Read Bill Ministerial Extracts
(6 years, 11 months ago)
Commons Chamber Object.
Bill to be read a Second time on Friday 11 May 2018.
HEALTH AND SOCIAL CARE (NATIONAL DATA GUARDIAN) BILL
Bill read a Second time; to stand committed to a Public Bill Committee (Standing Order No. 63).
TYRES (BUSES AND COACHES) BILL
Motion made, That the Bill be now read a Second time.
A splendid day—my birthday.
JUDICIAL APPOINTMENTS AND RETIREMENTS (AGE LIMITS) BILL
Motion made, That the Bill be now read a Second time.
The hon. Member for Christchurch (Mr Chope) will be a very busy bee on that day, in addition to all the others.
REPRESENTATION OF THE PEOPLE (YOUNG PEOPLE’S ENFRANCHISEMENT AND EDUCATION) BILL
Resumption of adjourned debate on Question (3 November), That the Bill be now read a Second time.
Object.
Debate to be resumed on Friday 11 May 2018.
VOTER REGISTRATION (NO. 2) BILL
Motion made, That the Bill be now read a Second time.
A very important day, Sir: your birthday next year.
I am glad that the hon. Gentleman shares my sense of the day’s importance—the view will not be universal.
Bill to be read a Second time on Friday 19 January 2018.
(6 years, 6 months ago)
Commons ChamberI beg to move,
That, for the purposes of any Act resulting from the Health and Social Care (National Data Guardian) Bill, it is expedient to authorise the payment out of money provided by Parliament of any expenditure incurred under the Act by the Secretary of State.
I pay tribute to my hon. Friend the Member for Wellingborough (Mr Bone) for bringing forward this important Bill. I once again confirm the Government’s support for and commitment to it and our desire to see it succeed.
I was going to let the shadow Minister come in first, Mr Bone.
Thank you, Mr Deputy Speaker. I am sure that we can hang on for a couple more minutes before hearing the contribution of the hon. Member for Wellingborough (Mr Bone).
There is well-recorded Labour support for the Bill. The use of data has the potential to improve every aspect of the NHS by, for instance, transforming the way in which we diagnose illnesses such as cancer, and improving the patient experience by ensuring that every clinician at every stage has access to the complete picture. However, as we know from experience, the use of data in the NHS can be controversial, with high levels of suspicion among patients.
That suspicion is not unfounded. Official figures show that more than 100,000 patients were caught up in NHS data blunders in 2016-17. The number of serious data incidents has doubled in a year, and now, on average, there is one every three weeks. Last year it emerged that NHS Shared Business Services had failed to deliver just under 709,000 letters from hospitals to GPs’ surgeries, and that the correspondence had been left in an unknown warehouse. Those examples show the importance of effective, modern data protection laws with robust safeguards, which are central to securing the public’s trust and confidence in the use of personal information within the NHS. The establishment of a state-backed national data guardian for health and social care is one of the ways in which we can improve practice across the NHS and increase public confidence.
That said, the Government have fallen a long way short of their data aspirations. All hospitals and GPs were expected to be able to access GP records by 2014, and by 2015 patients were expected to be able to see all their own records online. We are some way from that, but the direction of travel is clear, which is why the Bill is so important.
The need for a data guardian is obvious, and we will support the motion, but it would be remiss of me not to mention that we are discussing a money resolution for the 94th Bill presented in the current Session. By an amazing coincidence, we have already heard extensively today from my hon. Friend the Member for Manchester, Gorton (Afzal Khan) about his Bill, which was the ninth to be presented but for which there has still been no money resolution. Do we know why that is?
It cannot be right for the Government to decide when to accept the will of the House, or whether to accept it at all. Money resolutions have historically been formalities, introduced as a matter of course after Second Readings, but now we see Ministers picking and choosing when to listen to the sovereign body of this country. The Government are defying the will of the House and overstretching their executive power in the service of their own electoral interests. Nothing in this debate will change that, but one day they will be sitting on these Benches again, and they may come to regret having played so fast and loose with Parliament.
I am grateful to the shadow Minister, the hon. Member for Ellesmere Port and Neston (Justin Madders), for what he has said about the Bill. I completely understand his closing remarks, and I will try to deal with that dilemma later. It is very strange that a money resolution should be proposed for Bill No. 94 before one has been proposed for Bill No. 9. I also thank the excellent Minister—I think that we may be meeting tomorrow to discuss the Bill—for introducing the motion.
We had a long debate earlier today, which was technically about money resolutions following Second Readings. It was not particularly concerned with the Parliamentary Constituencies (Amendment) Bill, but Members became carried away on that subject. What we should be doing tonight is deciding whether the expenditure for my Bill justifies a money resolution, but I can understand why Opposition Members—and, perhaps, some Conservative Members—feel that we should not pass the motion because it would leapfrog a Bill on which there was a substantive debate in the House and a very large vote. My Bill was given a Second Reading only because of the widespread support that it had attracted; there was no debate on it whatsoever. I therefore find myself in something of a dilemma over what course I should recommend to Members later.
Let me, however, explain what the Bill is about. The role of health and social care national data guardian has already been established, but the Bill would put it on a statutory footing. I thought that the need for a money resolution was a little arguable, as the Government were already paying for the same services, but the excellent advice from the Clerks was that we did need one, and the amount of money involved is reasonably substantial.
I am grateful for what my hon. Friend said because I am, as he knows, one of the supporters of his Bill, so I am very grateful that we have got to this stage, too. It is said that the cost will be approximately £700,000. Does my hon. Friend think that is a fair estimate, or does he have a different view of the cost of the Bill?
I am grateful for my hon. Friend’s intervention, but I would like to deal with that later in my remarks.
There is the following deferred Divisions motion on the Order Paper in the name of the Prime Minister:
“That, at this day’s sitting, Standing Order No. 41A (Deferred divisions) shall not apply to the Motion in the name of Mel Stride relating to the Health and Social Care (National Data Guardian) Bill.”
That is interesting because under Standing Order No. 49 automatically there has to be a debate of up to 45 minutes on a money resolution, so I am not sure why that motion is on the Order Paper. The new version of Standing Orders published on 1 May is in the Vote Office today, and consideration of such a resolution automatically can go through the moment of interruption.
We have just allowed a money resolution to go through on the nod in relation to the Tenant Fees Bill and I think the sums involved are much higher than £700,000, yet under Standing Orders we were not allowed any separate debate on that. Can my hon. Friend explain why his Bill for £700,000 has 45 minutes but a much more expensive Bill has nothing?
I do not think we need to consider that.
Mr Deputy Speaker, I wanted to get credit for the fact that some years ago I got the House to accept that in Second Reading debates we can deal with the money resolution; that is perhaps my only achievement in Parliament. But it is right that if the money resolution does not follow Second Reading immediately there has to be a 45-minute debate, and the Department of Health and Social Care estimate of the cost is £700,000.
No, the Department has estimated that these costs will be approximately £700,000 per year, so actually I suppose they could exceed that. To me, that is quite a lot of money. We have to make sure we know what we are doing tonight and I will leave it to Members to decide.
It is only fair to say that I can understand why Members might want to oppose this money resolution. It is not necessarily because they are against this Bill, but it does stop the Parliamentary Constituencies (Amendment) Bill having much chance of making progress. That is because on certain Fridays private Members’ Bills have priority if they have come out of Committee, and if we pass the money resolution on my Bill tonight I will probably take 26 October while another Bill that has already gone through will take the November slot; there are no more dates available for private Members’ Bills. I can therefore understand why Members might want to vote against this money resolution tonight, and if they did, I would respect that.
Is my hon. Friend saying that if we vote for this money resolution this evening, the Parliamentary Constituencies (Amendment) Bill of an Opposition Member would not be able to proceed?
That is exactly what I am saying, because it would come on as a second Bill and therefore, as it is quite a complex Bill, would not get through. I think that some people who may have been involved in rearranging when money resolutions come through—this new idea of having a choice in relation to money resolutions—were aware of that fact, but I am not sure that everyone in this House was. I considered standing up and recommending that Members should not support this money resolution. However, if I did that, I would be playing into the Government’s hands, because that would stop a private Member’s Bill.
My hon. Friend seems to be saying—in his typically generous way—that, for the greater good, he would be prepared to make a short-term sacrifice in respect of his own Bill. From the debate that took place earlier today, we know that one way of avoiding the problem that he encounters by having to have a money resolution debated and voted on in the House tonight would be to have a Bill without a money resolution. When he drafted his Bill, did he consider whether it would be possible to draft it in such a way that it would not require any more public money?
Absolutely. There was much discussion with the Clerks of the House on that point. As my hon. Friend knows, that money has already been expended on the system that we have. My Bill is actually not going to cost the public purse any more money than at present. I argued strongly that my Bill should not have a money resolution, but the Clerks persuaded me that it was the proper thing to do. I think they felt that, on balance, it was safer to do it like this.
I did not think I would be speaking about a money resolution for my Bill. I did not think that anyone would spend any time on this matter. What normally happens—[Interruption.] No, I think we need to scrutinise this properly—
Order. There is someone else who wishes to speak as well.
Well, what I am trying to say is that, yes, there is £700,000 of expenditure but we are already paying £700,000 so I am not actually asking for any more money.
I also have a gripe about the time it has taken to get this money resolution here. I am not going to thank the Government for doing this, because I think that that is wrong. This should happen automatically. It is weeks and weeks since the Parliamentary Constituencies (Amendment) Bill had its Second Reading, and that was on exactly the same day that my Bill had its Second Reading. Mine was afterwards. I think there is something a little bit shifty here. I know that other Members want to speak, so let me just say that I want a money resolution and I want my Bill to move forward, but I will quite understand if the House divides tonight as a matter of principle.
What a pleasure it is to follow the hon. Member for Wellingborough (Mr Bone), with whom I am pleased to serve on the Procedure Committee. I will not take up too much of the House’s time tonight, as I have a further lengthy speech to write for a Public Bill Committee on Wednesday morning, but I was rather shocked when I saw this money resolution on the Order Paper, not least because the House spent time debating a similar matter at length this afternoon, as we set out, on a cross-party basis, the need for a money resolution for the Parliamentary Constituencies (Amendment) Bill, which was passed unanimously by the House of Commons.
I presume that most Conservative Members have other engagements and cannot be here now, but they spent a huge amount of time this afternoon talking about the importance of money resolutions when committing public money and expenditure. This debate started at 9.44 pm and I think that the hon. Member for Wellingborough has been the only Conservative Member who has stood up to speak on this money resolution, which commits to spending £700,000 of public money. Conservative Members tell us on a regular basis that it is important to have lots of scrutiny when the Government are committing to using taxpayers’ money. Tonight, however, we have heard from the hon. Member for Wellingborough, whose Bill got its Second Reading on the nod, without debate, whereas hon. Members including me came here on a Friday from our constituencies to debate the Parliamentary Constituencies (Amendment) Bill. We spent some four hours doing that, and the Bill was passed. It is the ninth Bill of the Session, whereas this Bill from the hon. Member for Wellingborough is No. 94, so we face the rather bizarre spectacle tonight of a Bill that was ninety-fourth jumping over the Bill of the hon. Member for Manchester, Gorton (Afzal Khan) and, indeed, the laudable Bill of my hon. Friend the Member for Na h-Eileanan an Iar (Angus Brendan MacNeil) that relates to child refugees. Once again, we see this Government playing party politics with private Members’ legislation.
