UK’s health data guardian sets a firm line for app development using patient data – gpgmail


The UK’s health data watchdog, the National Data Guardian (NDG), has published correspondence between her office and the national privacy watchdog which informed the ICO’s finding in 2017 that a data-sharing arrangement between an NHS Trust and Google-owned DeepMind broke the law.

The exchange was published following a Freedom of Information request by gpgmail.

In fall 2015 the Royal Free NHS Trust and DeepMind signed a data-sharing agreement which saw the medical records of 1.6 million people quietly passed to the AI company without patients being asked for their consent.

The scope of the data-sharing arrangement — ostensibly to develop a clinical task management app — was only brought to light by investigative journalism. That then triggered regulatory scrutiny — and the eventual finding by the ICO that there was no legal basis for the data to have been transferred in the first place.

Despite that, the app in question, Streams — which does not (currently) contain any AI but uses an NHS algorithm for detecting acute kidney injury — has continued being used in NHS hospitals.

DeepMind has also since announced it plans to transfer its health division to Google. Although — to our knowledge — no NHS trusts have yet signed new contracts for Streams with the ad giant.

In parallel with releasing her historical correspondence with the ICO, Dame Fiona Caldicott, the NDG, has written a blog post in which she articulates a clear regulatory position that the “reasonable expectations” of patients must govern non-direct care uses for people’s health data — rather than healthcare providers relying on whether doctors think developing such and such an app is a great idea.

The ICO had asked for guidance from the NDG on how to apply the common law duty of confidentiality, as part of its investigation into the Royal Free NHS Trust’s data-sharing arrangement with DeepMind for Streams.

In a subsequent audit of Streams that was a required by the regulator, the trust’s law firm, Linklaters, argued that a call on whether a duty of confidentiality has been breached should be judged from the point of view of the clinician’s conscience, rather than the patient’s reasonable expectations.

Caldicott writes that she firmly disagrees with that “key argument”.

“It is my firm view that it is the patient’s perspective that is most important when judgements are being made about the use of their confidential information. My letter to the Information Commissioner sets out my thoughts on this matter in some detail,” she says, impressing the need for healthcare innovation to respect the trust and confidence of patients and the public.

“I do champion innovative technologies and new treatments that are powered by data. The mainstreaming of emerging fields such as genomics and artificial intelligence offer much promise and will change the face of medicine for patients and health professionals immeasurably… But my belief in innovation is coupled with an equally strong belief that these advancements must be introduced in a way that respects people’s confidentiality and delivers no surprises about how their data is used. In other words, the public’s reasonable expectations must be met.”

“Patients’ reasonable expectations are the touchstone of the common law duty of confidence,” she adds. “Providers who are introducing new, data-driven technologies, or partnering with third parties to help develop and test them, have called for clearer guidance about respecting data protection and confidentiality. I intend to work with the Information Commissioner and others to improve the advice available so that innovation can be undertaken safely: in compliance with the common law and the reasonable expectations of patients.

“The National Data Guardian is currently supporting the Health Research Authority in clarifying and updating guidance on the lawful use of patient data in the development of healthcare technologies.”

We reached out to the Royal Free NHS Trust and DeepMind for comment on the NDG’s opinion. At the time of writing neither had responded.

In parallel, Bloomberg reported this week that DeepMind co-founder, Mustafa Suleyman, is currently on leave from the company. (Suleyman has since tweeted that the break is temporary and for “personal” reasons, to “recharge”, and that he’s “looking forward to being back in the saddle at DeepMind soon”.)

The AI research company recently touted what it couched as a ‘breakthrough’ in predictive healthcare — saying it had developed an AI model for predicting the same condition that the Streams app is intended to alert for. Although the model was built using US data from the Department of Veterans Affairs which skews overwhelmingly male.

As we wrote at the time, the episode underscores the potential value locked up in NHS data — which offers population-level clinical data that the NHS could use to develop AI models of its own. Indeed, a 2017 government-commissioned review of the life sciences sector called for a strategy to “capture for the UK the value in algorithms generated using NHS data”.

The UK government is also now pushing a ‘tech-first’ approach to NHS service delivery.

Earlier this month the government announced it’s rerouting £250M in public funds for the NHS to set up an artificial intelligence lab that will work to expand the use of AI technologies within the service.

Last fall health secretary, Matt Hancock, set out his tech-first vision of future healthcare provision — saying he wanted “healthtech” apps and services to support “preventative, predictive and personalised care”.

So there are certainly growing opportunities for developing digital healthcare solutions to support the UK’s National Health Service.

As well as — now — clearer regulatory guidance that app development that wants to be informed by patient data must first win the trust and confidence of the people it hopes to serve.




