In terms of health data, the UK really does hold the world’s crown jewels: a ‘longitudinal’ data-set, tracking a patient’s health record from cradle to grave. Multiply this by 60 million people from a diverse population group and you have a rich data-set for AI technology to tap into. This technology could produce algorithms that have the potential to transform the ways medical conditions are diagnosed and treated, and make more efficient use of NHS resources. But this potential cannot realistically be harnessed without investment from private organisations, and controlling their data access presents new challenges for the NHS and the government.

On 5 September, and without fanfare, the Department of Health & Social Care issued a code of conduct for data-driven health and care technology setting out, in part, 10 key principles for safe and effective digital innovations. At present, the code is purely voluntary and technology providers are invited, but not required, to sign-up to the principles.

Interestingly, one of these principles relates to defining a commercial strategy, including: the scope of the arrangement; duration; value; compliance with laws; IP ownership; liability; transparency/QA/audit; bias; NHS value-add; and roles. As recently reported in The Times, companies using NHS patient records will have to show that commercial gains are shared fairly with the NHS (and, by extension, the UK taxpayers). This is interesting territory, and the Code isn’t prescriptive about what this fair share approach might look like. However, this guidance might be on the horizon as the DoH is also conducting a formal review of the regulatory framework and commercial models used in technology partnerships. One of the aims of this review is to provide commercial support for Trusts that want to partner with industry. One hopes that they will ultimately produce some model agreements too, similar to the Lambert Toolkit (model agreements for collaborations between UK universities and industry).

But there is the nagging issue of public trust. A recent KPMG survey shows that, while the British public is generally supportive of the NHS using their personal data to improve its service, there is considerable mistrust around access by private organisations in view of data privacy and security concerns. This was one of the issues debated on 6 September in the House of Lords (click here for transcript), and members seemed to agree this is the beginning of a journey that will likely require setting a national strategy for accessing health data.