Proceedings interrupted (Standing Order No. 9(3)).
Motion made, and Question put forthwith (Standing Order No. 41A(3)),
That, at this day’s sitting, Standing Order No. 41A (Deferred divisions) shall not apply to the Motion in the name of Mel Stride relating to the Health and Social Care (National Data Guardian) Bill.—(Amanda Milling.)
Question put and agreed to.
Debate resumed.
Main Question again proposed.
What a pleasure it is to take the House past 10 o’clock this evening.
It is quite interesting that schedule 1(15) to the Bill states:
“The Secretary of State must pay to the Data Guardian such sums as the Secretary of State considers appropriate for the purpose of enabling the Data Guardian to perform his or her functions.”
In addition, the motion we are discussing is not cumbersome and states:
“That, for the purposes of any Act resulting from the Health and Social Care (National Data Guardian) Bill, it is expedient to authorise the payment out of money provided by Parliament of any expenditure incurred under the Act by the Secretary of State.”
It would therefore not be a lot of work for the Government to bring forward a money resolution for the Parliamentary Constituencies (Amendment) Bill, too. Given that it has been easy tonight, I look forward the money resolution being passed for the Bill of the hon. Member for Wellingborough.
I thank you, Mr Deputy Speaker, for allowing us to debate this motion up to the maximum of 45 minutes. I was disappointed when it was introduced, however, because there was not much detail. We have heard about the approximate sum of £700,000 a year, but paragraph 47 of the Bill’s explanatory notes states:
“The Bill may result in some implementation costs for the bodies and individuals required to have regard to the Data Guardian’s published guidance, in that they will need to review and assess the relevance of the guidance.”
When the Minister comes to respond to this short debate, I hope that she will explain how many of those bodies and individuals are actually funded out of the public purse, and therefore to what extent additional costs will be incurred for the Exchequer in addition to the approximate £700,000 per annum.
I do not know whether the Opposition will call a Division, which they can do following the decision that deferred Divisions shall not apply to this motion this evening, but if they are really keen to move forward with the Bill that they were complaining about this afternoon, which has not yet received a money resolution, they should be using every available procedural device available to them to promote that cause. One is sometimes left with the feeling that there is a bit of gesturing here and that people do not have their heart in it, so I want to see the Opposition’s heart reflected in votes in this House, rather than in just mere words. Having said that, some important points have been made, and I hope that the Minister will respond to them.
Question put and agreed to.
(6 years, 5 months ago)
Public Bill CommitteesI do not anticipate that the sitting will be lengthy, but may I remind Members to turn off electronic devices or put them on silent? Also, tea and coffee are not allowed during the sittings; no one is transgressing, but it is felt that there is a need for such announcements.
Resolved,
That, if proceedings on the Health and Social Care (National Data Guardian) Bill are not completed at this day’s sitting, the Committee shall meet on Wednesdays while the House is sitting at 9.25 am.—(Mr Bone.)
Ordered,
That the Bill be considered in the following order, namely, Clause 1, Schedule 1, Clause 2, Clause 3, Schedule 2, Clauses 4 to 6, new Clauses, new Schedules, remaining proceedings on the Bill.—(Mr Bone.)
Clause 1
National Data Guardian for Health and Social Care
Question proposed, That the clause stand part of the Bill.
With this it will be convenient to consider that schedule 1 be the First schedule to the Bill.
It is a great pleasure to serve under your chairmanship, Dame Cheryl. I welcome the Minister and shadow Minister to the Committee.
The purpose of the Bill is to put on to a statutory footing the office of the National Data Guardian for Health and Social Care, and to promote the provision of advice and guidance about the processing of health and adult social care data in England. It would be remiss of me not to mention the work of my hon. Friend the Member for Bury St Edmunds (Jo Churchill): she has worked hard for a long time to establish the position of the National Data Guardian for Health and Social Care, and her perseverance and tenacity have ensured that we are on track to deliver it.
I thank the Minister and shadow Minister for their help and support with the Bill—and special thanks, of course, go to Dame Fiona Caldicott, who has pioneered the work on ensuring that the NHS handles data properly. She has been very helpful to me in the preparation of the Bill.
Clause 1 creates the Office of the National Data Guardian for Health and Social Care, referred to in the Bill as the “Data Guardian”. It makes general provisions about the Data Guardian’s functions and the way in which they are to be carried out. Subsection (2) empowers the Data Guardian to publish guidance about the processing of health and adult social care data in England. I should like to make it clear that it also covers public health data.
Subsection (3) imposes a duty on certain organisations and individuals to have regard to the National Data Guardian’s published guidance. Comment has been made as to why the Secretary of State is not included in the list. However, the Department of Health and Social Care is already included in the definition of those who have to have regard to the National Data Guardian’s advice, so it would be superfluous to include the Secretary of State.
Subsections (4), (5) and (6) cover requirements in relation to the Data Guardian’s published guidance. Those subsections are intended to keep the guidance relevant over time and, if necessary, updated to reflect new evidence. It has been suggested that subsection (5) should add an obligation that organisations and individuals that process health and social care data should provide the Data Guardian with appropriate information. I argue that that would create a duplication of the remit of regulators that already exist in those sectors. The Data Guardian’s role is as an advocate for the patient and the public, to build and maintain public trust. The role is as much about supporting individuals and organisations to get it right first time as it is about commenting, advising and providing guidance. It is not the intention of this Bill to create another regulator, but that the National Data Guardian should work with the Information Commissioner’s Office and the Care Quality Commission.
It has also been suggested that subsection (6) should add a duty that all data controllers and their data processors must publish their response to all advice issued. That would be extremely burdensome on those organisations and individuals, and it would be toothless without sanctions. Accountability should be assessed through actions, not written responses; the existing regulators would be able to assess the adherence to guidance and would cite the National Data Guardian during any investigation.
Clause 1(7) allows the Data Guardian to give informal advice, assistance and information to anyone, as long as it is about or relates to the processing of health and adult social care data in England. Clause 1(8) gives the Data Guardian flexibility in how far any particular piece of advice, assistance, information or guidance may be extended. The effect is to clarify that the Data Guardian can publish guidance and give advice on specific topics or themes, and can target it to certain organisations, individuals or sectors as appropriate. Clause 1(9) provides that the duty to have regard to the Data Guardian’s published guidance applies only in so far as the guidance is relevant to the functions or services of the body or person.
Clause 1(10) introduces schedule 1 to the Bill. As clause 1 and schedule 1 are being debated together, I will make some brief comments on schedule 1. The schedule makes further provision for the establishment, maintenance and operation of the Office of the Data Guardian. It sets out the Data Guardian’s terms of appointment and covers a broad range of matters related to the Office of the Data Guardian. It includes its constitution, its financial and reporting framework, and how members of staff and advisers are reported and remunerated. I draw the Committee’s attention to paragraph 15 of schedule 1, which provides that the Secretary of State must pay to the Data Guardian the amount that he considers appropriate for the purpose of enabling the Data Guardian to carry out his or her functions.
The Committee will be aware that there was some debate about the cost during the money resolution debate. I thank hon. Members who are here today and those who took part in the debate. I want to make clear that, although the estimated cost is £725,000 per year, that is only an additional £225,000 per year and relates to putting the Data Guardian on a statutory footing. As the Committee will know, there is already a Data Guardian, which costs £500,000; we are just putting this on a statutory footing and saying it is the right thing to do.
I congratulate my hon. Friend on having got his Bill so far. On the costs, the Data Guardian will basically be indemnified for the costs incurred, yet I see that the Data Guardian will have enormous flexibility to publish and give as much guidance or advice as they wish. Surely the Data Guardian could, by giving a lot more advice and guidance over which there is no control, result in significantly increased costs for the public sector?
I am grateful for my hon. Friend’s intervention and the fact that he is on the Committee; I know that all Committees welcome his membership.
The reason why we have a Data Guardian is to provide safeguarding and to make sure that the data is handled properly. Those costs can only be estimated; as my hon. Friend says, they could be more or less, depending on the requirements. That is exactly why we need a guardian. I would like the costs to be minimal, because that means that we are handling the guardian properly. But if there needs to be more, because there is a requirement to do more, there will be more cost.
Does my hon. Friend know of any case where a regulator given powers by Parliament has chosen to reduce the amount of powers that are used? Surely, the natural thing is for regulators to increase their activity, using the powers to the maximum and thereby increasing the costs.
I agree, but what we are not doing today is creating a regulator; I would not be likely to propose a Bill to create a regulator. The Data Guardian already exists and it is not a regulator—I specifically said that in my opening remarks. Although it is probably true that regulators do that, that is not what I expect to happen with the National Data Guardian.
It is a pleasure, as always, to serve under your chairmanship, Dame Cheryl. I congratulate the hon. Member for Wellingborough on his notable success in getting the Bill to this stage, and I thank him for his candour during the debate on the money resolution and for his acknowledgment of his good fortune in getting the Bill to this stage ahead of others.
As I mentioned when we debated the money resolution of the Bill, Labour Members welcome the decision to put the National Data Guardian for Health and Social Care on a statutory footing. On that basis, we agree with the thrust of the Bill. I am sure that colleagues will be relieved that I do not intend to speak for too long, but I have one or two comments and observations about clause 1—and about clause 2, which we will discuss a little later. I hope that the Minister will be able to respond to the points made by the hon. Member for Wellingborough, some of which I was going to make anyway.
I mentioned when the money resolution was debated that although the use of data has the potential to improve our health services and treatments beyond recognition, we know from past experience that use of data in the NHS and in wider society can prove controversial and carries high levels of suspicion among patients. We hope that the establishment of the Data Guardian on a statutory footing can give patients confidence that their medical information will be treated in the correct manner. I note from the comments of the hon. Member for Wellingborough that there seems to be an omission from clause 1 as it stands, as there does not seem to be an opportunity for the National Data Guardian to give advice to the Secretary of State himself, although he considers that duty to be covered elsewhere and that such as an addition would be superfluous.
There seems to be a discrepancy that leaves the Data Guardian in an inferior position to either the existing Confidentiality Advisory Group or the Health Research Authority. I would be grateful to know if that was the intention of the legislation. The power to appoint the Data Guardian rests entirely with the Secretary of State, seemingly without any qualification. Is it envisaged that the Health Committee might get an opportunity to comment on such appointments? Recent appointments in the health sector have proven controversial, so it would be appropriate for the Select Committee to comment.
Our second query relates to public health commissioned through local authorities. Given the heavy use of data in public health, it is surprising that that does not seem to be covered by the Bill. Given all the public health activity undertaken by non-public bodies in recent years, I would welcome comments from the Minister and from the hon. Member for Wellingborough about whether the Bill is intended to cover health in the broader sense.
There is also a query about other forms of data that are more directly within the NHS, such as the cancer registry, which resides in Public Health England. It uses data collected by the NHS that could affect the direct care of patients. I would welcome confirmation of whether the Data Guardian is intended to cover that data, too.
