1 of 16

Kent Medway and Sussex Secure Data Environment �Elizabeth Ford�Brighton and Sussex Medical School

2 of 16

History of NHS patient data initiatives in the UK

In 1987 the VAMP Research Databank was set up - "Value Added Medical Products” - of GP electronic patient records.

1993 it transitioned to be called General Practice Research Database (GPRD) and was taken over by the department of health in 1994.

In 2012 it became known as CPRD, and by this time other GP databases were set up: THIN, QResearch, RCGP Research and Surveillance Centre (RSC), etc.

These were a significant resource for epidemiological and drug safety research, providing access to anonymized patient data from general practices in the UK

But only around 8% of GP practices contributed.

In 2012 with the Cameron government, the 2012 Health and Social Care Act was passed, and the Health and Social Care Information Centre (HSCIC) was formed.

.

3 of 16

Care.data

The care.data initiative, planned by the Department of Health and Social Care (DHSC), and run by the HSCIC, in 2013/2014, aimed to:

Centralize Patient Data: extract and link patient data from ALL GP records and hospital records into one national, central database.
The goal was to make this linked data available for planning NHS services, research, and improving healthcare delivery.
Data Usage: The data was intended to be used by researchers, medical charities, and organizations that support the NHS.
There were provisions for patients to opt out if they did not want their data to be included.

4 of 16

Care.data received a lot of coverage in the press, mainly negative.
Criticism was about the communication plans with the public, who were not given enough information to make an informed decision to opt out.
GPs turned against the scheme because they felt they would be violating the common law duty of confidentiality to their patients, if the patients were not well informed.
First care.data was postponed in 2014, and then it was scrapped.

5 of 16

2021: GPDPR

In 2018 the “National Data Opt Out” was launched – patients can opt out of data sharing online.

In 2021 the successor to care.data was launched: GP Data for Planning and Research (GPDPR)

After pressure from campaigners, it was postponed and then scrapped in September 2021.

Medconfidential: “The way forward is quite simple: tell people the truth, do what you say you will do, and show that you’ve done it.”

MedConfidential (a pressure group) identified the following problems with GPDPR:

lack of proactive communication with both GPs and the public (‘fair processing’);
the amount and types of sensitive data that would be extracted;
the purposes for which the extracted data would be used; clearly not just ‘Research and Planning’;
the legal bases for processing, and the way in which GPs would be required to surrender their patients’ data;
problems with the Data Provision Notice, and the absence of a (mandatory) Data Protection Impact Assessment;
the copying (‘dissemination’) of data to third parties, and transparency around that;
the broken consent / dissent processes that patients were (not) being offered.

6 of 16

Mandate for change in use of data to drive improvement in NHS

7 of 16

Now: An interoperable network of SDEs

Genomics data assets

Granular | Agile | Multi-modal Real-time | Connected to services | Data controller buy-in

REGIONAL SECURE DATA ENVIRONMENTS

High-value | Enhanced with linkage | �Advanced compute

BESPOKE AND DONATED DATABANKS

Interoperability

Sub National SDE System

High-level | Coverage | Curated Concierge service | NHS DigiTrials

NATIONAL CURATED DATASETS AND TRIAL DATA

Disease Registries

NHS Digital

Hospital Care

National SDE

Example data assets

8 of 16

Focus on Sub-National Secure Data Environments

Stage 1: Business case and Planning: Funding to develop 11 sub-national SDEs across England

Stage 2: Operational network of separate SDEs

Collaborations on public engagement and outreach

Stage 3: Fully federated network of SDEs act as a single, NHS-wide, world leading innovation engine with a comprehensive

service wrapper

”one front door”

Around 5m population scale
Multi-modal – different data types and sources
De-identified
Near-real time data
Linkage between services and sources

Aim: common approaches to

information governance
access approvals,
data standards/models,
de-id/pseudonymisation
commercial principles

To be run by local NHS organisations, building out from existing research-focused infrastructure

We are here

9 of 16

10 of 16

Developing Data Assets

Kent

Sussex

KERNEL Integrated Dataset (linked, coded data from all NHS providers + wider determinants

SID: Sussex Integrated Dataset (linked, coded data from all NHS providers + social care)

CRIS: unstructured clinic notes from mental healthcare processed by AKRIVIA

Host free-text clinical data securely in a safe-haven

Apply AI analytics to structure clinical information for analysis

Present structured data back to NHS trust analysts for audit and research

11 of 16

12 of 16

What will be new about the SDE network for researchers?

One application form, external analysts welcome
One set of training and IG criteria for applicants to meet
Ambition: One log-in to all environments

One front door for access

Patient privacy and security ensured by data controllers
Data held locally – not sent to central repository.

Data held securely by each ICB

Ambition: Enough interoperability between environments that analysts can write one set of code that can be sent to multiple datasets and analyse in parallel.

Federated approach to collaborative/comparative analyses

13 of 16

What resources are available to get me started?

14 of 16

https://www.sussex.ics.nhs.uk/our-work/our-priorities/digital/kent-medway-and-sussex-secure-data-environment-for-research/

15 of 16

www.bsms.ac.uk/arcdatahub

16 of 16

Thank you – Questions?

Contact me:

e.m.ford@bsms.ac.uk

https://www.bsms.ac.uk/dr-elizabeth-ford

https://www.bsms.ac.uk/arcdatahub