We use cookies to allow us and selected partners to improve your experience and our advertising. By continuing to browse you consent to our use of cookies. You can understand more and change your cookies preferences here.

NHS health data sharing: what you need to know about your medical data and GPDPR

Almost half (45%) of adults in England are unaware of plans for their medical records to be shared with a new NHS database, Which? research has found.

NHS health data sharing: what you need to know about your medical data and GPDPR

In May this year, NHS Digital launched its plan for sharing medical data from GP records in England, but it wasn’t widely communicated and the start date has now been held off until key criteria are met.

When we surveyed nearly 1,700 people in England about the scheme earlier this month, only 55% had heard of it and 71% of them said that the NHS didn’t publicise it well.

Of those who hadn’t heard of the scheme, 40% said that they would now want to opt out having been made aware of it.

It shows that a lot of people are potentially being left in the dark about something they want to have a say in.

Read on to learn more about what kind of information will be shared and with whom, what it might be used for and what the process is for opting out if you want to.


Which? health news – see our latest stories on face masks, medicines, and personal care


What is the GPDPR scheme?

The General Practice Data for Planning and Research (GPDPR) is a scheme whereby GP surgeries in England would automatically upload and share the medical records of every patient in England to an NHS Digital platform, unless the person has opted out.

The original opt-out date was 23 June, but a campaign supported by medical professionals and MPs got this delayed, and the scheme is now being held off further so that public awareness can be increased and privacy safeguards worked on.

The delay is due in large part to the fact that the scheme hasn’t been well publicised, which our research has shown is a big issue.

NHS Digital has now said that it won’t start collecting data until public awareness of the programme has been increased.

It also said that two other key criteria need to be met: the ability for people to opt out or back in after the scheme starts, with existing data being deleted, and the development of a secure platform for researchers to use so that data stays within a protected digital environment.

What medical data is being shared?

Your medical record includes details of your physical, mental and sexual health, as well as wide-ranging data, including appointments, symptoms, observations, referrals, diagnoses, test results, medications, allergies and immunisations.

It also includes your sex, ethnicity and sexual orientaiton.

All of the above data would be shared under the GPDPR scheme.

What won’t be collected?

NHS Digital won’t collect patients’ names or addresses. Other identifying data is encoded (see more on that below).

It also won’t collect written notes, such as the details of conversations with doctors and nurses, images, letters or documents, or data that is more than 10 years old.

Some data isn’t legally allowed to be shared by GPs, and this won’t be collected. This includes certain information about IVF treatment or gender-reassignment surgery.

Why is my medical data being collected?

NHS Digital says that this new service will help to support the planning and commissioning of health and care services. This includes:

  • The development of health and care policy
  • Public health monitoring and interventions
  • Enabling many different areas of research, from analysing the long-term impact of Covid, identifying and addressing healthcare inequalities, and developing treatments or cures for serious illnesses.

The data that NHS Digital collects will only be used for health and care purposes – it won’t be shared with marketing or insurance companies.

It’s worth noting that medical data can already be used to further scientific research without this scheme.

People can still choose to contribute to medical research for specific projects, and the UK’s data protection laws already enable access to data when needed for research and scientific purposes.

Who will be able to access my medical data?

NHS Digital lists the organisations who may get access to the data, which are ‘included but not limited to’:

  • The Department of Health and Social Care, and its executive agencies, including Public Health England and other government departments
  • NHS England and NHS Improvement
  • Primary care networks (local networks between GPs and community, mental health, social care, pharmacy, hospital and voluntary services), clinical commissioning groups (which are groups of GP surgeries by area) and integrated care organisations (groups of health and care providers in an area)
  • Local authorities
  • Research organisations, including universities, charities, clinical research organisations that run clinical trials and pharmaceutical companies.

The list is obviously broad and not exhaustive – and we think that the final bullet point, in particular, could be open to interpretation.

Another recent Which? survey about health and wellbeing apps found that about 53% of people would be comfortable sharing their health data with public health bodies, but only 31% feel the same about it going to private companies that are developing health products and services.

So it’s important that NHS Digital makes it really clear what the case will be here.

NHS Digital told us that it’s hard to narrow down the list as it’s primarily interested in the reason given for accessing the data, rather than the type of organisation that makes the request.

It said that it will only ever give bodies access to the data if they want it for healthcare planning and research processes, and that it will publish the details of anyone who accesses the data.

Requests will be fed through an independent review panel and GP advisory group before they’re approved.

Will my medical data be anonymous?

The data isn’t completely anonymised but it is pseudonymised.

This means any data that could directly identify you, for example your NHS number, GP patient number, full postcode and date of birth, is all replaced with unique codes, which are produced by de-identification software before the data is shared with NHS Digital.

NHS Digital says that this means no one will be able to identify you from the data.

But it does note that it will be able to use the software to decode the data in certain circumstances and where there is a valid legal reason (such as participating in a clinical trial).

