NHSX to oversee data-sharing agreements under new DHSC guidance

  • 24 July 2019
NHSX to oversee data-sharing agreements under new DHSC guidance

NHSX will be responsible for overseeing data-sharing agreements with industry partners under new guidance from the Department of Health and Social Care.

The new guidance establishes key principles around the use of sharing data for commercial purposes.

This includes excluding NHS organisations from entering commercial agreements that grant one organisation exclusive use of raw NHS data, echoing comments made by Simon Stevens to NHS organisations in June.

NHSX – the new unit tasked with overseeing NHS digitisation – will be responsible for ensuring that commercial deals deliver “benefits for patients and the NHS.”

This includes providing legal and technical guidance to NHS organisations, developing standard contracts and assessing the value of proposed data-sharing agreements.

Governance will be provided out of a new “National Centre of Expertise” – known as “The Centre” – which will sit in NHSX.

The Department of Health and Social Care (DHSC) will begin a recruitment process for Head of the Centre and “other key personnel” over the next few months.

The updated guidance comes ahead of a more detailed policy framework due to be published later this year.

The five “guiding principles” set out in the latest policy update include:

  • Any use of NHS data, including operational data, not available in the public domain must have an explicit aim to improve the health, welfare and/or care of patients in the NHS, or the operation of the NHS. This may include the discovery of new treatments, diagnostics, and other scientific breakthroughs, as well as additional wider benefits.
  • Where possible, the terms of any arrangements should include quantifiable and explicit benefits for patients which will be realised as part of the arrangement.
  • NHS organisations entering into arrangements involving their data, individually or as a consortium, should ensure they agree fair terms for their organisation and for the NHS as a whole. In particular, the boards of NHS organisations should consider themselves ultimately responsible for ensuring that any arrangements entered into by their organisation are fair, including recognising and safeguarding the value of the data that is shared and the resources which are generated as a result of the arrangement.
  • Any arrangements agreed by NHS organisations should not undermine, inhibit or impact the ability of the NHS, at national level, to maximise the value or use of NHS data. NHS organisations should not enter into exclusive arrangements for raw data held by the NHS, nor include conditions limiting any benefits from being applied at a national level, nor undermine the wider NHS digital architecture, including the free flow of data within health and care, open standards and interoperability.
  • Any arrangements agreed by NHS organisations should be transparent and clearly communicated in order to support public trust and confidence in the NHS and wider government data policies.
  • Any arrangements agreed by NHS organisations should fully adhere to all applicable national level legal, regulatory, privacy and security obligations, including in respect of the National Data Guardian’s Data Security Standards, the General Data Protection Regulation (GDPR) and the Common Law Duty of Confidentiality.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

MHRA selects five AI-powered medical devices for regulatory pilot

MHRA selects five AI-powered medical devices for regulatory pilot

The Medicines and Healthcare products Regulatory Agency (MHRA) has selected five medical technologies for its AI Airlock a pilot scheme.
Movers and Shakers news roundup

Movers and Shakers news roundup

Our latest Movers and Shakers roundup includes the abrupt departure of TPP’s long-serving clinical director, Dr John Parry.
Concerns raised that NHS digital plans could exclude older adults

Concerns raised that NHS digital plans could exclude older adults

Concerns have been raised that government NHS plans, including having a single patient record through the NHS App, will exclude older people.

7 Comments

  • All NHS employees, and all of us commenting above, are citizens. Perhaps a coordinated GDPR FOI request may alert NHSX/the Centre, to the needs of the individual as the speed if patient data collection gathers momentum?
    As a patient, I still cannot get online access to my own data, data that no doubt is accessible to endless data mining and the research/academic community.

  • Sounds like more jobs for the boys. Who is providing assurance that this is a good way to spend precious NHS money?

  • ZONE OF UNCOMFORTABLE DEBATE ALERT
    Much of this is admirable but there are some uncomfortable truths we need to acknowledge
    1)’the centre’ have a lamentable record at this stuff cf Care.data
    2)national is too big a diameter of trust (a possible Farage-led government to have agency over my private health data?????)
    3) we held 25 workshops with citizens and ran a YouGov poll. Result : people want agency over their health record. https://www.greatnorthcarerecord.org.uk/information-for-patients/findings-workshop-sessions/
    4) if the government wont give people control over their data then commercial suppliers will and we will lose the opportunity to establish a data donor culture within the NHS and the ability to provide the best research environment in the world.
    5)Decisions about policy are over influenced by the research/academic community and a growing data-mining industry and underinfluenced by citizens.
    6)The 100,000 genome project provides a model we should apply more widely. The secret of consent? Get consent.

    Let’s have a friendly, sensible, transparent debate and agree a sensible way forward.

  • Bang in an FOI. Question will be ignored 100% otherwise…

  • In the light of its new data policy, please could NHSX provide transparency over its collaboration with Amazon. Can NHSX confirm that no data collected by Alexa will be processed in the US, that all of the raw data collected will be made available for NHS use and that any insights derived from the data will not be used for purposes other than specifically approved and time limited. We would also like to know how the use of data collected by Alexa will be policed. The history of US tech firms and their handling of data does not inspire confidence and the billions they pay in fines won’t compensate the individual if personal medical data is misused.

    • Spot on, valid questions. Look forward to reading the response

      • Brilliant question Matthew, I am also waiting for the response in this matter as would be very interesting to know how that data has been used and policies involved and procedures followed to making sure that correct organosational and technical controls are in place hence following the privcay, GDPR and other relevant laws

Comments are closed.