This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
| less than a minute read

What could possibly go wrong?

Imagine if one of the household-name social media networks or search engines was found to be planning to exploit their entire consumer data set in a new way, but it was not announced, was vague about the details, and the only way to opt-out was to print and sign a paper form (that no one knows about) and send it to a local office? I suspect there would be a dramatic regulatory intervention (more colourful language comes to mind). 

But, as reported in the FT article below, that appears to be what the UK's National Health Service is planning. And even if the reporting isn't fully accurate, that is because the plans are not transparent. This should be seen as a cautionary tale for any business with a large customer dataset. Planning your strategy to monetise data starts with privacy by design and building trust.  

England’s NHS is preparing to scrape the medical histories of 55m patients, including sensitive information on mental and sexual health, criminal records and abuse, into a database it will share with third parties. The data collection project, which is the first of its kind, has caused an uproar among privacy campaigners, who say it is “legally problematic”, especially as patients only have a few weeks to opt out of the plan. NHS Digital, which runs the health service’s IT systems, confirmed the plan to pool together medical records from every patient in England who is registered with a GP clinic into a single lake that will be available to academic and commercial third parties for research and planning purposes.


regulation, cybersecurity, privacy, data, digital

Related Insights