Shutterstock

The shambles that is NHS England's Care.data patient data sharing scheme suffered another blow this week as it is revealed that patient-level data was available publicly online.

In order to see this embed, you must give consent to Social Media cookies. Open my cookie preferences. I can now tell you hospital records data on individuals released by @HSCIC in Sept 2013 was publicly available online. This is staggering. — Ben CatchYourCough Goldacre (@bengoldacre) March 3, 2014


Ben Goldacre has tweeted that Hospital Episode Statistics (HES) -- the psuedonymised data collected about patients when they visit hospital, which includes patient age, gender, ethnicity, diagnoses, operations, time waited etc -- were made available publicly in an online tool created by a mapping company called Earthware. It's not clear at this stage whether the NHS had granted Earthware direct access to HES data or whether the mapping company had acquired the data from another company that had been granted access.

The data was from as recently as September 2013, which is well after the formation of the new Health and Social Care Information Centre (HSCIC). This means that the NHS cannot shirk responsibility, which it has tried to do with regard to an earlier data breach that saw actuaries get hold of patient-level, pseudonymised data, in order to inform insurance premium pricing.

Read next Stay Alert never made sense and now we’ve got the data to prove it Stay Alert never made sense and now we’ve got the data to prove it

An HSCIC spokeswoman told us: "The link to this tool has been taken down following a request by the HSCIC. We are investigating urgently the source of the data used by Earthware UK and whether controls demanded of any organisation using data have been maintained. After this investigation we will take any necessary action."

This comes shortly after the revelation that a year's worth of Hospital Episode Statistics (HES) have been uploaded to Google's big data program BigQuery. The patient information -- which took a week to upload -- had been obtained by PA Consulting and was used to create interactive maps plotting the data. It seems to suggest that HSCIC cannot be trusted to safeguard patient data.


These breaches relate only to hospital visits. Most people visit the hospital much less frequently than they go to their GP, meaning that patient records aren't that comprehensive. However, if Care.data goes ahead, it would mean that your GP records -- a much richer dataset -- would be extracted as well. This would lead to the creation of something called "Care Episode Statistics" that would include Hospital Episode Statistics and any other data relating to social care received in the system.

These breaches fly in the face of HSCIC's own guidelines about how patient data should be treated. These include five "rules", such as "confidential information about service users or patients should be treated confidentially and respectfully". You can read the rest here.

In an attempt to reassure us, the NHS says that there will be "strict controls" on how it releases patient information under Care.data. Organisations will only be given information for "approved purposes for the benefit of health and social care and there must be a contract in place". But a contract means sweet FA if someone accidentally uploads the dataset to the public web, as has already happened.

It doesn't matter how safe data stored at HSCIC is if it's going to be treated so casually by partners approved to access it.

Phil Booth from campaign group MedConfidential told Wired.co.uk: "HES data is showing up all over the place, being used -- and misused -- by companies who don't even appear on the register of approved customers. This just confirms what we said last week to the health Select Committee, that the Information Centre is not fit for purpose and hasn't been for some time. "This policy of 'get the data out the door' and worry about consequences later -- which NHS England wants to expand to the information in everyone's GP records -- must stop now, and there must be a complete audit and transparent disclosure of every release of patient-level data before a single byte leaves HSCIC again."


If you are still confused by Care.data, don't forget to read our simple guide.

Updated 18:50 03/03/2014: This article has been updated to include comment from MedConfidential.

Updated 20:40 03/03/2014: Earthware UK has issued a statement saying the data it used was mock HES data, not real patient data.