The hon. Member for Wellingborough touched on clause 1 (6), which I would like to explore in a little more detail. Labour Members might have expected it to include an obligation for data controllers not only to have regard to advice, but to publish their response to that advice. That expectation is not unrealistic, given that the responses to question 5 of the Government’s consultation were overwhelmingly supportive of such a provision.
In question 5 of the consultation, the Government propose that
“organisations holding health and care data which could be used to identify individuals should be required to publish all materials demonstrating how they have responded to advice from the national data guardian.”
In their response to the consultation, the Government said:
“Responses were supportive of the proposal that the national data guardian should be given formal advice giving powers.”
That would certainly provide reassurances that the National Data Guardian will have real authority and act as an independent voice for patients, but without such statutory backing it is foreseeable that its independence and authority could be undermined. Without a requirement for organisations that receive advice to provide evidence of their response in a way that can be easily disseminated, there is no way we can be sure that the Data Guardian will be effective in doing the important job required by the Bill.
Members will recognise that the requirement for bodies to “have regard” to advice does not always mean that they take action in respect of that advice. An obvious example of that is, of course, the National Institute for Health and Care Excellence guidelines, which we know CCGs often ignore—seemingly with total impunity. I am sure Members do not want a repeat of that with this Bill, so I ask the hon. Gentleman and the Minister to respond on that point in a little more detail. I take the point that providing such responses might be burdensome on authorities controlling data, but I do not think that that cuts the mustard, given our concern about whether this measure will give the Data Guardian sufficient authority and teeth to deal with the issues under discussion.
My final point on clause 1 relates to data sharing and the lack of a positive obligation for bodies to provide that information. For the National Data Guardian to take a view on a particular data issue, it must first know that there is an issue on which to take a view—an unknown unknown, as we say. Could we have a published register of data sharing arrangements to which NHS bodies could sign up and submit a copy of their agreements? That would provide the Data Guardian with a single point of reference from which it could note any new agreements outwith the norm; that is exactly what the Government committed to doing with the current public service delivery data sharing codes of practice currently laid before Parliament.
There is a danger that the Data Guardian will become involved only after an issue has already reached the public’s attention, and possibly after an inappropriate use of data that might already have affected thousands of patients. A positive obligation to shared data arrangements with the Data Guardian might reduce the risk of such an eventuality. I look forward to hearing from the Minister and the hon. Gentleman on those points.
For the sake of our protocols, I should say that I had arranged for the windows to be opened because it is rather warm in this Committee room, but I am perfectly happy if people wish to remove their jackets.
Thank you, Dame Cheryl. I want to raise two small points. The first is slightly to tease the hon. Member for Wellingborough: I cannot imagine another Bill making its way through the House of Commons and the House of Lords about which he would be so casual when it came to the amount it might eventually cost. I normally think of him as the most robust challenger of any public expenditure, but I note that in the order of magnitude he is drifting by about 50%. When there is a Labour Government, I look forward to him applying exactly the same logic to all Labour legislation.
It is a pleasure to serve under your chairmanship, Dame Cheryl, and an absolute pleasure to respond to the Bill of my hon. Friend the Member for Wellingborough. I congratulate him on bringing this important reform forward and thank him for working so constructively with the Government to put the National Data Guardian on a statutory footing.
This is an important reform. As the shadow Minister mentioned, the public are rightly concerned about information and data that is held on them and the extent to which that is shared. The new National Data Guardian will do much to reassure people that the environment in which data is held and managed is one that respects their privacy, while at the same time ensuring that appropriate safeguarding can be achieved. Given the culture that exists within our health services, the comfort with which organisations can respond to the advice given by the National Data Guardian will make for a much more effective system to support the public.
I confirm the Government’s support for and commitment to the Bill. We very much wish it to succeed. We see real benefits to all individuals in ensuring that we share health and care data in a safe, secure and legal way. The Bill will go a long way to increasing public trust in the appropriate and effective use of health and care data. The National Data Guardian has already established herself as an independent and authoritative voice for the patient and service user in how their data is used in the health and adult social care system.
Let me address some of the points that have been raised. Clearly, my hon. Friends will be concerned about the potential costs, as we would be as Conservatives. The estimates we have established as a result of the impact assessment provide for some extra expenditure, and that is for additional staffing so that the published guidance has a legal status—that will be a natural outcome of putting the Data Guardian on a legal footing. There will be some additional costs, and we have been generous in our estimates for them.
The shadow Minister asked a number of questions about other agencies that might be covered by the Bill, and as my hon. Friend the Member for Wellingborough said, the Bill as drafted covers public health. Provisions in the Bill will extend to local authority functions with respect to adult social care, but not to children because they are covered by a different legal framework.
The hon. Member for Rhondda raised some good points to which we could ask the National Data Guardian to have regard. He is right to say that we as Members of Parliament often take up health and social care issues on behalf of our constituents, and nothing is intended to get in the way of that. Indeed, it could be helpful to us if the National Data Guardian gave instructions to those bodies about their obligation to be open and transparent. I am sure that the hon. Gentleman, and other hon. Members, have often found that the spirit of openness that we expect when we challenge something is not always respected. In that culture of openness, and with respect for privacy and safety, we support the Bill.
I am grateful for the support from the Minister and the shadow Minister, and I wish to pick up on a couple of points. The appointment will be down to the Secretary of State, but I absolutely expect it to go to the Health and Social Care Committee—I think that is understood. A point was raised about advice and having written reports on what is being done, but the argument against that is that we want to see action. There is some confusion—the Data Guardian is not a regulator, and therefore that is not its role. All organisations are covered by a regulator and will take into account what the National Data Guardian says. That is why I do not think that such a provision would work.
I understand what the hon. Gentleman is saying, but it was clear in the Government consultation, and the response to it, that there was an intention for the body to have a few more teeth. Why did that change course?
The problem is that we could easily say that we need to have a regulator, but that is not what the Data Guardian does. We do not want to come along afterwards and say what has gone wrong; we want to get this right at the beginning and work with the different holders of data. It is a different approach. The comparison I think of is when I was involved with combating modern-day slavery. We now have a commissioner for that whose job is not to regulate but to expose and say what is going well or badly, and that helps. There could be pressure on an organisation—for instance, if it gets really bad publicity it will do something about it, but equally the commissioner will show where things are going well. We do not want to move towards a regulator or have lots of enforcement powers because that is totally different to what we have already established with Dame Fiona. Each hospital has a Caldicott guardian in it, so we are basically putting something that works on a statutory footing for the future.
I am pleased by the conversion of the hon. Member for Rhondda to concerns about cost, and I shall remind him of that if there is ever a Labour Government in future—
Well, I am sure there will be a Labour Government sometime in the next century.
The hon. Gentleman makes a very important point about MPs and data provided by our constituents. Although I do not think it is particularly relevant to this, I do think all Members are wrestling with what the new regulations mean. Medical practitioners have to hold information for a very long time. I have very detailed medical information from some of my constituents, and serious issues might arise if we were forced to destroy such information. Perhaps the National Data Guardian could give some advice on that point. I get very frustrated when I have to deal with the local hospital, if I do not get a consent form. That is clearly a delaying factor and definitely needs to be cleared up.
Question put and agreed to.
Clause 1 accordingly ordered to stand part of the Bill.
Schedule 1 agreed to.
Clause 2
Interpretation
Question proposed, That the clause stand part of the Bill.
We have dealt with the heart of the Bill in clause 1. The subsequent clauses, while important, are not so detailed.
The purpose of clause 2 is to define some of the important terms used in clause 1. For instance, subsection (3) defines “adult social care”. I would clarify that children’s social care data, as has already been mentioned, is not within the scope of the Bill. It is covered via a different legislative framework and that framework has safeguards in place to protect children’s social care data from inappropriate use.
I would also point out that clause 2(7) provides that “processing” has the same meaning as given in section 1(1) of the Data Protection Act 1998. That definition has been used as it is a broad definition that captures a whole range of activity involving data, including obtaining, holding, recording, using and sharing.
I wish to raise a point on the exclusion of children’s data. I appreciate that hon. Members have referred to it already, but we are slightly concerned that although children’s data may be covered elsewhere, the guardian does not have any ability to write to bodies in that respect. It is perfectly reasonable for that to be included; indeed, I think it was included in the original Bill as drafted. We see it as a safety net, rather than an added complication.
I confirm that the Government support the clause. On the point about children, it is our interpretation that the provisions do not prevent the National Data Guardian from engaging constructively with the Department for Education on adult social care data and its interaction with or effect on children’s data. Clearly, this is something we will monitor, but, bearing in mind that the whole ethos behind the creation of the National Data Guardian is to spread good practice and make representations rather than regulations, the concern that the hon. Gentleman has expressed is important, but we do not think it will get in the way of sensible engagement.
Will the Minister clarify what she understands from clause 2(5)? It states:
“‘The health service’ means the health service continued under section 1(1) of the National Health Service Act 2006.”
That obviously includes ambulance services, but does it include those provided by St John Ambulance?
If I may, I will come back to the hon. Gentleman on that point. I would say that it would not, but I will confirm in due course.
The shadow Minister makes a fair point, which goes to the heart of a problem that I have found in the past—that children are looked after by the Department for Education and not the health service. When I dealt with modern-day slavery, I came across exactly the same problem. What the shadow Minister said should be heard loud and clear by the Department for Education.
Question put and agreed to.
Clause 2 accordingly ordered to stand part of the Bill.
With this it will be convenient to discuss that schedule 2 be the Second schedule to the Bill.
The clause introduces amendments to other legislation as a consequence of the Bill. Schedule 2 lists five Acts to be altered, following parliamentary counsel’s advice. Those are the Public Records Act 1958, the Parliamentary Commissioner Act 1967, the House of Commons Disqualification Act 1975, the Freedom of Information Act 2000 and the Equality Act 2010.
Why is the hon. Gentleman so keen on disqualifying a Member of the House of Commons from being the Data Guardian?
The consequential amendments introduced are typical for setting up such a body. The Government are content with the clause, as drafted.
Question put and agreed to.
Clause 3 accordingly ordered to stand part of the Bill.
Schedule 2 agreed to.
Clause 4
Extent
Question proposed, That the clause stand part of the Bill.
The clause sets out the Bill’s territorial extent. The Bill extends to England and Wales only. The Committee will note that clause 1 provides for the Data Guardian to publish guidance and give advice, information and assistance, but that applies only to the processing of health and social care data in England. However, in regard to application, the provisions extend to England and Wales but apply only to England. The provisions do not extend or apply to Scotland or Northern Ireland. I hope that is perfectly clear.
Well no, it is not really. In fact, it is a little bit worse than that. We return to clause 2(5), which says:
“‘The health service’ means the health service continued under section 1(1) of the National Health Service Act 2006”,
but that Act states:
“The Secretary of State must continue the promotion in England of a comprehensive health service”
and so on. I therefore do not understand why the Bill extends to England and Wales. Will the provision will have any relevance whatever in Wales? If not, I do not know why it says that it does.
