Confidential data of around 150,000 NHS patients has been shared without their consent for over two years, as a result of an error in an application’s code.
The application in question, SystmOne (provided by a company called TPP), is used by several GP surgeries to share patient data across NHS services. A flaw in its code, however, meant that ‘Type 2’ objections were not sent to NHS Digital.
‘Type 2’ objections mean that the patient has opted out of sharing their health data for clinical auditing and research, and only wish to have it used to provide them with healthcare. Because the code ‘defect’ meant that these objections were not sent on to NHS Digital, the patients’ request was ignored and the data was shared in opposition to their wishes.
We take seriously our responsibility to honour citizen’s wishes and we are doing everything we can to put this right.
– Nic Fox, Director of Primary and Social Care Technology, NHS Digital
“We apologise unreservedly for this issue, which has been caused by a coding error by a GP system supplier (TPP) and means that some people’s data preferences have not been upheld when we have disseminated data,” said Nic Fox, director of primary and social care technology at NHS Digital. “The TPP coding error meant that we did not receive these preferences and so have not been able to apply them to our data. We worked swiftly to put this right and the problem has been resolved for any future data disseminations.”
“TPP and NHS Digital have worked together to resolve this problem swiftly,” said Dr John Parry, Clinical Director at TPP. “The privacy of patient data is a key priority for TPP, and we continually make improvements to our system to ensure that patients have optimum control over information. In light of this, TPP apologises unreservedly for its role in this issue.”
In a written statement, Parliamentary Under-Secretary of State for Health Jackie Doyle-Price said the error, which meant that 150,000 Type 2 objections set between March 2015 and June 2018 were ignored, was brought to the Department of Health and Social Care’s attention on June 28.
Doyle-Price said that “There is not, and has never been, any risk to patient care as a result of this error”, and that the Information Commissioner’s Office and the National Data Guardian for Health and Care have been notified.
The Government has the highest regard for data standards and is committed to ensuring patients can express a preference over how health data is shared for purposes beyond their own care.
– Jackie Doyle-Price, Parliamentary Under-Secretary of State for Health
NHS Digital says it is confident that it is now respecting all opt-outs that have been recorded in the system. It will also be contacting organisations with whom it has shared data which may have been shared without consent, and work with them to destroy the data where possible.
“We take seriously our responsibility to honour citizen’s wishes and we are doing everything we can to put this right,” said Fox. “No patient’s personal care and treatment has been affected but we will be contacting affected individuals.”
Doyle-Price also drew attention to the fact that since May 25, the Government has introduced a new system known as the ‘national data opt-out’, which replaces the Type 2 objection system and gives patients direct control over setting their preferences for the secondary use of their data, without requiring the use of GP systems. She says that this will prevent a repeat of this kind of GP system failure from occurring in future.
“The Government has the highest regard for data standards and is committed to ensuring patients can express a preference over how health data is shared for purposes beyond their own care,” said Doyle-Price.