Skip links

UK health privacy watchdog still in talks over who is accessing country’s COVID data store

More than two years after England launched a COVID data store, keeping details of National Health Service (NHS) patients, the country’s National Data Guardian (NDG) remains unsatisfied with who is accessing the data.

The COVID-19 data store was launched in March 2020, and would pull together medical and operational data about the spread of the virus across the country.

Campaigners had to force the UK government to publish details of the contract supporting the project awarded to AWS, Microsoft, Google, Brexit-linked analytics business Faculty, and Palantir, whose technology has been employed by the CIA and controversial US immigration agency ICE. Palantir’s data platform uses data from the COVID data store.

Only in August 2021 did NHS England and NHS Improvement publish a “data dissemination register” to show who had accessed medical information on the data store. At the time, critics and the National Data Guardian – the privacy watchdog for health data – were not satisfied with the response.

Nearly a year later, despite a further release of data access details, that remains the case.

In a statement to The Register, Dr Nicola Byrne – the National Data Guardian for health and adult social care in England – said it was continuing dialog with NHS England over the release of details.

“It is essential that there is transparency around who gets access to health and care data and for what purposes. The merger of NHS Digital into NHS England and the shift towards data access in secure data environments provides a timely opportunity for NHS England to reflect on how best to achieve this.

“By acknowledging past criticisms and learning from current best practice, NHS England can implement a clear, coherent approach that meets the needs of the public. I am currently pursuing conversations around achieving better transparency for all NHS data sharing.”

In August last year, the NDG declined to endorse NHS England’s first effort to be transparent about access to the COVID data store. “My panel and I will continue our ongoing dialogue with NHS England and NHS Improvement,” Byrne said.

A few weeks earlier, she expressed frustration that it had taken more than a year to release any details all.

At the time the register was released, critics argued the disclosure did not reflect the reported use of the data during the height of the pandemic. The data store had been accessed just 18 times – more recently updated to 20 – according to the spreadsheet.

NHS England’s efforts at transparency will come under the spotlight as it seeks to buy a £360 million (c $438 million) data platform to support an overhaul of how it manages clinical services. As US spy-tech firm Palantir sits at the heart of the current data platform, it is seen as first in line for the contract. NHS England maintains it is an open and fair competition.

The Peter Thiel-founded analytics company recently won a $90 million, five-year contract with the US Department of Health and Human Services for a “holistic” enterprise data project. ®

Source