In regard to application, the provisions extend to England and Wales but apply only to England. I have to confess that my knowledge of devolution arrangements is perhaps not as good as it should be, but our view is that the Bill applies only to England. Although the provisions could extend to England and Wales, it would be within the competence of the National Assembly for Wales to appoint a guardian and make such arrangements. That said, the National Data Guardian is an advisory role—it is not a reserved power under devolution arrangements—and as is common in the operation of the health systems in all four nations, I would expect that the advice and guidance given by the National Data Guardian would be heard and, when appropriate, acted on by the health services in the other nations.
My understanding when preparing for the Committee was that it would apply to England only. I think that is what the Minister has confirmed. Certainly in my part of the world there is quite a lot of movement of patients both ways between England and Wales, because we are quite close to the Welsh border. Can the Minister explain what will happen to patient records in that situation?
Clearly the Bill extends to England, but the purpose of the National Data Guardian is to give advice on the appropriate sharing of data and best practice. I should expect practitioners to have regard to the advice regardless of where they come from, because, notwithstanding the legal framework in which they operate, all health professionals want to behave in a responsible way. We expect the guidance of the National Data Guardian to be good practice. She has been giving advice without statutory powers to do so, and that advice has been respected; I think that that will continue. It is largely through an accident of the current structuring of the health service that the provisions are as they are. The principles under which the Data Guardian will give advice extend way beyond the geography of England.
It may well be a standard clause, but such clauses are often abused by the Government. For example, Parliament passed a measure to outlaw exit payments for public sector workers in the Enterprise Act 2016. We are still waiting for the regulations under that primary legislation to be introduced. The Government now say that they will have to consult on them. Effectively, what Parliament thought was happening—the limiting of public sector exit payments—has not happened.
The Bill is supported across the House, as the measure I have mentioned was. I should be grateful for some indication from the Minister of when the Government will implement it. It could be delayed by the Government by means of the regulation-making powers in the clause; or by the Government’s not appointing the Data Guardian. There are other ways in which it could be delayed, and if we take the past as a guide to the future we should be suspicious of the Government when they are not prepared to include in the Bill a commitment for it to commence on a given date.
Christchurch and Rhondda speak as one, in a uniting of the Christophers, something that will not, I think, happen very often. It is a serious point; I understand that such clauses are a frequently used means of tidying up the process of a Bill coming into force. However, it adds cost, because the Government must go through an additional process; and frankly there is no reason why we should not just put in a date and tell the Government to get their act together—because everyone supports the measure.
I hope—I am sure—that the Minister will now say, “We intend to do it as soon as practicable after the Bill has been through both Houses,” and all the rest of it; but it would be better for the date to be in the Bill, because then she would not have to do anything later, and, to use a valleys word, it would be tidy. Let us be tidy.
Tempted as I am to engage in debate on the abuse or otherwise of statutory instruments, I prefer not to go down that road. Suffice it to say, we should put provisions into action only once they are tidy, to use the term suggested by the hon. Member for Rhondda. We should be governed by the integrity of the rules we pass rather than by speed, but I can confirm that it is the Government’s desire to implement the Bill, which we fully support, as soon as practicable. Clearly, we already have a National Data Guardian; the Bill would just put it on a statutory footing. It is in all our interests that we do that as soon as possible, so the Government are content with the clause.
Will the Minister assure us that she will take personal charge of ensuring that the Bill is brought forward quickly? To go back to the example I quoted earlier, I had a meeting with the Chief Secretary to the Treasury and pointed out to her that one of the reasons there was a delay in implementing regulations was that civil servants did not have their heart in it and did not give it sufficient priority. The only way of ensuring that the civil servants in the Minister’s Department deliver on the wishes of the Committee and the House is for her to take charge and deliver. Will she ensure that the Bill is commenced before the end of this calendar year?
I completely agree with everything my hon. Friend says. It is Ministers’ responsibility to ensure that the decisions made by Parliament are actioned as promptly and effectively as possible. I know him well enough to be sure that he will hold me to account on exactly that basis if he does not feel the Bill comes forward quickly enough. I would like to see it commenced by the end of the year, and I will work with my officials to ensure that that is the case. If we cannot achieve that, I will give him an explanation.
I am grateful for the contributions by my hon. Friend the Member for Christchurch and the hon. Member for Rhondda. I absolutely agree with their general comments. I looked carefully when drafting the Bill at the issue they raised. I could have included a provision that the Bill would come into effect, say, six months after it became law, but I did not because we already have a Data Guardian, so there will not be any gap, and I know how much the Government support the Bill. That is the reason we did not put in a date, but under other circumstances I absolutely would have insisted on one.
Question put and agreed to.
Clause 5 accordingly ordered to stand part of the Bill.
Clause 6
Short title
Question proposed, That the clause stand part of the Bill.
The Government are content with the clause.
Question put and agreed to.
Clause 6 accordingly ordered to stand part of the Bill.
Before I close proceedings, may I thank all Members for taking part in the scrutiny of the Bill, and the Hansard reporters and officials from both the House and the Department who have supported us?
Further to that point of order, Dame Cheryl. I echo the thanks of my hon. Friend and again thank him for his real industry on what will be an important reform. I also thank colleagues who showed up today for their probing questions, which are always important as we scrutinise legislation.
I do not think those are points of order for the Chair, but it is good that they have been put on the record.
Bill to be reported, without amendment.
(6 years, 4 months ago)
Commons ChamberI beg to move, That the Bill be now read the Third time.
You will be pleased to learn, Mr Deputy Speaker, that with 266 days until we leave the European Union, I will not mention red lines or anything like that. But I congratulate my hon. Friend the Member for Lewes (Maria Caulfield) on navigating her Bill through this place. The Government have clearly been listening to her, because I understand that at Chequers today all the mobile phones have been confiscated.
It gives me great pleasure to promote this important Bill, and I am grateful for the cross-party support. I am keen to get through Third Reading as quickly as possible because there is another important Bill to follow, and hopefully there will be time for that debate.
The purpose of this Bill is to put on to a statutory footing the office of the National Data Guardian for Health and Social Care, and to promote the provision of advice and guidance on the processing of health and social care data in England. Many people have helped me in preparing the Bill, and I would like to thank some of them.
It would be wrong not to start with my hon. Friend the Member for Bury St Edmunds (Jo Churchill). She was one of the Bill’s original sponsors but, because she has been promoted into the Government, she can no longer speak on the Bill. It is due to her tenacity that the Bill is now being considered for the Third time. If she were able to say something, she might say something like this:
“The confidence that a statutory National Data Guardian brings, allows for more responsible and innovative uses of data to work towards cures for cancer and other conditions.
The Bill will empower the National Data Guardian to ensure that cancer researchers can take full advantage of the future possibilities of genomics and Artificial Intelligence, and whatever comes after genomics and AI, where every patient can have confidence that their data will be used in a way which is consensual, safe, and transparent.
For the vast majority of patients (98%) who are happy for their data to be used, it also helps them have confidence that not only can their data be used, but that it will be used, responsibly, for the purposes patients already expect.
It is important that this brief but important piece of legislation gives patients the confidence they need to engage with health data for not only their own care pathways but also giving them choice in sharing when they wish.”
I am grateful for all her efforts behind the scenes to get us to Third Reading.
I also thank the Secretary of State for Health and Social Care, who kindly wrote to me yesterday:
“Placing the National Data Guardian on a statutory footing is significant in increasing public trust in the appropriate and effective use of health and care data, in promoting challenge and building assurance across the health and care system, and enabling the system to access the data that it needs to run safely, effectively and efficiently.
I would like to once more confirm the Government’s commitment to the Bill.”
I am grateful to him for that letter.
The excellent Minister at the Dispatch Box, the Under-Secretary of State for Health and Social Care, my hon. Friend the Member for Thurrock (Jackie Doyle-Price), has been so helpful in the preparation of this Bill. She has put more work into this than she had to, and I really appreciate her help.
The National Data Guardian’s role is to help to make people safe and to give them confidence that their information is securely safeguarded. Dame Fiona Caldicott is the National Data Guardian. I do not know whether hon. Members have met her, but she is a formidable lady. There are Caldicott guardians in every hospital, and we are now putting her role on a statutory footing. Her help in preparing the Bill has been immense. I hope she will go on for many years but, when she does retire, there will be a new National Data Guardian—that will definitely happen.
The priority of the National Data Guardian is to build trust in the use of data across health and social care. The Data Guardian is guided by three main principles:
“encouraging clinicians and other members of care teams to share information to enable joined-up care, better diagnosis and treatment;
ensuring there are no surprises to the citizen about how their health and care data is being used and that they are given a choice about this; and
building a dialogue with the public about how we all wish information to be used, to include a range of voices including commercial companies providing drugs and services to the NHS, researchers discovering new connections that transform treatments, and those managing the services”.
I am also very grateful to Baroness Caroline Chisholm of Owlpen, who will be taking the Bill through the House of Lords, should it receive its Third Reading today. She will be known to many on the Conservative Benches, as we had to deal with her when she was head of candidates, so many of us here will appreciate her greatly. I also want to give particular thanks to the Labour Opposition and to the shadow Minister for all his support. I am in a difficult position, in that my Bill got its Second Reading after the Bill that would change the parliamentary constituencies. Every week at Prime Minister’s questions, the public think it is about party political point scoring and that we never work together. Of course that is not what happens; the vast majority of Bills that go through this House are improved by what the Opposition do, as is the case with my Bill. I particularly want to thank the Opposition for not blocking this Bill. I have to say that when the Speaker was in the Chair and this Bill, standing in my name, came up for its Second Reading, he paused for a very long time, expecting someone to object—presumably he thought it would be someone from our side. It would have been quite appropriate if the Labour Opposition had objected to my Bill if they had wanted to do so because it went ahead of their Bill, which had already got its Second Reading. I am therefore very grateful to the Opposition. I have chosen today for the Third Reading so that there are still opportunities for that Bill to proceed, if it is given its money resolution.
I do not want to take too much more time, because I understand the pressure we are under today, but I wish to mention a couple of things that were raised in Committee. I am grateful in particular to my hon. Friends the Members for Christchurch (Sir Christopher Chope) and for Shipley (Philip Davies), and the hon. Member for Rhondda (Chris Bryant) for their involvement in the Committee. I was brave to put those three on a Committee, but the hon. Member for Rhondda asked a particularly difficult question. The Minister answered it well, but, on reflection, I can now provide a bit more clarification. This Bill says that it extends to the territory of England and Wales, which it does, but it applies only to England. The logical question was, “Why on earth did it apply to England and Wales then?” In layman’s terms, the answer is simply that as a legal entity in Parliament England does not exist, and England and Wales are lumped together. We can have a Bill that extends to England and Wales; to England, Wales and Scotland; or to England, Wales, Scotland and Northern Ireland. That is the answer on this point, and this Bill applies only to England. On reflection, I recall that I am a fellow of the Institute of Chartered Accountants in England and Wales. I do not think I quite managed to get the answer across on that point in Committee.
Can my hon. Friend let the House know what the equivalent arrangements are, if any, in Wales and Scotland?
