The NHS was informed by the Independent Information Governance Oversight Panel (IIGOP) that its “raising awareness” care.data leaflets sent to millions of households in the UK were “not fit for purpose” before rolling out the leaflets in a £1m project.
The IIGOP is chaired by Dame Fiona Caldicott, who has to advise Secretary of State Jeremy Hunt when she is satisfied with care.data’s proposals and safeguards in order for the programme to be given the green light to begin.
In the IIGOP’s annual report, it said that many people were suspicious of the care.data proposal to extract data from GP records and combine it with other data from hospital records. It claimed that the care.data programme planned to establish strong safeguards to prevent the disclosure of confidential personal information about individuals, but that “this was not well explained”.
The NHS then urged GPs to send out care.data leaflets using their own budgets, which doctors refused to do, meaning that the NHS had to make a U-turn and create and send out letters to households with information about the programme.
According to a Freedom of Information (FOI) request by Computing, £926,778 was allocated by the NHS to distribution company Leaflet Co Ltd for the handling of the leaflets, while £303,491 was paid to Williams Lea, a business process outsourcing (BPO) firm, which has been a managed service provider for print and print management services to central government.
But alarmingly, in the IIGOP report, the panel stated that NHS England communicated the proposal in a leaflet that was supposed to be delivered to all homes across England in January 2014, and a copy of the intended leaflet was sent to IIGOP shortly before the panel’s quarterly meeting on 9 December 2013, but that despite the leaflet not being up to scratch, the NHS wanted to send it off anyway.
“On the following day IIGOP advised NHS England that its leaflet was not fit for purpose, but was informed that it had already been sent to the printers and would not be recalled,” it stated.
The IIGOP went on to claim that when the leaflet was distributed it “raised more questions than it answered”, and that there were concerns that patients were not adequately informed about their right to refuse to allow their data to be uploaded from their GP surgery, or to restrict its subsequent use without any impact on their direct care.
It added that many people could not even recall receiving the leaflet and that there were doubts about how widely it had been distributed.
“There was also a concern that there were insufficient safeguards to stop data being disclosed outside the NHS, including the absence of a prohibition on disclosure to insurance companies,” it stated.
The IIGOP recently submitted a report to the Care.data programme board, listing 27 areas of concern and 52 question relating to the handling of patient data that it wants answered.