This should mean that in most cases, consent from the patient would be needed, but this hasn’t been clearly stated.

It’s also important to know that you could still be identified from pseudonymised data.

Studies have shown that it can only take three pieces of anonymous data to identify someone personally, so it’s not completely iron-clad.

This isn’t necessarily cause for concern, but we think that people should be armed with this knowledge.

Do I have to share my medical data?

Again, medical data can already be shared legally, under data protection laws in the UK. It’s also necessary for healthcare professionals to use your medical data for your own personal medical care.

But you can opt out of this new scheme if you want. Opting out of the scheme doesn’t prevent your medical data being used:

  • When required by law
  • When you have given consent
  • When there is an overriding public interest
  • When information that can identify you is removed (so it can be used for research and planning)
  • When there is a specific exclusion (such as official national statistics).

These are all covered by the UK GDPR (General Data Protection Regulation), so your data can still contribute to medical research, for example, if you’re opted out of the new scheme.

How do I opt out of medical data collection?

There are two ways you can opt out of the scheme.

NHS Digital has now said that people will have the ability to opt out of the scheme even after it’s started, in which case your data will be deleted even if it’s already been uploaded.

You can also opt back in after it’s started.

A third of the respondents in our survey said that they found it difficult to opt out. NHS Digital told us that it was working on making the opt-out process simpler and reviewing the user journey, particularly for Type 1 opt-outs.

Type 1 opt out

To register for a Type 1 opt out, you have to fill out a form and email or post it to your GP.

Type 1 opt-outs have been around since 2013, and if you already registered a Type 1 opt out back then, it will still be in place for this scheme and your data won’t be collected.

However, NHS Digital says the Type 1 opt out might be discontinued in the future and replaced with a new process (below) – so if you’re wanting to opt out, it’s best to do this as well.

National Data opt-out

This is the main way to opt out of sharing your data under the new GPDPR scheme.

It’s done through an online form, where you complete a few basic details (name, date of birth and NHS number) and are then sent a security code via text or email.

It’s then just a matter of selecting yes or no to the data-sharing scheme.

You can also opt out via phone, email or letter.

Better communication needed on data sharing

Whether or not people decide to opt out of this new data-sharing scheme – both are valid options – it’s vitally important that they’re able to make an informed decision.

NHS Digital and the government didn’t initially publicise the scheme or opt-out deadline anywhere other than the NHS Digital webpage, and posters in some GP surgeries, which many of us haven’t visited in person due to Covid restrictions.

Our research shows that the delay to the scheme to facilitate better communication and transparency is much needed.

A lack of transparency around the scheme has the potential to impact people’s trust in the NHS – 42% of the people we surveyed said that hearing about it through our survey had made them trust the NHS less.

Half of the respondents in our survey had only heard about it via the news or social media.

Many of the respondents in our survey expressed fears that their sensitive data would be sold off to private companies, even though NHS Digital says the data won’t be sold.

We therefore think it’s reasonable to expect better and clearer communication from NHS Digital and the government, so people can understand exactly how their data will be used and whether they want that or not.

NHS Digital says that ‘any arrangements agreed by NHS organisations should be transparent and clearly communicated in order to support public trust and confidence in the NHS and wider government data policies’.

If transparency and clear communications are key, the GPDPR has gotten off to a false start – but with the announcement of a delay and NHS Digital’s new criteria, there’s still time for this to change.

Rocio Concha, Which? director of policy and advocacy, said:

‘The coronavirus crisis has thrown into sharp relief the opportunity for health data to be used in ways that benefit patients and society in general. However, it’s really important to engage the public effectively on how their data is going to be used and the governance of data sharing with third parties.

‘NHS Digital and the government are right to delay implementation of the GPDPR scheme and must now go to greater lengths to engage the public, raise awareness of the scheme, and increase people’s understanding of it through better communication and transparency.’

NHS Digital said:

‘Data is already being collected from GPs and has previously been used to better understand and develop cures for all types of serious illnesses, and plan the most effective services for the NHS. During the pandemic, it’s been used to support the vaccine roll-out and develop lifesaving treatments for coronavirus.

‘We know we need to take people with us on this mission, which is why we have committed to putting even tougher protections and safeguards in place, and stepping up communications through a public information campaign before the new programme begins.

‘Data is only shared where there is a clear benefit to healthcare planning and research, this benefits all of us. But it’s only as good as the data it’s based upon, which is why it’s absolutely vital that people make an informed decision about whether to share their data.’


* NHS Digital also commented that the respondents to the Which? survey were not made aware of the existing ways in which the NHS collects and uses data, nor of the safeguards in the new system for collecting this data, including that the whole GP records aren’t shared, that any data would be de-identified before it leaves the GP surgery, data won’t leave the Trusted Research Environment, and that there is rigorous independent oversight from the Independent Group Advising on the Release of Data (IGARD) and from the GP Profession Advisory Group.

Back to top
Back to top