The answer to that, of course, is that those places have devolution and it is up to them to make their decisions. Obviously, I believe that what we are doing in England is best practice and I am sure they will take note of it. At that point, I ought to conclude. I thank everyone for their help so far, and I hope we can make progress later on.
I congratulate the hon. Member for Wellingborough (Mr Bone) on his success in making progress on this Bill in pretty quick time—as he candidly said, quicker than some other private Members’ Bills, which may well be down to the Government’s view on the merits of particular Bills. As the hon. Gentleman said, there are other Bills that we would like to see make progress, but that is not to detract from the merits of this one.
As I said when we last debated the Bill, the Opposition welcome the decision to put the National Data Guardian for Health and Social Care on a statutory footing. As we know, the use of data has the potential to improve every aspect of the NHS, from transforming the way in which we diagnose illnesses such as cancer to improving the patient experience by ensuring that every clinician at every stage has the complete picture. We know from experience that the use of data in the NHS can be controversial at times, and patients sometimes raise concerns. Those concerns are not unfounded.
Official figures show that more than 100,000 patients were caught up in NHS data blunders in 2016-17. The number of serious data incidents has doubled in a year and they are now occurring at a frequency of one every three weeks. It emerged last year that NHS Shared Business Services had failed to deliver just under 709,000 letters from hospitals to GP surgeries, with the correspondence being left in an unknown warehouse. Such examples show the importance of an effective, modern data protection system with robust safeguards, which is central to securing public trust and confidence in the NHS.
The hon. Gentleman might or might not be aware, but in Cornwall we have a higher proportion of cases of glaucoma than any other place in the country, and we know no reason why. Does he agree that sharing information on that could help us to understand why some of these complex conditions occur? Does he also agree that when the Data Guardian is in place, they might be able to look at and break down the data to work out why some of these conditions exist?
The hon. Gentleman is absolutely right that there are many variations in conditions and, indeed, outcomes throughout the whole country. The importance of data in establishing patterns cannot be understated.
The British Heart Foundation recently said of the research environment that “too much” of its researchers’ time
“is taken up with unnecessary red tape and bureaucracy. The weight of this form-filling is slowing down vital discoveries”.
Does the hon. Gentleman share my hope that putting this role on a statutory footing will help to address such concerns?
Whenever we speak to anyone in the NHS, particularly GPs, they express concern about form filling, but it is important that due processes are followed and that there is a clear audit line. I am sure that the hon. Gentleman can have a word with the Minister about what practical steps can be taken to deal with some of the British Heart Foundation’s concerns.
We support the establishment of a statute-backed Data Guardian because it is one way to improve confidence in the way data is used. As I said in Committee, we are concerned that the Bill does not include an absolute obligation for data controllers to act on advice—only to have regard to it—and there appears to be no requirement for organisations to state proactively how they have dealt with such advice. Responses to question 5 of the Government’s consultation were overwhelmingly supportive of such a provision. In that question, the Government proposed that
“organisations holding health and care data which could be used to identify individuals should be required to publish all materials demonstrating how they have responded to advice from the National Data Guardian.”
In their response to the consultation, the Government said:
“Responses were supportive of the proposal that the national data guardian should be given formal advice giving powers.”
That would certainly provide reassurances that the National Data Guardian will have real authority and act as an independent voice for patients. Without statutory backing, it is foreseeable that the National Data Guardian’s authority and independence could be undermined. Without a requirement for organisations that receive advice to provide evidence of their response, it could be difficult to be sure that the National Data Guardian is effective in doing the important job required by the Bill.
I am sure that Members will recognise that the requirement for a body to have regard to advice does not always mean that the body acts on that advice. We know that how clinical commissioning groups interpret the guidance of the National Institute for Health and Care Excellence leads to some variations in the way in which treatments are dispensed and that advice does seem to be ignored with impunity by CCGs.
I know that the hon. Member for Wellingborough does not see the need for additional powers to be handed to the guardian and does not want to see effectively a regulator, which is the road that my proposals may be taking us down, but it is important that, when the Minister responds, she gives us some indication as to what yardstick she proposes will be used to ensure that the concerns that I have set out will be effectively judged by the guardian.
In conclusion, although I have set out some concerns, we are not intending to oppose the Bill as it is currently drafted today.
It is a pleasure to be called so early in this debate to speak on the Bill. I particularly wanted to do so to give it my fulsome support, but also because I had the pleasure—and it was a pleasure—to serve on the Bill Committee for the Data Protection Act 2018. We had 10 sittings over five days, and fascinating it was, too. What came out of that Committee was a much improved Bill, or Act as it now is. What my hon. Friend the Member for Wellingborough (Mr Bone) does with this very important Bill is to create a vital adjunct to that Act. This is designed to work hand in glove with the Data Protection Act and the two will work together, which is why I am delighted to be able to make a contribution here.
I want to echo what was said in congratulating not only my hon. Friend on this Bill, but the mother of the Bill in its previous form, my hon. Friend the Member for Bury St Edmunds (Jo Churchill), who, now that she is my Whip, I am bound to say is an extraordinarily wise Member of this House. If nothing else, this Bill should be known as one that she has helped in its genesis.
Apart from the procedural reasons that my hon. Friend the Member for Wellingborough cited for why we are bringing this Bill to the House today, there is also another reason why it is extraordinarily appropriate, which is that today is, of course, the 70th anniversary of the national health service. It is absolutely right that we take a moment to remember that and to thank all of those who work so hard in it. How appropriate it is that we hope to progress this Bill today on this auspicious anniversary, because it will have a very significant role to play in the future of our national health service.
The Bill seeks to ensure that particular care is taken in the health and social care system when it comes to the holding of private data. It is something about which, rightly, there is huge public concern. Here is why. That sort of data and the technology on which it relies will have a massive role to play in our healthcare system. Technology will revolutionise the way in which we provide health and social care services in our communities. I have to say, on a personal note, that it is of particular benefit to rural areas such as North Devon, where we have particular geographic challenges. Quite simply, many people have to make long journeys to physically access the sort of healthcare provision that they have a right to expect in the 21st century. What this sort of technology does—the Bill goes a long way to protect people’s data as part of that—is, in effect, to put a doctor in the palm of someone’s hand through smartphone technology. It is slightly odd that we have just had a debate about the evils of smartphones in one aspect of our social policy thinking, as now we are debating an area where smartphones are having a definite and precise benefit.
There is something more precise though, and that is artificial intelligence and the way it is used to improve healthcare provision. AI has the capacity to provide bespoke treatment for individuals who are suffering from cancer, for example. Scientists at the University of Stanford have done a remarkable trial that has shown that artificial intelligence is extraordinarily accurate in identifying skin cancer, for instance. We are reaching a point where it is no longer necessary for a doctor, nurse or medical professional physically to examine a patient: there is now artificial intelligence that is able to do that remotely. I understand from the research that has been done that it has a very high degree of accuracy in identifying skin cancer. This sort of technology could help to improve healthcare dramatically. Not only can artificial intelligence identify cancer, but developers are currently working on utilising it to help with treatment as well. It can assess factors such as the patient’s genetic history and lifestyle choices, for instance, to identify the most effective course of treatment. In fact, the Government intend to use AI to prevent more than 20,000 cancer-related deaths by 2023, but its long-term potential is much greater than that.
However—this is the crux of the matter—for these sorts of innovations to work and for us to be able to embrace this sort of technology securely and safely, and with peace of mind for the general public, a great deal of very personal information will need to be securely processed and stored while ensuring that it cannot be misused. That is what causes a great deal of concern among the public. If we want to ensure that individuals are going to take full advantage of these new technological breakthroughs that allow such improvements in healthcare, we have to be able to provide them with the absolute, copper-bottomed assurance that, when they provide the data that allows this sort of technology to intervene in their healthcare, they can be absolutely sure that they have confidence in the system of data storage, and confidence in the way in which their data will be processed, used and protected. We must achieve this through the instigation of a system that ensures the minimum possible data breaches, with robust guidance on good practice and established procedures to minimise damage. This Bill, working in partnership with the Data Protection Act, will go a long way towards achieving that.
The main purpose of the Bill is to establish the National Data Guardian for Health and Social Care to promote the provision of advice and guidance about the processing of data. Specifically, and really importantly, the Bill establishes the National Data Guardian as a statutory office holder. We have such an official at the moment, as my hon. Friend the Member for Wellingborough said, but the Bill puts the post on a statutory footing.
That is important for two reasons. First, it gives the public absolute confidence in the system, because there is no higher degree of official backing for what the National Data Guardian is and does than to have it on a statutory footing as passed by this place. Secondly, it maximises the post holder’s accountability to this place. I am pleased that there is provision not only for a regular review of the work of the National Data Guardian but a suggestion that she—at the moment, it is a she—should produce an annual report and is accountable for reporting that review to this House. That is why it is absolutely vital that those provisions are in the Bill, and I am extremely glad that they are.
Does my hon. Friend hope that the Data Guardian will focus primarily on ensuring that data is being appropriately used? Does he share my hope that she will go further and seek to actively promote data sharing for use particularly in research applications?
I hope for both. It is really important that we do not rest on our laurels and simply say that the powers currently held by the guardian are sufficient. She must be given the right to look forward to ensure that in future, as technology changes and advances—as it inevitably will—she is able to encourage other stakeholders, lawfully and in a secure way, to ensure that the data that is provided by NHS patients is used by the many organisations that would need to share it in a secure and safe way.
In my view, one of two things was going to happen after the Cambridge Analytica scandal: either individuals would be in charge of their own personal data or, as the Government have rightly done, we would have a national database that is under one person’s ownership and guardianship. As my hon. Friend the Member for Croydon South (Chris Philp) said, that information can then be used to promote and encourage technological innovation to help people with some of these conditions. Does my hon. Friend agree that, in rural areas such as his and mine, that would be hugely beneficial?
That is absolutely the case. I touched on why the new technology that will be used for healthcare provision is so important, particularly in rural areas such as ours, in North Cornwall and North Devon. We need to ensure that everybody is sure that their data is securely held, processed and used. In areas where these healthcare technology advances would be particularly beneficial, such as my hon. Friend’s constituency and mine, people must not be prohibited or inhibited from giving the necessary data simply because they are not sure how secure it will be. Such a situation might mean that they do not get the healthcare treatment using this new technology that they can specifically benefit from due to the geographic challenges we have discussed in our areas.
Although the role of the National Data Guardian for Health and Social Care was established in November 2014, it was always the intention that it be put on a statutory footing, which is why I am so pleased that we have reached this stage. That was also, I am bound to say, a commitment in the Conservative party’s 2017 manifesto, on which this Government were elected. I am really pleased that here we are, a year on—a relatively short space of time in the proceedings of this place—only a short step away, I hope, from enacting that manifesto commitment.
The Bill has cross-party support. As my hon. Friend the Member for Wellingborough said, all the Opposition parties have shown their full support for the Bill, which is really important. Devolution was mentioned in an earlier intervention. It is right that the Welsh Assembly and the Scottish Government look closely at adopting a similar position, and they have, if I might say so, the perfect blueprint for doing so thanks to the hard work of my hon. Friend the Member for Wellingborough and, before him, my hon. Friend the Member for Bury St Edmunds.
