctors’ and patients’ past experience with large top-down reorganisations of the NHS have not always been a happy one. The announcement of a SPR is welcome, however it is crucial that GPs’ voices are listened to in its implementation to ensure patient data remains safe and patient confidence is protected.”
Currently, GPs are official “controllers” of patient data under UK data protection law, although that may change with the introduction of the new SPR.
NHS England is currently planning the SPR rollout. A meeting held by the soon-to-be-defunct quango last year “accepted that an appropriate data controller for SPR is necessary” and that change would require a review of the legislation.
The minutes, obtained by campaign group medConfidential under the Freedom of Information Act, said: “Given SPR will be a multi-service record it would not be appropriate for GPs to act as the data controller. It was agreed that while the NHS will be the data controller/custodian, patients would expect to own their records: how this can be achieved requires further thought.”
In an official statement, BMA GP Committee England chair Dr Katie Bramall said: “GPC England has not been part of the discussions on what form the Single Patient Record will take, who will be granted access, the purposes for which it will be used, or which company will be contracted to operate it.
“There are already existing mechanisms that allow those in secondary care to view the live GP record, and therefore, the Government needs to explain why an additional system is needed. Until the security of any data flows can be guaranteed, and full patient-facing audit trails are made available via the NHS App showing who has accessed confidential medical data and why, we remain concerned.
“We also remind patients that they can exercise their right to opt out of secondary uses of their confidential medical data by visiting the NHS website.”
The NHS England Data and Digital Technology Committee also heard that the NHS was considering using existing electronic patient record (EPR) systems and/or a role for the controversial Federated Data Platform, run by US spy-tech firm Palantir, in building the SPR solution.
Sam Smith, medConfidential coordinator, told The Register that the FDP/Palantir arrangement – which has been the focus of fierce criticism in Parliament recently – is likely to have a role either way.
“Either there’s going to be a new data store – which will be in Palantir – or there’ll be infrastructure for bringing various APIs together, where you make a single call and you get back a summary of the patient’s record. The system doing that will be the FDP. [NHS England] has not publicly decided what they’re going to do, in practice. They’ll probably do the API thing first, and if they don’t get everything they wanted, they will eventually take a copy of the data.”
The government has backed its ambitions for NHS technology with a promised £10 billion in investment. But nationally led digital transformation in the NHS has failed in the past. The ambitious National Programme for IT (NPfIT), launched by the Blair Labour government in 2003, had a budget estimated at £12.7 billion ($17.2 billion).Â
Although NPfIT introduced a number of new technologies, it fell short of introducing electronic health records throughout the NHS. The National Audit Office said it did not represent value for money, and in 2020 it warned there was a lack of systematic learning from past failures in NHS digital transformation. ®
