The ethics of medical data records – is sharing, caring? [2/2]

Photography by Josh Rawlinson -

It is perhaps not the most common knowledge that the NHS’ records are used for research. But I would personally make the argument that this is not necessarily a bad thing. Enormities of digital data will always be used for research – whether this is wrong or right depends on its source, who handles it, how they handle it, and why they handle it.

The idea of your personal medical history being made available to a faceless lab coat might seem daunting at first – but this NHS record data isn’t managed in a personal way. The labs and companies that handle the data receive huge amounts of it. They won’t see a name and a single disease, they will see thousands of asthmatics, or hundreds of arthritis sufferers. Our modern age may champion the individual, but numbers don’t appear that way. Further still, the people using the numbers won’t see it that way.

There are times when medical data falls into the hands we would perhaps not want it in. In 2016, the NHS shared the records of 1.6 million patients with Google, apparently for kidney research in some capacity. Whilst I don’t personally approve of the NHS’ choice of researcher here, I would argue concern should be directed more at Google’s involvement in the field.

There are more examples of questionable corporations involved in medicine. 23andMe is a personal genomics company – an Amazon prime for the information in your DNA. They’re also another California giant, co-founded by Anne Wojcicki, who at the time was married to Google co-founder Sergey Brin. Its very existence begs the question: if the NHS sells data to an established university or laboratory – is this any better or worse than individuals voluntarily selling their entire DNA sequence to a private company?

I’m of the opinion that big data is safer in the hands of scientists working for the public benefit than a technology behemoth aiming for profit. Scarier still, people individually pay to have 23andMe read their DNA and tell them what’s there. For me, this is infinitely a more disturbing concept than the NHS utilising its data for further research and additional funding.

Nonetheless, the NHS does also need scrutiny. The MHRA (Medicines and Healthcare Products Regulatory Authority) is, in layman’s terms, the part of the NHS that handles said patient data for research. A Cambridge professor wrote to the MHRA to ask how it anonymises the data, and the extent of its security. You can read the extensive emails back and forth under the link below, but to summarise they stayed tight-lipped about how they handle it, claiming that to explain it to him would jeopardise the security of the data.

Ultimately, everyone has a responsibility to keep an eye out for the way any corporation, institution or business handles themselves. Not enough members of the public are aware of how easily this can be done:

  • excellently handles requests of information under the Freedom of Information Act.
  • Your local council makes the licenses of every bar, pub and gig venue within its area publicly available online.
  • There are PDFs of laws passed and yet-to-be passed on, all just a search away.

In our age of fast information, we should all make it our aim to use our power for the good of everyone.


Mentioned today in Headcandy:

NHS Data Shared with Google:


23andMe and Issues with the FDA:

Prof. Ross Anderson’s Request about Anonymisation Information:

Leave a Comment