We have here the solution to a potential challenge. If we get this right, it could revolutionise the way we are able to treat people in our health and social care system in the future. Data and privacy are without a doubt two of the big issues of our age. If we get this right, the potential to improve services and patient outcomes is huge. The Bill is a very important step forward in doing that. I wholeheartedly support it.
It is a pleasure to speak in support of this extremely important private Member’s Bill. To pick up where my hon. Friend the Member for North Devon (Peter Heaton-Jones) left off, data—data ownership and storage—is one of the big questions that society and this House will have to grapple with in the decades to come. I have noticed when talking to younger constituents how increasingly aware they are of where their data on social media goes and, most importantly, who the owner of that data is. Does the owner remain the subject of that data, or does ownership transfer to whoever is holding it? These are important conceptual issues that I am sure the House will have to continue to grapple with in the years ahead, and I am pleased that my hon. Friend the Member for Wellingborough (Mr Bone) has contributed to us moving in this direction.
I first had to come to terms with issues around personal data when I went into public policy research about 10 years ago. Two things became immediately clear. First, although the Government were collecting a lot of data on individuals, the way that they felt obliged to keep that data meant that they were extraordinarily bad at joining it together. We had very good information on children, for example, but rather lousy information on families. Building that context around an individual is absolutely vital if we are to build a decent series of research questions and answers that allow us to interrogate the causes of particular problems, or to see what positive influences in somebody’s life might have led them to avoid certain problems.
On a professional level, although the Bill does not deal with children’s data—children’s safeguarding is covered by different legislation—when I worked on child protection I saw powerfully the consequences of poor data sharing and safeguarding services. I read a large number of serious cases reviews that were published in the event of a child being killed or suffering serious harm, and time after time the findings of those serious case reviews were that agencies had failed to share data at key moments. Time and again, recommendations were made that better information sharing procedures should be created. We had a series of organisations which, albeit with the best intentions, were in effect working in silos, and by not working together they were missing opportunities to protect children, and in some cases to save their lives. That reluctance to share data was not laziness or professional neglect; it was often because agencies were scared of the potential legal consequences of sharing private information with other professional bodies.
The hon. Gentleman is making a good point. Over the past two or three years we have had this problem of child abuse and so on. One thing that struck me is the fact that agencies do not co-operate with one another or share information in the way they should. As a result, something that could be prevented is not prevented. Does the hon. Gentleman agree?
I absolutely agree, and I am grateful to the hon. Gentleman for that important intervention. If we create a framework that helps agencies to share information about vulnerable individuals safely, that enables those agencies to become greater than the sum of their parts, and to combine and enhance their professional interrogations, so that they can join the dots and create a true picture of what is happening in someone’s life.
As I saw earlier in my career, however, if done incorrectly such an approach can be taken to dangerous lengths. In about 2008-09, the Government proposed to create a service for children called ContactPoint. The programme was well intentioned, and it intended to bring together all the information on all children in one single place. However, it would have given access to that information to around 350,000 professionals nationwide, and civil rights campaigners immediately became concerned that that would effectively put all information about all children into the public domain, that it would not take long for that information to be out in the public space, and that once there, the process would be irreversible.
Today we are seeing exactly the right civilised and sophisticated approach to data handling. As I understand it, the National Data Guardian will work with professional bodies to ensure that they understand what they can do. She will be in a position to work with the public and ensure that they understand how their data is shared, and how it might be shared in future in order to improve services. Like my hon. Friend the Member for Wellingborough, I believe that the National Data Guardian will ultimately help people to choose whether they want their data involved in this sort of analysis.
I draw the House’s attention to a very significant initiative taking place in New Zealand. Using this sort of sophisticated data handling arrangement, the New Zealand Government have built the Integrated Data Infrastructure, which brings together pretty much all public, and some private, data held on individuals. It combines it by creating unique identifying numbers for each individual, taking out their names so that all records become anonymous, and then matching the data. This is done in a way that prevents track-back to the individual, while allowing large amounts of interconnected and complex data to be analysed by researchers, so that they can better understand the causes of social complex problems and how it is that some individuals with similar characteristics do not suffer from the dangerous long-term outcomes that some of their peers do.
This is groundbreaking stuff. The fact that the New Zealand Government have managed to do it in such a way as to take the public with them to create a world-class research resource gives us all hope that it can be done. When I talked to the people who lead the project in Wellington, I asked them how they got over the public’s concerns. They said that when they first took it to public consultation a lot of the public said that they rather assumed their data was being used for decent purposes already and found it very strange that their private data was not being used anonymously to solve the big health questions and social problems of the day. Yes, they wanted guarantees that their private information would not end up in the public sphere, but they said, “For goodness’ sake, get on with it.” I think there is a very important lesson for us all in that.
I very much hope the Minister will take a moment or two in her remarks to reflect on how the National Data Guardian may be able to help us in our jobs as MPs. As Members, we often have to handle sensitive information, and we are often responsible for the exchange of sensitive information. I therefore believe the National Data Guardian will perform a service to this House in due course. I am absolutely delighted to support the Bill.
It is a pleasure to follow my hon. Friend the Member for Brentwood and Ongar (Alex Burghart). He makes the very important point that if people do not trust the way in which we keep data, they simply will not share it with the people who need it to keep them safe. The Bill is a great way to celebrate the 70th birthday of the NHS. It will be really valuable in protecting patient data in the NHS and will contribute to improving the trust that will enable people to be treated in a more efficient and effective way. Data protection may not be a sexy topic, but it is critically important, as is data sharing, of course.
We have had a data guardian in the NHS since 2014. My hon. Friend the Member for Wellingborough (Mr Bone) described Dame Fiona as a formidable character. I have known her well for some years now. She chairs the Oxford University Hospitals NHS Foundation Trust, with which I have a loving but strained relationship over the future of Horton General Hospital. She will be retiring next year. I do, therefore, have considerable experience of her at work and I know she is extremely exacting. She takes all of her various roles very, very seriously. There could not be a better person to help increase public trust in the way their data is shared. She is as keen as the rest of us for her position to be on a statutory footing. I know the Government want to be able to use data more intelligently in the future. In fact, that is essential if the NHS is going to be fit to serve us for the next 70 years.
I have various local examples of data sharing not going as well as it should. One problem we find in Oxfordshire is that we are close to the boundaries of many other counties, not least Northamptonshire, which my hon. Friend the Member for Wellingborough has the pleasure to represent. I alluded earlier to the difficulties we have had locally with the—we very much hope—temporary closure of the maternity unit at the Horton General Hospital, where I and many of my constituents were born, and where we hope many more will be in future.
The unit closed temporarily last summer. This means that most Banbury babies are now born at Warwick Hospital, with some being born at the OUHFT, which Dame Fiona chairs. The mothers of the babies who are born at Warwick experience very real difficulties with the data sharing between Banbury and Warwick. All prenatal appointments are supposed to take place in Banbury, but because the two systems do not seem to communicate properly, it transpires that most of my constituents now have to travel to Warwick for those appointments. However, if they choose to have their babies in the John Radcliffe Hospital at the moment, it is part of the same hospital trust so the communication is easier and that seems to work relatively well.
I turn to care at the other end of life and our award-winning neck of femur service as my second example. The average age of patients treated there is about 85, so it is very much the other end of the age spectrum from maternity. The difficulty in this instance is communication between the hospital and adult social care. The service is fantastic—it was first in the country last year for neck of femur. It specialises in providing a pathway in which patients are greeted at the hospital, put on a special mattress, X-rayed in a special way and treated in a special way. The aim is to get these elderly people out of hospital as quickly as possible with the right care package at the other end.
When I was talking to the very effective nurse—we should be so proud of these nurses—who runs the ward where most of the patients spend most of their time in hospital, she said that when she looks at the postcodes as the patients come on to her ward, her heart sinks if they live in Northamptonshire. As my hon. Friend knows, Northamptonshire is a truly wonderful place and bits of it are very close to Banbury—in fact, my parents live in Northamptonshire, just up the road from Banbury—so it is obvious that many Northamptonshire postcode patients will be treated in the Horton General. The difficulty is that when they come in, the communication with adult social care services is not nearly as good. We have an Oxfordshire person in that unit all day every day, working to move these patients on and get them out as soon as possible, which we know is in their best interests in health terms, but we do not have such links with Northamptonshire. The nurse who runs the unit told me recently that she can get Oxfordshire patients through in as little as four days—with them having had a really major operation—whereas Northamptonshire patients can take as long as 20 days. It is such a shame, and that is why this data sharing is so important to people’s actual health outcomes.
I know that my hon. Friend the Member for Bury St Edmunds (Jo Churchill) feels strongly about GP data and the ways in which GPs communicate with hospitals. That was what led her to drive forward this reform when she came into Parliament. GPs talk to me an awful lot about the way that they keep data. I had an email today from one of the practice managers of a GP surgery in Bicester, who told me that an unintended consequence of general data protection regulation was that whereas he used to be able to charge £50 for solicitors’ photocopying, he cannot do so now under GDPR so the practice is losing out. I will write to Ministers separately about that—[Interruption.] The Minister sighs weakly—she hears an awful lot from me, largely about the Horton General Hospital.
In short, as I do not wish to detain the Minister any further, I am proud to have been able to speak in support of the Bill. It is an important reform that will provide some level of trust among the public at a time when people are more cautious about sharing their data, but when it is ever more important that we use their data effectively.
It is a great pleasure to follow my hon. Friend the Member for Banbury (Victoria Prentis). I congratulate my hon. Friend the Member for Wellingborough (Mr Bone) on all his hard work taking the Bill through the House, and I commend him for steering it through Committee without amendment, which I think reflects the importance that the whole House places on this topic.
As my hon. Friend the Member for Wellingborough has said, the National Data Guardian, Dame Fiona Caldicott, has already done much work to promote good practice in handling medical data, and I am sure that putting her role on a statutory footing will enhance that further. I join my hon. Friend the Member for Banbury and others in paying tribute to Dame Fiona, who has played an excellent role and been a strong voice for patients as our first National Data Guardian.
I am particularly pleased to speak in the debate because of my long-standing interest in the fourth industrial revolution, and because of the report I recently released, supported by my right hon. Friend the Secretary of State for Health and Social Care, on how we can better use technology and data to improve the NHS’s performance. This week, as we celebrate the 70th anniversary of the NHS, there is no better time not only to look back at its successes, but to look forward and consider how we can safeguard its future through the use of good data.
The NHS has been a long-standing user of good data, even since its infancy. In the 1950s it was data from 20 London hospitals that first proved the link between smoking and lung cancer, which has certainly saved many lives in the years since. Fast-forward to 2018, and the potential for using medical data to improve lives has certainly grown exponentially.
Despite the clear and unquestionable potential of the fourth industrial revolution, and the new technologies associated with it, many members of the public remain sceptical about its benefits. They, like me, have seen a number of attempts to digitise health services fail, from the national programme of IT under the previous Labour Government to the WannaCry hack last year. There is still much work to do to win over a sceptical public. That is why my argument, and my support for the Bill, is clear. I believe that shared data saves lives, and I believe that the National Data Guardian has an important role to play in spreading that message.
