On this page:
Discovery East LondonLatest Discovery East London news
The East London NHS Discovery programme aims to complement and enhance the existing systems across the East London Health and Care Partnership geography. It does not replace them and has four main aims:
- To predict, anticipate or inform individual health needs from algorithms running in real time (or as near as possible) and to deliver the insight gained directly into the patient’s record across the whole of their pathway, whether in primary or secondary care or elsewhere, thus creating the opportunity to improve or prevent adverse outcomes.
- To expand the existing primary care informatics driven population health programme in east London, led by the Clinical Effectiveness Group (CEG) at Queen Mary University of London, to all health and care sectors.
- To enable the real time reporting on programmes by providers and commissioners supporting clinical improvement and new payment mechanisms. This would involve reporting on a depersonalised or identifiable cut of the clinical data, as appropriate.
- To use data by third parties (commissioners, public health, and academics) to support research, development and planning, whether on consented identifiable data, or the depersonalised dataset. East London would thus become a research-enabled community.
The programme is governed through a formal programme architecture:
Project access to data
Access to and use of data by third parties not for the direct clinical benefit of a consented patient is a complex topic, reviewed in 2016 by Dame Caldicott, National Data Guardian for Health and Care. It is a requirement within the East London Discovery Programme to contribute to the establishment of a method of accrediting third parties for data access. In part, we have drawn on the experience of other large data repositories including those held by the Farr Institute, the Office of National statistics, UK Biobank and the UK Data Service. We have a firmly-established set of data sharing rules independent of supplier models to enable patient and population data sharing and have successfully used these to rules to control access to data for analysis.
We have a tiered system with access for organisations contributing data, as well access by third party users such as university researchers and industry. We review applications to use the data against a set of criteria to achieve project objectives, to clearly articulate and measure public benefit and to ensure the ethical robustness of applications.
Data Access Team (DAT)
Discovery East London operates as a platform within the QMUL Clinical Effectiveness Group (CEG) and therefore operates under its auspices to support improvement in direct clinical care across the East London system and research and development programmes agreed by CEG. CEG has an agreed role as trusted broker – not only will any agreed research comply with ethical and legal requirements, but it will not provide information for commercial advantage, for example, commercial marketing of drugs, devices or other products. East London Discovery also operates within this framework and the CEG acts as the first phase of data access review when considering proposals to run algorithms or analysis on the data held within the Discovery Data Service.
Data Advisory Group (DAG)
The initial phase of data access review is then supported by a broader local Clinical and Expert Advisory Group, advising the Discovery Board on uses of data from a local expert perspective. This Advisory Group’s membership includes all relevant local expert stakeholders and be designed to effectively inform the Discovery Programme Board on both matters of science as well as the specific views of the Discovery Data Controllers.
Applications to access data
Applications to access data within the East London NHS Discovery resource for specific purposes go through the following process. These processes are still at an early stage of implementation and some of this framework will be tested by more complex applications once the data set is fully in place:
GDPR & Consent
The East London NHS Discovery programme processes data in line with the expectations of the new General Data Protection Regulations (GDPR) which came into force on 25th May 2018, replacing the previous 1995 data protection directive, which current UK law is based upon. There is a consensus growing that with the advent of GDPR providers should not be using consent as the legal basis for processing and sharing data under data protection legislation.
The ICO (Information Commissioners Office) is clear that consent is not the ideal basis because:
Particular consent may not be adequate to satisfy the condition for processing (especially if the individual might have had no real choice about giving it), and even a valid consent may be withdrawn in some circumstances. For these reasons an organisation should not rely exclusively on consent to legitimise its processing. In our view it is better to concentrate on making sure that you treat individuals fairly rather than on obtaining consent in isolation. Consent is the first in the list of conditions for processing set out in the Act (GDPR), but each condition provides an equally valid basis for processing personal data.
There are alternatives to using consent in GDPR that support the sharing of data for individual’s care across health and social care (schedule 2 reasons). These are:
- Compliance with a legal obligation: if you are required by UK or EU law to process the data for a particular purpose, you can.
- A public task: if you need to process personal data to carry out your official functions or a task in the public interest – and you have a legal basis for the processing under UK law – you can. If you are a UK public authority, our view is that this is likely to give you a lawful basis for many if not all of your activities.
Health data is regarded under GDPR as sensitive data and a schedule 3 reason needs to be relied on here - Necessary for medical purposes.
There is also a duty to share information included in the Health and Social Care (Safety and Quality) Act 2015 as our legal basis for sharing qualified by a statement that this may be overridden where an individual has objected or is likely to object to that sharing. So, our programme seeks to inform patients that this is what we are doing and not seeking their consent to do it but also respecting their decision to object to sharing.
Dame Fiona added her principle 7 in 2013, which became enshrined in the Health and Social Care Act 2015 as the duty to share. This Principle 7 states that “The duty to share information can be as important as the duty to protect patient confidentiality”. This principle helps to support health and social care professionals to give them the confidence to share information in the best interests of their patients and GDPR strengthens this.
However, none of the changes in data protection law affect the common law duty of confidentiality, which still remains in place. Here implied (rather than explicit) consent can be relied on if patients are aware that sharing is taking place and do not object.
For more information, see East London Health & Care Partnership - Fair Processing and GDPR.