"I'm a Caldicott Guardian!" announced my new GP proudly on my first visit to his surgery. I had just moved to Manchester to take up my responsibilities as UK Information Commissioner. It was clear that this health service professional, for one, knew a lot more about Data Protection in the NHS than I did. That was in 2009. Over the subsequent seven years, I got to learn a good deal about data protection and health as I had to deal with the misuse of patient data at all levels of the system - from local pharmacies to the health service information system itself.
Now, as Chair of Capacity - The Public Services Lab, I want to see the best possible collaboration between partners delivering health and social care services - and a larger role for local groups, charities, voluntary organisations, and social enterprises. And it's clear that data sharing, properly designed and implemented, is essential for successful innovation.
There's long been a tension between the desire to use data to improve performance in the NHS and develop new and more effective treatments, on the one hand, and concerns about privacy and the security of patients' sensitive personal information on the other. Attempts to balance the advantages and disadvantages of data initiatives haven't always convinced.
And now there is more change on the way with the General Data Protection Regulation which comes into force in the UK, and in the rest of the EU, on 25 May next year. It's not so much that the new Regulation is particularly burdensome. Rather, health and social care have a lot of catching up to do. And hoping that things will be different once the UK leaves the EU would be an illusion. Doing Data Protection properly is essential for joined-up health and social care in the 21st Century - and, particularly, if the UK expects to do business with our EU neighbours in the future.
There was widespread coverage recently of a case where things went wrong - the collaboration between the Royal Free Hospital and Google DeepMind. The Information Commissioner (ICO) found that data sharing had not been managed in accordance with data protection law. The ICO found that data could be used to help patients and still privacy could be respected; but to do that means a bit of extra thought when designing initiatives of this kind. The new GDPR rules will give patients more rights and if providers approach data in the right way everyone can benefit.
That's why Capacity - The Public Services Lab has taken the initiative in arranging a briefing event on Data Protection with the both the VCSE sector and public service commissioners in mind. It's on Tuesday 26th September from 4pm to 6.30 in Liverpool. We hope to see a good contingent of health and social care professionals there. To book your place, please follow this link. Bookings close on 15th September - so don't hang around for a second opinion!
Christopher Graham
Former Information Commissioner; Chair, Capacity – The Public Services Lab
News and blogs >
Collaborating for medicines safety Read more
A programme to reduce the avoidable harm caused by opioids is now on a firm footing in the North West Coast.
Launch of new lipid management pathway Read more
Clinicians in Cheshire and Merseyside have collaborated on a new lipid management pathway aimed at improving outcomes for people with cardiovascular disease (CVD).
Mental health innovators to benefit from £20m programme Read more
Health Innovation North West Coast is backing a programme to support innovators working at the forefront of mental health therapeutics
“Real world validation” being validated by the academic community Read more
A recent report demonstrates the acceptance of “real world” data from health care settings and the impact on patients being used to inform academic research.
