Another post from one of my NHS insiders, this time on the new NHS Central Database – which has disturbing connections as to what will happen to your private GP Data.

This also pairs well with my recent video:

You can also find more information here:


Dear Mr Bloom,

You may remember me as one of your “NHS insiders”. There’s something of a scandal about to happen with GP data being merged in a central database and access being sold. The deadline for opt-out is 23/06. [Editors Note: This has been now pushed back to August].

I think as many people as possible need to know about this and how to opt-out.

I’m quite willing to give you my views as a healthcare professional who has promised people about the sanctity of their personal information if you might find them useful or informative.

I suspect it’s the kind of thing your audience would find very important. 


On the subject of the new NHS Central database. Let’s not beat around the bush – there are some real advantages to this system. Having streamlined access to GP records, bloods, etc and potentially expanding this to x-rays and so on. Huge, it is huge and brings the NHS research capabilities into the late 1990s. Imagine when we can expand this to diagnostics such as X-rays where machines can look at the data in detail we simply can not and identify that a small change in brightness on a chest X-ray is associated with a cancer diagnosis a year down the line. Or that a cluster of subtle blood changes are associated with a heart attack in 10 years time. This would be huge and would push us into preventative medicine with drugs companies having to join in by offering drugs to prevent, not treat disease.

The NHS / Government (henceforth referred to as “They” or “Them”) have said this change is just a development of the existing access system and is there to “build on” and “improve” data collection systems. So that means more data collected more efficiently and made available to more people more easily. They have said it’s nothing to worry about and just a standardisation of legacy systems, blah, blah, bollocks. They have said it has been developed in conjunction with GPs and doctors. Guess what doesn’t happen if you’ve planned and discussed this with doctors / GPs? They don’t write an open letter from the BMA / RCGP jointly expressing their distaste at how the goalposts on information sharing have been moved and the public have not been informed.

Let’s be clear. When I did my training for my research post / information governance it was made clear that the information belongs to the patient. It was made exceptionally clear that we must ask for informed consent from patients involved in research, tell them what data is being collected and how it will be used. Any change in this must be cleared by ethics and the patient re-consented. If I chang ed the scope, access, storage and collection methods of data and didn’t actively consent the patients involved, I’d lose my job and my career. This is one rule for them and another for professionals.

This apparently includes mental and sexual health records. If I’ve been to the clap clinic (and many people have, often in times of horrific personal tragedy), I don’t particularly want those forms where I have to detail my sexual preferences, what holes I have explored or have had explored, and in what context, being made available to anyone. I don’t care how anonymous it is. If they want to pass on those records, they can bloody well ask.

Another thing to consider is who might be getting access to this data. There is apparently a contractual obligation to not de-anonymise this data. Let’s bear in mind it is designed to be only pseudo-anonymised and therefore identifiable on the level of the individual. Shall we consider Cambridge Analytica and how companies will breach contracts if the profit is seen to exceed the risk? Let us then take a trip into Information Theory.

Background here – a “bit” of data is technical (it is derived from a binary logarithm using the probability of a fact about the person being true or false) but really can be seen as data currency. A certain number of bits of data are required in order to identify an individual and each piece of information has a “value” in bits. To identify a single person in the world, you need 32-33 bits of information about that person. For the UK population, it’s 26. So, the question is; what kind of data from medical records could you acquire from both that and, say, a social media dataset acquired from Farcebook or the Twatter? Let’s say you’re a 59 year old male (that’s 7.5 bits), from Leeds (that’s 3 bits) and we know your job (assumptions are made here but that’s gooood data and about 13.55 bits) – we are at 24.05 bits and more than 90% of the way to identifying you. We just need one more piece of information that is common to both your social media (or any of the other many ways of monitoring you in the modern world with smartphones, search history logging and email that reads your text) and medical records. That could be your eye colour (2.64 bits) or that you have cancer (4.52 bits). It could be your spouse being listed as your next of kin and wife on Farcebook, LinkedIn or identified by Google tracking your phones and seeing they sleep together. The government may be trying to enter the 21st century in their data collection and analysis department, but their understanding of how modern data scientists work and how people can be readily identified from few characteristics leaves much to be desired.

