(no title)
fweespee_ch | 9 years ago
> "All necessary safeguards would be in place to ensure protection of patients' details - the data will be anonymised and the process will be carefully and robustly regulated.
> "Proper regulation and essential safeguards need to be in place when it comes to patients data," he said. "It cannot be done in a way where essential rules are threatened."
The legality of these data sharing laws start off with public promises of anonymization, robust regulation, safeguards, and privacy.
https://www.england.nhs.uk/2014/01/geraint-lewis/
> Amber data are where we remove each patient’s identifiers (their date of birth, postcode, and so on) and replace them with a meaningless pseudonym that bears no relationship to their “real world” identity. Amber data are essential for tracking how individuals interact with the different parts of the NHS and social care over time. For example, using amber data we can see how the NHS cares for cohorts of patients who are admitted repeatedly to hospital but who seldom visit their GP. In theory, a determined analyst could attempt to re-identify individuals within amber data by linking them to other data sets. For this reason, we never publish amber data. Instead, amber data are only made available under a legal contract to approved analysts for approved purposes. The contract stipulates how the data must be stored and protected, and how the data must be destroyed afterwards. Any attempt to re-identify an individual is strictly prohibited and there is a range of criminal and civil penalties for any infringements.
The problem with psuedonymous data is the NHS basically admits it can be used to identify people given sufficient effort.
---
That is why people are "astonished" by these decisions. The politician provides the initial promises that imply anonymity, the implementation doesn't provide true anonymity but provides criminal penalties for pulling off the mask, and then the data is handed to enough 3rd parties if such data is leaked its likely impossible to know by whom unless the data was tampered with to provide a per-contract identifier.
I understand this specific decision did not involve a politician but the conversation was why people are surprised. How many people do you think really know the anonymity originally promised became a permeable pseudonym?
DanBC|9 years ago
This Google thing has fuck all to do with care.data - they're totally separate.
I understand "the" NHS is complex, but it's pretty frustrating talking to someone who has very strong opinions and who clearly doesn't know what they're talking about.
It's really weird to link to a document that talks about the severe legal penalties for anyone who attempts to de-anonymise the data, and then use that to say "look how flimsy these agreements are!", especially when the document you link to has a BOLD lead saying that things are even stricter in the newer document.
> The politician provides the initial promises
Again, not a politician. Chief data officer at NHS England, and a real doctor. http://www.nuffieldtrust.org.uk/about/our-people/dr-geraint-...
> The problem with psuedonymous data is the NHS basically admits it can be used to identify people given sufficient effort.
It's trivially easy for Google to do this already without the NHS data, and they don't face prison time for doing it. See all the pregnant teens outed by supermarket loyalty cards for other examples.
fweespee_ch|9 years ago
And how many members of the general population do you think are aware of this?
> I understand "the" NHS is complex, but it's pretty frustrating talking to someone who has very strong opinions and who clearly doesn't know what they're talking about.
It probably has something to do with the fact you are completely missing the point I'm discussing rather than the strength of my opinions.
aub3bhat|9 years ago
It seems you have disagreement with the system adopted by NHS and several others worldwide. This has nothing to do with Google or Politicians. The system emerged from decades of research and understanding of compromise between the need to protect privacy and advancement of medical research. You are free to suggest alternatives over current system. I have studied this problem for last five years and there isn't a simple solution.
fweespee_ch|9 years ago
2) You asked why they were astonished. Well, #1 is why. Most people don't have the time/energy/desire to study the implementation details on every facet of their lives.