One of the principles of the National Data Guardian is the need to build a dialogue with the public about how we all want information about us to be used. Although the NHS is rightly introducing a wide range of digital services, I have no doubt that the service most coveted by patients and our constituents, especially those in the smartphone generation, is the long-awaited NHS smartphone app. Anyone who has used NHS digital services will know that a wide variety of options are available to patients.
One of the key recommendations of my report was that the NHS should introduce a one-stop shop, with an overarching app that would allow patients across the whole of England to book appointments, order repeat prescriptions, control access to data and seek advice on medical problems. The app would operate 24/7 so that patients could access the NHS at their fingertips, from the comfort of their sofa or their place of work.
My long-term vision is for a smart NHS that personalises medicine and treatment, and provides advice in one integrated place. That is why I was delighted that the Secretary of State recently announced that he will be taking forward plans to build this new NHS app, to ensure that the smartphone generation have access to healthcare at their fingertips. As the Secretary of State, the Minister and their colleagues at the Department of Health and Social Care begin the work of designing and implementing the app, I think that the National Data Guardian can play an important role in shaping its future. She should call for full integration of the app with paperless records to ensure that digitisation takes place across the whole NHS. Only by ensuring that the app is available to everybody can the NHS reach its full potential, delivering all the services envisioned in my report.
In conclusion, the healthcare of tomorrow will be powered by artificial intelligence, big data, automation and increasing digital connectivity. That is why the NHS must be a global leader in this field. At the same time, we must ensure that informed consent is not put at risk, and that the patient voice is kept at the heart of all treatment. Key to that is the role of the National Data Guardian, which is why I am very keen to see her role placed on a statutory footing. I am therefore delighted to support the Bill.
It is always a great pleasure to follow my hon. Friend the Member for Havant (Alan Mak), who speaks with great authority about technology, which is really what the Bill is all about. I pay tribute not only to my hon. Friend the Member for Bury St Edmunds (Jo Churchill), but to my constituency neighbour and hon. Friend the Member for Wellingborough (Mr Bone). He has done many things in this House over the years, but I think it fair to say that this is probably the first time he has managed to take a Bill to Third Reading, so today is a historic moment in his parliamentary career.
One of the things of which my hon. Friend can be particularly proud is the fact that his Bill has managed to unite so many different charities in its support: the Academy of Medical Sciences, Arthritis Research UK, the Association of Medical Research Charities, Asthma UK, the British Heart Foundation, Cancer Research UK, Genetic Alliance UK, Macmillan Cancer Support, MQ, the Richmond Group of Charities, and Wellcome. That is an eclectic mix of health charities, which I think speaks volumes about the way in which the Bill is perceived by the charitable sector and the difference that the sector believes it will make.
I see the Bill as a big step forward, but I also see it as very much a tidying-up measure that puts on a statutory footing something that is, in large part, already happening. This whole approach makes eminent sense to me, not least because the effective use of health and care data and information has the potential to contribute significantly to improved outcomes for individuals and service users.
That can happen in many different ways. For example, sharing an individual’s health and care data between all the providers involved in that individual’s care will ensure that the best possible care package can be delivered. Too many people with serious conditions such as dementia have to tell the same story to multiple people and services involved in their care. Effective and appropriate data sharing could eliminate an unnecessary burden which causes distress not just to the individual concerned but to their loved ones—their friends and families. That, I think, is a welcome step forward in its own right, but it is also the case that researchers will have much better access to appropriate data, which is crucial to the development of new medicines and treatments.
If commissioners have access to the data that they need to make decisions about the best use of their resources locally and nationally, services can be provided and located where they are most needed. The impact of available funds can also be maximised and budgets fully optimised. I do not think anyone could possibly object to that.
The Bill also presents a real opportunity for us to achieve something about which my local clinical commissioning groups, Nene and Corby, talk to me all the time—better integration between health and social care services—which is very welcome in itself. That, I think, is where our direction of travel should be if we are to improve patient care.
I hope that the Bill will also help with the prevention agenda, in which the use of technology is clearly paramount. Like many other people out there, I am the proud owner of a Fitbit, which has made me think much more carefully about some of the decisions that I make from day to day in relation to my health and wellbeing. I now think about being physical, getting active, being out there, and doing the right thing to take care of my own health. Any measure that places a greater onus on individuals to take responsibility for their health and care needs can only be a good thing. It means putting the patient in control, while at the same time providing suitable protections to ensure that people’s data is handled sensitively and with care.
The Bill is timely as well. I think that all Members recognise the significance of the excellent care that the NHS provides for all our constituents day in, day out, and I pay tribute to the remarkable NHS staff in Corby and East Northamptonshire, who work tirelessly to make people better and meet their health needs. I commend that quality of care. Sometimes Members of Parliament only hear about things that have gone wrong, but the vast majority of care that we see in the health service is excellent. One of the things that often frustrates me in this place is how often we debate the issue of money. Obviously money is important—it is vital that we ensure that the health service has the financial resources that it needs in order to provide the care that people require—but I think we should focus more on outcomes. It is outcomes that really matter, not necessarily monetary value.
I believe that it is in the greater use of technology and the integration of health and social care that the future of healthcare lies. Of course we must ensure that the health service has the resources that it needs, but we should make the most of technology, maximising the opportunities that it presents to improve patient care. I think that in the next 70 years, that will be one of the big focuses in the NHS.
I am conscious of time so will be brief.
I welcome this Bill’s Third Reading and congratulate my hon. Friend the Member for Wellingborough (Mr Bone) on getting it this far—and, indeed, it is just the first of his private Member’s Bills on the Order Paper today. I pay tribute to my hon. Friend the Member for Bury St Edmunds (Jo Churchill) too; she has also played a huge role. I get to talk to her quite a lot in her current role, although, sadly, because of that post she cannot say anything about this Bill today.
I hope the Minister in her closing remarks will reflect a bit on how she sees the guardian being used as a champion of patients and of ensuring that their data are protected: given that this Bill covers some of the most sensitive data people have—their healthcare data—how we can make sure we get the benefits such new technologies offer to be able to analyse and find trends and patterns of disease we might never have found before; and how patients can be reassured that someone is acting as their advocate and champion in ensuring those data are used only for reasonable purposes, which we all want. It is right that we are looking to pass this law to enshrine such a role in statute; being the guardian of data, particularly across the NHS, is a key role, and I hope this Bill receives its Third Reading.
I took on board the explanation by the Bill’s promoter of why it says it covers England and Wales, even though it will cover only England, but I hope a relationship can be developed with the devolved health systems so that the data sharing benefits the entire UK. Given the time, however, and the fact that the Minister will wish to respond to the debate and other Members wish to speak, I will conclude by saying that I fully support the Bill.
As many Members have said, this is the 70th anniversary week of the NHS, and there is no better time to talk about this Bill. I will focus in my brief speech on three areas.
The first is that personal medical data about ourselves and our families is, to many of us, the most important thing we have. It is personal and emotional information, which if stolen would be incredibly valuable to criminals or nefarious organisations that may wish to use it for their own purposes. It is therefore critically important that by establishing this post in statute we strengthen the security of that personal information and data that we all cherish so much.
Connected with that is the question of trust: trust from our constituents—the people of this country—that their data will be handled securely in a world where online crime and other dangers to that data are proliferating far beyond what we could have imagined 10, 15 or 20 years ago. Establishing the post in statute will significantly improve the trust individuals have in the system and in the protection of their own personal data.
Finally, there is the question of accountability. One of the difficult aspects of being a Member of Parliament is that we are often called to account for things we do not control, or indeed the Government do not control. This Bill sets out the accountability of the individual responsible for safeguarding individuals’ data. That accountability helps contribute to trust, and what better way to achieve that than by establishing the post in statute?
We heard from my hon. Friend the Member for Havant (Alan Mak) about the importance of technology in the NHS, and indeed in the world, today. The NHS’s data source—aided not just by the people of this country and their various ailments but by the structure of the NHS—is an incredibly valuable resource for improving the lives of people in this country, because of what we can do with that data in the context of technology. The Bill will help to strengthen that position.
It is a great honour to speak in the debate on this Bill. There are three things that I would like to say, and I shall say them very briefly as I know that others wish to speak. First, I am grateful to my hon. Friend the Member for Banbury (Victoria Prentis), who is not in her place at the moment. Many of the issues that are relevant to the north of my constituency are the same as the ones that she has raised. Her comments on the transfer of data between the Horton, Chipping Norton and Warwick hospitals apply to me as much as they do her, so I will not repeat them. I will simply associate myself with her comments.
Secondly, I want to pay tribute to the hard work of all the NHS staff in the Witney and West Oxfordshire constituency, particularly at the community hospitals at Witney and Chipping Norton and at the GP surgeries. It is extraordinary that, in this day and age, they are unable to share their data freely, that people therefore have to repeat their stories to different practitioners and that those practitioners cannot see all the relevant medical records quickly and easily online, as they should be able to. We should enable that to happen as soon as possible.
Thirdly, technology has a huge role to play in ensuring that we wring every last penny out of the NHS budget. As my hon. Friend the Member for Havant (Alan Mak) rightly said, we should be getting to a place where people can have an app that enables them to look at their records, book appointments and hold consultations over the internet using their phones. That will help to save their time and spread the budget as well as we can to ensure that we get best value. It will also help us to make the best use of the hard-working staff who do so much in our NHS.
I thank all hon. Members who have contributed to the debate today. I particularly want to thank my hon. Friend the Member for Wellingborough (Mr Bone). I cannot believe that this is the first private Member’s Bill that he has taken through to Third Reading, as he has had so many. I am delighted to have collaborated with him on achieving this. It is quite an achievement. He was typically generous about me in his comments, which was completely undeserved. He was quite right when he said that thanks need to go to my hon. Friend the Member for Bury St Edmunds (Jo Churchill), who was the inspiration behind the Bill.
I want briefly to set out why the Government view the Bill as an important measure and why we are keen to see it progress and to put the National Data Guardian on to a statutory footing. The Government are committed to ensuring that the health and adult social care system in England realises the full benefits of sharing health and care data in a safe, secure and legal way. We have talked a lot today about the benefits of such data sharing. However, if data and information are to be used effectively to support better health and care outcomes, it is essential that the public have trust and confidence that safeguards are in place to protect the data from inappropriate use. That is the ethos behind the establishment of the National Data Guardian. The guardian will be an independent, authoritative voice for individuals on how their data should be used. At the heart of this is the relationship between health providers and individuals, and we need to maintain an appropriate balance between safeguarding and privacy as well as underlining the serious principle of informed consent by patients.
I should like to clarify the scope of the legislation. The National Data Guardian’s remit covers all health and adult social care data, which is defined in the Bill as essentially the same as “patient information” under section 251 of the National Health Service Act 2006. That basically enables the National Data Guardian to influence anything that impacts on the processing of health and adult social care data held by all the organisations listed in the Bill. This will enable the promotion of good challenge and the building of assurance across the health care system, as well as enabling the system to access the data it needs in order to run safely, effectively and efficiently.
