Patient privacy under threat from NHS Digital and Home Office data sharing agreement

Last week, it transpired that NHS Digital had been sharing non-clinical patient information with the Home Office for immigration purposes. The Home Office uses both NHS Digital and The Department for Health to obtain non-clinical data, such as addresses, Date of Birth, GP details and the local GP surgery registration date.

The Home Office is capturing data to identify those who may have failed to comply with certain restrictions which allowed them to remain in the country or escape immigration control.

However, while this data may be of benefit to the Home Office for immigration purposes, it appears to be putting citizens health at risk. Clinicians believe they have a duty of care to treat whoever turns up at the doors of hospitals across the nation, no matter what their nationality or immigration status.

A charity called Doctors of the World have started a #StopSharing campaign which they state is supported by doctors and nurses across the country.

Not only are staff in the NHS concerned, the Chairwoman for the House of Commons Health Select Committee, Dr Sarah Wollaston, Conservative MP for Totnes has aired her concerns stating, “We are seriously concerned about the way NHS Digital has approached its duty to respect and promote confidentiality. Whilst we recognise the public interest in assisting on a case-by-case basis where a serious crime is being investigated, we do not agree with NHS Digital’s assertion that their current arrangements for the purpose of immigration-tracing requests constitute case-by-case data sharing”.

“There has been a failure to appreciate the wider implications of their actions for the individuals concerned, for clinicians, and for wider public health.”

The way the NHS Digital and the Home Office are using  The Memorandum of Understanding (MoU) to share data seems to be having an unfavourable social effect.  – migrant patients are too frightened to seek medical attention in the first instance and there are reports of patients passing away rather than see a GP.

The MoU allows NHS Digital to share a patient’s data with the home office if a person is known to be vulnerable (Vital Interest) or in breach of the immigration process or believed to have committed a crime (Public Interest). Ensuring protection of both the immigrants and existing UK citizens.

The problem so far appears to be that NHS digital and the Home Office have gone beyond the original scope of the MoU. The MoU did not state patient information of all immigrants should be included, only those categorised. Therefore, going forward NHS Digital should only share the data for the stated purpose in the MoU. (MoU section 3.3).

So, the question is – does this agreement undermine confidence in patient confidentiality and risk a decrease in public support for data sharing that could be to the good of society for medical research? Or, is this in the best interest of all parties and necessary for protection?

With the introduction of GDPR the NHS will need to be clearer about data processing in their privacy notices, not only will this ensure that immigrants are not negatively impacted and avoid seeking medical intervention when needed but they will be adhering to the articles of the new data protection regulation and avoid action from the ICO.

The new legislation is here to enforce the data rights of the citizen, so they can be informed, have access to, can rectify, be erased, restrict processing, object, have data portability and employ rights in relation to automated decision making and profiling of their personal data.

To be clear, there are certain situations when these rights can be overruled depending on the six lawful processing justifications. See table below:


Lawful Basis Definition of Lawful Basis Right to erasure Right to portability Right to


Consent Clear consent has been given by the customer for the organisation to process personal data for a specific purpose Yes Yes No – but right to withdraw consent
Contract Personal data processing is necessary for a contract between the organisation and the customer, or the customer has asked you to take specific steps to proceed whilst entering into a contract Yes Yes No
Legal obligation Processing is necessary to comply with the law (but not including contractual obligations – see above Contract) No No No
Vital interests The processing of personal data is necessary to protect a person’s life Yes No No
Public task Personal data needs to be processed during a task which is in the public interest or for official functions. The task or function must have a clear basis in law No No Yes
Legitimate interests Processing is necessary for an organisations legitimate interests or the legitimate interests of a third party, unless there is good reason to protect the customers personal data – which overrides those legitimate interests. (this does not apply to public authorities processing data to perform official tasks – see Public task above) Yes No Yes

We shall wait and see what happens over the coming weeks, but without doubt, any organisation needs to take steps to be transparent when it comes to the collection, storage and use of personal data entrusted to them. For a start, they must have a valid lawful basis in order to process personal data.

There are six lawful bases for processing, but no single basis is deemed as better, or more important, than another – the basis an organisation selects as the most appropriate to use will depend upon their relationship with the citizen and the purpose for processing the data.

The NHS and Home Office must adhere to this without deviation, just like the rest of us.

Downloadable version of this article