Guest post by Dr Tony Calland, Joint Vice Chair, Health Research Authority (HRA) Confidentiality Advisory Group. This blog post was originally published by the Nuffield Council on Bioethics and it is based on the talk Dr Calland gave at the launch of the Council’s report: The collection, linking and use of data in biomedical research and health care: ethical issues.
The UK is very fortunate to have a well constructed digital medical record system covering all of the 60 million citizens in these islands.
The computerised GP record holds many treasures, some yet undiscovered, recognising new associations between medical conditions or events which will enhance our understanding of disease and treatment.The Hospital Episodes Statistics (HES) database similarly holds a wealth of information. The power that can be generated by linking just these two is very considerable indeed, let alone linkage between many other databases, medical and non medical.
The value of this is twofold: it offers the ability to develop medical advances in diagnosis, treatment and innovation, as well as creating a huge commercial opportunity to increase the wealth of the country hopefully for the benefit of all.
However, to be able to utilise this national resource our communications and ethical governance need to be developed much further than currently, and move at the same speed as developments in medical science and computing technology.
Some members of the public will be aware of the use of medical records, the power of data linkage and the value of the pseudonymised medical record. However, the general understanding of the law, the protections applied to data and the process of information governance is poor, so there is a need for clear information and a public debate about what is and what is not acceptable to the data donors – that is the patients, or you and me.
The difficulty is that the media debates tend to be sensational, ill informed, sometimes misleading and generally immature, but until the public understand the benefits and the risks of data sharing and linkage then trust will remain at risk.
As the Nuffield Council on Bioethics’ report repeatedly highlights: trust and transparency are vitally important in securing the cooperation of the public.
The recent care.data incident highlights the ethical dilemma and the balance needed between maintaining the confidentiality of individual medical data and the substantial public benefit that can be achieved from the proper use of the data.
Care.data proposed linking GP records to HES data to follow the patient on their journey through the health system. As a GP, one of the frustrations I encountered was that once a patient had returned from an episode of hospital care, for instance a joint replacement, they became invisible to the hospital system and the success or not of their treatment consisted in getting out alive and not returning within 30 days. The fact that their joint replacement meant they still could not walk properly months later was too often ignored by outcome statistics. Better use of data when available in the appropriate format can inform clinicians and start to address this problem.
However, care.data failed to articulate purpose and process clearly enough or widely enough at the outset leading to a perceived lack of transparency which lost the trust of the data controllers, the GPs, and then the patients or public.
Informing the public, or “fair processing” remains an essential element of any proposals for the use of identifiable data. The world has changed from the days of the enactment of the Data Protection Act when a notice on a wall or a line in the patient leaflet would suffice.
Often the public perceive the level of risk as greater than the facts would acknowledge. But the episodes of data loss or breached data security which are headline news have, not unreasonably, made the public wary of government or big commerce initiatives to use identifiable data. If transparency, purpose and process are explicit at the outset of a project many of these perceived anxieties can be ameliorated.
Therefore, trust and transparency must underpin technological change rather than having technology so far ahead that trust and transparency are struggling to catch up.
The report makes a similar point about the law, which frequently has to follow technological change, in that compliance with the law alone will be insufficient to create or maintain trust. Ethical process and behaviour must run alongside the law and be seen to do so.
The protections must also keep up with technological change and scrutiny by groups such as the Health Research Authority Confidentiality Advisory Group (CAG), which must be continually aware of developments when they consider applications. The world inhabited by the Patient Information Advisory Group (PIAG), the predecessor of CAG, in 2002 was very different to the one today. Although many of the principles still apply, it is the scale and complexity of some of the management applications that give CAG members the most food for thought. Future proofing decisions requires constant reflection and up-dating.
It is not only the power of computing, data linkage and use of complex algorithms that cause difficulty. The science of the genome increases the complexity because such advances can affect not just the individual in significant ways but also entire families. This further highlights the need for transparency, honesty and trust so that individuals remain on board to allow their data to be used.
This increased complexity highlights another problem concerning one of the foundation stones of ethical process – the use of informed consent. The speed of change, development of unforeseen outcomes can make an episode of consent seem inappropriate and outdated a short time in the future. The report highlights the limitations of one off consent and makes the point that, like with the law, ethical behaviour has to accompany consent.
It is up to government, the research and governance communities, and data users to ensure that we take the public along with us to ensure they better understand the need for their data, the protections to their data and the outcomes from the use of their data so that they have confidence in the use and protections of their data.
The report clearly demonstrates that in this changing world there is no room for complacency, or thinking that existing protections are sufficient. In many ways, individual and mass communication has never been easier. The power of these technologies must be harnessed to keep the public on board and ensure that research continues to be seen to have the highest ethical principles underpinning its future.