10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

The UK’s National Health Service is launching an AI lab – gpgmail


The UK government has announced it’s rerouting £250M (~$300M) in public funds for the country’s National Health Service (NHS) to set up an artificial intelligence lab that will work to expand the use of AI technologies within the service.

The Lab, which will sit within a new NHS unit tasked with overseeing the digitisation of the health and care system (aka: NHSX), will act as an interface for academic and industry experts, including potentially startups, encouraging research and collaboration with NHS entities (and data) — to drive health-related AI innovation and the uptake of AI-driven healthcare within the NHS. 

Last fall the then new in post health secretary, Matt Hancock, set out a tech-first vision of future healthcare provision — saying he wanted to transform NHS IT so it can accommodate “healthtech” to support “preventative, predictive and personalised care”.

In a press release announcing the AI lab, the Department of Health and Social Care suggested it would seek to tackle “some of the biggest challenges in health and care, including earlier cancer detection, new dementia treatments and more personalised care”.

Other suggested areas of focus include:

  • improving cancer screening by speeding up the results of tests, including mammograms, brain scans, eye scans and heart monitoring
  • using predictive models to better estimate future needs of beds, drugs, devices or surgeries
  • identifying which patients could be more easily treated in the community, reducing the pressure on the NHS and helping patients receive treatment closer to home
  • identifying patients most at risk of diseases such as heart disease or dementia, allowing for earlier diagnosis and cheaper, more focused, personalised prevention
  • building systems to detect people at risk of post-operative complications, infections or requiring follow-up from clinicians, improving patient safety and reducing readmission rates
  • upskilling the NHS workforce so they can use AI systems for day-to-day tasks
  • inspecting algorithms already used by the NHS to increase the standards of AI safety, making systems fairer, more robust and ensuring patient confidentiality is protected
  • automating routine admin tasks to free up clinicians so more time can be spent with patients

Google-owned UK AI specialist DeepMind has been an early mover in some of these areas — inking a partnership with a London-based NHS trust in 2015 to develop a clinical task management app called Streams that’s been rolled out to a number of NHS hospitals.

UK startup, Babylon Health, is another early mover in AI and app-based healthcare, developing a chatbot-style app for triaging primary care which it sells to the NHS. (Hancock himself is a user.)

In the case of DeepMind, the company also hoped to use the same cache of NHS data it obtained for Streams to develop an AI algorithm for earlier detection of a condition called acute kidney injury (AKI).

However the data-sharing partnership ran into trouble when concerns were raised about the legal basis for reusing patient data to develop AI. And in 2017 the UK’s data watchdog found DeepMind’s partner NHS trust had failed to obtain proper consents for the use of patients’ data.

DeepMind subsequently announced its own AI model for predicting AKI — trained on heavily skewed US patient data. It has also inked some AI research partnerships involving NHS patient data — such as this one with Moorfields Eye Hospital, aiming to build AIs to speed up predictions of degenerative eye conditions.

But an independent panel of reviewers engaged to interrogate DeepMind’s health app business raised early concerns about monopoly risks attached to NHS contracts that lock trusts to using its infrastructure for delivering digital healthcare.

Where healthcare AIs are concerned, representative clinical data is the real goldmine — and it’s the NHS that owns that.

So, provided NHSX properly manages the delivery infrastructure for future digital healthcare — to ensure systems adhere to open standards, and no single platform giant is allowed to lock others out — Hancock’s plan to open up NHS IT to the next wave of health-tech could deliver a transformative and healthy market for AI innovative that benefits startups and patients alike.

Commenting on the launch of NHSX in a statement, Hancock said: “We are on the cusp of a huge health tech revolution that could transform patient experience by making the NHS a truly predictive, preventive and personalised health and care service.

“I am determined to bring the benefits of technology to patients and staff, so the impact of our NHS Long Term Plan and this immediate, multimillion pound cash injection are felt by all. It’s part of our mission to make the NHS the best it can be.

“The experts tell us that because of our NHS and our tech talent, the UK could be the world leader in these advances in healthcare, so I’m determined to give the NHS the chance to be the world leader in saving lives through artificial intelligence and genomics.”

Simon Stevens, CEO of NHS England, added: “Carefully targeted AI is now ready for practical application in health services, and the investment announced today is another step in the right direction to help the NHS become a world leader in using these important technologies.

“In the first instance it should help personalise NHS screening and treatments for cancer, eye disease and a range of other conditions, as well as freeing up staff time, and our new NHS AI Lab will ensure the benefits of NHS data and innovation are fully harnessed for patients in this country.”


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something