NHS England has made a significant change that allows external contractors, including technology firms like Palantir, broader access to patient data. This move is part of its effort to improve operational efficiency but has sparked concerns over privacy and data security. The change involves a new administrative role on the Federated Data Platform, which could make it easier for approved external staff to access sensitive information.

What the Change Means for Data Access

Previously, anyone working on the NHS data platform needed to request approval for each specific dataset they wanted to access. This process, known as Controlled Data Access, was designed to protect patient information by ensuring oversight. Now, with the new admin role, approved staff from external companies can be granted broader permissions in a single approval, bypassing some of the individual requests.

The Federated Data Platform is a large system that pulls together operational data from NHS trusts across the country. Its goal is to support planning, resource management, and patient flow. Patient data within the platform is supposed to stay protected inside a controlled environment, with only anonymized or aggregate data shared downstream. However, critics worry that this new admin role could weaken these safeguards.

Reactions and Concerns

Patients and some MPs have voiced strong opposition to the change. Labour MP Rachael Maskell called it “dangerous” and urged government officials to reconsider. Privacy advocates and groups like medConfidential argue that the shift represents a major change in how identifiable patient data is governed within NHS programs.

NHS England said the decision was approved internally and that all access remains within existing legal and safety frameworks. The agency also stated that anyone requiring access under the new system must hold security clearance and be approved by senior NHS officials. Palantir, the main contractor on the platform, has not commented on the specifics but maintains that it only processes NHS data on instructions from NHS England and does not own or commercialize the data.

This development reopens a long-standing debate over the contract awarded to Palantir in 2023. Critics have warned from the start that giving a US-based firm such broad access to NHS data could pose risks to privacy and trust. Supporters argue that the platform helps streamline operations and reduce safety risks by consolidating fragmented data systems.

The government maintains that the Federated Data Platform is essential for modernizing the NHS. They emphasize that data access is tightly controlled and subject to rigorous oversight. However, the change raises questions about how much oversight is enough, especially when it comes to sensitive health information. The impact of the admin role on privacy protections is still uncertain and has yet to be formally reviewed by regulators.

Overall, this move highlights the ongoing tension between technological efficiency and patient privacy. As NHS England continues to develop its data infrastructure, many are watching closely to see how safeguards will be maintained and whether public trust can be preserved amid increased contractor involvement.

Inspired by

• https://thenextweb.com/news/palantir-nhs-england-patient-data-access

Sources

• britannica.com
• nhs.uk