They say this data isn’t to be used for insurance purposes. For now. But does that stop the companies doing an analysis which is then incorporated into insurance databases? Stopping the data being used directly for a purpose doesn’t mean it won’t be used indirectly. Obfuscation is a talent not unique to insurance companies and we have all been on the receiving end. Once they have this data on their centralised computers, they can do what they like. The GPs have been the guardians of your personal data and GPs have been personally responsible for ensuring it is used correctly. Now, it’ll be put in the hands of a faceless bureaucracy and the rules could be changed at any time. Maybe they’ll let police have access for the purposes of firearms certificates, excluding the GP and their knowledge of the patient from the process? I can imagine a few livelihoods would be ruined there. Maybe they’ll move on to insurers because driving is dangerous? Who else might they give your information to in order for them to judge you based on it and no medical opinion?

Consider, if you will, the number of forms you have signed for the NHS. Consider the confidentiality disclaimer on there. Usually this says data is to be shared when required for your care with other healthcare professionals and used for audit. This is not audit, it is data packaged for sale. If I want to do research, I have to contact the patients I want to include and get permission. I have promised to patients that what they tell me is confidential, I don’t care about it except where it pertains to their care and it won’t be shared outside of the health professionals involved in their care. This government is making a liar of me.

I also wonder if this will go the way of the COVID database, where it appears the track and trace may be useable by the police for the detection of offences. I won’t have that app on my phone and I would rather trust small businesses (my pub landlord) with my data knowing they won’t decide “ooh, we could use it for this!” and will bin it when they’re done. Another consideration is the security of such data. It all being on a central system and then given out to unknown parties exposes that data, in its readily identifiable form, to compromise.

That they are trying to slip this through means they know it’s morally reprehensible. I’ve opted out, advised my family to do so and I’d recommend anyone who values their privacy to do so also. My recommendation to the government is definitely to do this. BUT we must ensure data security and as a result I would charge not for datasets but for data analysis. The NHS should hold the data and charge to run the analytics for companies. Then we can get our big-data benefits (to some degree, there will be limitations) but with the security and integrity of our most intimate and personal histories remaining intact. The company gets the analysis from which personally identifiable data is removed.

If you were at college and found a story on a wall in the staff room about how you’d shagged Penny and her mate Farthing, exchanged STDs between all of you and you had woken up to find your genitals crusted to your pants by exudate… Even if it was anonymised you’d not be happy. Because from the details, everyone would know it was you. That it didn’t have your name on it does not excuse the release to anyone, staff or no, and everyone still knows your intimate personal secrets. They could argue it’s for the benefit of the staff to know about your behaviour to help you, but they simply don’t need that level of detail. This is just the same. We need to remember we live in the 21st century where data on everyone is available. The protections here are inadequate and there is scant information available for patients as well as GPs who are now legally obliged to hand over the data.

The search term to find out how to opt out is “type one opt out”. This should provide a PDF which you can print and fill in or email to your GP. Apparently you can do this also via the NHS app. Remember that if you do not do it by the 23rd  of June, you can not revoke consent (GDPR?? I thought it was my data and I could demand they deleted it?? Patients can usually revoke consent to be involved in research at any time!) so if you say no after the deadline, you’ll only stop further data about you being sent. I have emailed my MP and had nothing back. I’m livid about this both as a patient who has handed over deeply personal information about myself in good faith, and a professional who feels he may have duped patients into handing over their information to my care and have had the right to control it as agreed taken from me.

The government should stop this, reconsider and open it up to public debate. If we’re going to centralise health information for sale and research, fine, but the public need to be properly informed. I read the BBC news article on this and found no answers to my questions but did find a link to a Guardian article on the subject…. From the BBC news website. What are we paying for if the BBC must use secondary sources on a subject of national importance and interest?