"I'm a Caldicott Guardian!" announced my new GP proudly on my first visit to his surgery. I had just moved to Manchester to take up my responsibilities as UK Information Commissioner. It was clear that this health service professional, for one, knew a lot more about Data Protection in the NHS than I did. That was in 2009. Over the subsequent seven years, I got to learn a good deal about data protection and health as I had to deal with the misuse of patient data at all levels of the system - from local pharmacies to the health service information system itself.
Now, as Chair of Capacity - The Public Services Lab, I want to see the best possible collaboration between partners delivering health and social care services - and a larger role for local groups, charities, voluntary organisations, and social enterprises. And it's clear that data sharing, properly designed and implemented, is essential for successful innovation.
There's long been a tension between the desire to use data to improve performance in the NHS and develop new and more effective treatments, on the one hand, and concerns about privacy and the security of patients' sensitive personal information on the other. Attempts to balance the advantages and disadvantages of data initiatives haven't always convinced.
And now there is more change on the way with the General Data Protection Regulation which comes into force in the UK, and in the rest of the EU, on 25 May next year. It's not so much that the new Regulation is particularly burdensome. Rather, health and social care have a lot of catching up to do. And hoping that things will be different once the UK leaves the EU would be an illusion. Doing Data Protection properly is essential for joined-up health and social care in the 21st Century - and, particularly, if the UK expects to do business with our EU neighbours in the future.
There was widespread coverage recently of a case where things went wrong - the collaboration between the Royal Free Hospital and Google DeepMind. The Information Commissioner (ICO) found that data sharing had not been managed in accordance with data protection law. The ICO found that data could be used to help patients and still privacy could be respected; but to do that means a bit of extra thought when designing initiatives of this kind. The new GDPR rules will give patients more rights and if providers approach data in the right way everyone can benefit.
That's why Capacity - The Public Services Lab has taken the initiative in arranging a briefing event on Data Protection with the both the VCSE sector and public service commissioners in mind. It's on Tuesday 26th September from 4pm to 6.30 in Liverpool. We hope to see a good contingent of health and social care professionals there. To book your place, please follow this link. Bookings close on 15th September - so don't hang around for a second opinion!
Christopher Graham
Former Information Commissioner; Chair, Capacity – The Public Services Lab
News and blogs >
Exporting innovation and importing ideas: the North West’s visit to Ireland Read more
The spirit of innovation and international collaboration was alive, as a vibrant trade delegation representing Liverpool and Manchester combined authorities and nine health and life sciences companies visited Ireland.
Initiative brings high blood pressure under control Read more
Patients in Cheshire and Merseyside are benefiting from an innovative project to improve the management of high blood pressure (BP).
Senior leader in life sciences joins as Non-Executive Director Read more
Rory Cameron, an experienced leader in life sciences and digital health with a wealth of experience in building and scaling healthcare businesses, has joined Health Innovation North West Coast as a Non-Executive Director.
Perinatal care package continues to deliver Read more
A package of measures aimed at boosting care for preterm babies and their families continues to deliver improvements five years after its introduction.