I cannot emphasise enough the fact that the voice of the patient and the service user is really the paramount principle under which the National Data Guardian will operate, notwithstanding the fact that she will be working through the use of guidance to providers. It is basically taking the position of what is in the best interests of the patient. In so doing, we hope that the guidance she issues will establish confidence on the part of the public that their data is being used effectively.
Much has already been said today about the role of Dame Fiona Caldicott, who is the first National Data Guardian. She has been described as phenomenal, energetic and influential, but I wish to take this opportunity to recognise the enormous contribution she has made. I am sure she will take full advantage of the statutory powers that will follow once the Bill reaches the statute book.
I am delighted to have the support of the Opposition on the Bill, because the use of data sharing is essential to secure the best possible health treatment for all patients. The hon. Member for Ellesmere Port and Neston (Justin Madders) expressed the desire that the National Data Guardian should have real teeth. I emphasise again that she will act in the interests of patients, and that will mean challenging providers. As we all know, some providers are instinctively cautious and defensive about data sharing, and the real challenge is that patients are sure, thanks to the National Data Guardian’s advocacy, that it is the right thing to do. Nor should there be any escape for health professionals and providers.
The National Data Guardian will, as the hon. Gentleman said, use her powers by issuing guidance, and the clear expectation is that everyone will abide by that guidance. We see the aim as one of changing organisational behaviour rather than having rules. The fact that the National Data Guardian will produce an annual report on how she is discharging her obligations, and how the health sector is reacting, will be a powerful tool. We often find that transparency can be much more effective than rules, regulations and laws. Once behaviour that is not delivering the outcomes that we intend through legislation is highlighted, the public embarrassment will be more effective than many of the tools that we have at our disposal. It is heartening to see the interest in the Bill in the Chamber, and we have heard some individual examples of poor practice. I am sure we will have plenty if anyone does not abide by Dame Fiona’s advice.
We expect the National Data Guardian to use her annual report to implement further guidance. We fully expect that the duty for adult health and social care organisations and providers to have regard to that guidance will also be taken into account by the Care Quality Commission and the Information Commissioner’s Office, so it is not just the Government and the National Data Guardian that can hold them to account. We expect a serious change in behaviour in the future.
The National Data Guardian will look at her own operating approaches to see what more can be done to ensure that the role has teeth. That is also part of the reason for putting the role on a statutory footing. The fact that her advice will have legal clout will give it more teeth. She will have day-to-day communication mechanisms at her disposal to highlight areas of good and poor practice, and the statutory duty to consult people she considers appropriate before publishing guidance. That will fuel an important debate about behaviour in this area.
Other issues that have arisen in the debate today and in Committee include concerns as to why children’s social care data is not covered by the Bill. I would like to explain the reasoning behind that and why it is not a weakness in the Bill. Data relating to children’s social care has its own safeguards and protections, which operate under a different legal framework from adult health and social care. Those safeguards and protections are governed by their own statutory guidance, and we would not want to include anything that conflicts with established guidelines.
The context and imperative for using and sharing data to safeguard children is also different, and the most important consideration is whether sharing information is likely to safeguard and protect a child. That is an important point, because with children safeguarding trumps privacy and personal ownership.
Rather than extending the National Data Guardian’s role to cover children’s social care data, action should remain targeted elsewhere on improving timely and proportionate information sharing to keep children safe. Officials in the Department for Education and the Department of Health and Social Care have reached a sensible interpretation of the Bill, which would not preclude the National Data Guardian from engaging constructively with the Department for Education on adult social care data and its interaction with children’s social care data. There has been an exchange of letters between the Departments to formalise that agreement. On safeguarding children, the powers in the Children and Social Work Act 2017 are the mechanism for the Departments to act and to share information.
We worked across Government to amend the Data Protection Act 2018 to introduce safeguarding as a condition by which information can be shared without consent to keep children safe. We will continue to work with local authorities to consider and monitor the impact of the National Data Guardian in this space, where it is appropriate to work outside the remit of the statutory powers set out in the Act in a way that is consistent with the law and regulations as they currently apply to sharing data on children. We will keep a watching brief on that but, at this stage, we should not do anything to disrupt established obligations. We can establish good practice in this area through sensible discussion between the National Data Guardian, the DFE and the Department of Health and Social Care, which is entirely consistent with how we co-ordinate the respective obligations of children’s social care and adult social care services.
I have very little time, but I will touch on one or two other issues before concluding. There was a brief discussion earlier on the territorial extent of the Bill, and I can confirm that the Bill applies only to England. The Bill technically applies to England and Wales because of how we approach legislation in this place, but it extends only to England.
I can also confirm that public health data is included in the remit of the Bill, so that data will also be shared. I also confirm that the Bill covers local authorities where they are actioning services with regard to adult social care and, of course, public health.
I conclude by confirming again the Government’s commitment to this Bill and our desire to see it succeed. I am confident that the Bill will achieve the aims my hon. Friend the Member for Wellingborough and all hon. Members have set out. After today’s important stage, I hope the Bill will make swift progress and will receive Royal Assent as soon as possible.
With the leave of the House, I thank the parliamentary counsel, the Clerks of the House and officials at the Department of Health and Social Care for their assistance in preparing the Bill. I also thank, from my office, Jordan Ayres for the research and Helen Harrison for the drafting of the Bill. I also thank the eight Back-Bench MPs who have taken the opportunity to participate, particularly my hon. Friends the Members for Corby (Tom Pursglove) and for Torbay (Kevin Foster), both of whom sat on the Public Bill Committee.
The last thing to say on the Bill before, hopefully, it is read for the Third time is that, if it makes it all the way through and becomes an Act of Parliament, let us hope it is referred to as the Churchill Act.
There might already be one or two Acts with that name.
Question put and agreed to.
Bill accordingly read the Third time and passed.
(6 years, 4 months ago)
Lords Chamber(6 years ago)
Lords ChamberMy Lords, the Bill will place the National Data Guardian on a statutory footing and will promote the provision of advice and guidance on the processing of health and social care data in England. It is an honour for me to bring the Bill before your Lordships today.
The Bill is an important step in increasing the public’s and patients’ confidence in the use and appropriate sharing of health and care data. It has gone through the necessary stages in the other place and I extend my thanks to the many people who have helped prepare the Bill, in particular to Jo Churchill for her dedication to the original Private Member’s Bill and to Peter Bone for sponsoring the Bill in the other place and ensuring that it reached this stage. It would be remiss of me to proceed without mentioning and thanking the National Data Guardian, Dame Fiona Caldicott, who has contributed so much to this area. I am grateful to the Parliamentary Under-Secretary of State for coming to listen to the debate. I appreciate the department’s help with the progress we have made so far and the cross-party support for the principle behind the Bill. Indeed, I see that Jo Churchill is also here today and we welcome her. I hope that with that cross-party support, the Bill will go through its stages here as quickly as it did in the other place.
I would like to take some time to reflect on the importance of the role of the National Data Guardian. We all know that when collected and used properly, healthcare data has the potential to be transformative for patients. Sharing data offers immense promise for improving the NHS and the social care system, as well as benefiting individuals through unlocking new treatments and medical breakthroughs. Getting information sharing right can create a better experience for people using services and make care more efficient. Too many people with serious conditions have to tell the same story to multiple people and services involved in their care. Appropriate data sharing could eliminate any unnecessary burden. As well as that, if commissioners have access to data that they need to make the decisions about the best use of their resources locally and nationally, services can be provided where they are most needed and available funds can be maximised and budgets fully optimised.
Of course, our ability to unlock the benefits of data sharing relies on the public having confidence in the health and care system’s appropriate and effective use of data. If data and information is to be used effectively to support better health and care outcomes, the public have to have trust and confidence that there are strong safeguards in place to protect it from inappropriate use. The establishment of the National Data Guardian as an authoritative and independent voice for the patient and service user on how their data and information is used is a crucial element in that. This short but important piece of legislation will promote challenge and build assurance across the health and social care system, enabling the system to access the data it needs to run safely, effectively and efficiently. A statutory National Data Guardian will enable the postholder to speak with increased authority. A statutory basis increases strength of argument, allowing for guidance to be published as standards and good practice to which relevant organisations must have regard.
Importantly, the National Data Guardian is not a regulator. The role is first and foremost to support organisations and individuals who use health and care data to do so in accordance with the relevant laws and good practice. Placing the role on a statutory footing was a manifesto commitment of the Government, and the Government’s support has been clear throughout the Bill’s progress. The Bill will be significant in maintaining public trust and confidence in the appropriate and effective use of health and care data.
I shall give a short summary of the provisions of the Bill, which consists of only six clauses and will establish the statutory role of the National Data Guardian. The Bill also makes provision for the administrative and financial operation of the National Data Guardian’s office. The Bill will give the National Data Guardian the power to publish formal guidance and provide informal advice, assistance and information relating to the processing of health and adult social care data in England. The Bill imposes a corresponding duty on public bodies within the health and adult social care sector and private organisations that contract with them to deliver health and adult social care services. They must have regard to the National Data Guardian’s formal published guidance.
The Bill requires the National Data Guardian to consult with appropriate persons before publishing the guidance and requires the National Data Guardian to produce an annual report including a set of accounts, details of advice given and guidance published in the previous financial year, and the priorities in the forthcoming year. The Bill gives the Secretary of State the power to provide for the commencement of its provisions, and requires him or her to appoint an individual to hold office as the National Data Guardian.
A money resolution to authorise money for the Bill was laid before Parliament on 21 May 2018. The expenditure of £725,000 per annum is necessary for the Office of the National Data Guardian to undertake its statutory function. The cost is based on the current £500,000 per annum provision for the existing non-statutory National Data Guardian office. The overall increase in spend of £225,000 per annum relates predominantly to additional team resources to strengthen the National Data Guardian office’s ability to prepare and disseminate statutory advice and monitor its impact and relevance, amid anticipated increased demand for independent legal advice and assurance, along with a further responsibility for communication and engagement, including delivery of formal guidance, production of an annual report and accounts, and raising the profile of the National Data Guardian’s website.
I will reflect on a few points which have been raised in discussions over the past couple of weeks. With regard to whether the statutory National Data Guardian will have access to the Information Commissioner’s Office, the National Data Guardian already has a formal understanding and close working relationship with the Information Commissioner’s Office. That is covered by a memorandum of understanding. We would expect to see this updated to reflect the statutory footing. The statutory role allows the opportunity to build on the relationships already developed with regulatory bodies, including the Information Commissioner’s Office, the CQC and NHS Improvement, and to support them in their responsibilities around ensuring that appropriate practices are being adopted by regulated organisations.
I draw your Lordships’ attention to the fact that the Act would come into force,
“on such day as the Secretary of State may by regulations appoint”.
Regulations to this effect made under Clause 5 are to be made by statutory instrument. The Bill contains no other regulation-making powers. There is no intention to amend this.
Lastly, the Bill’s provisions extend to private sector providers that contract with public bodies to deliver health and adult social care services. These must have regard to the National Data Guardian’s published guidance. Data held by privately arranged and funded health and adult social care providers is not covered by the Bill. However, private providers of healthcare will have access to NHS patient data in the vast majority of cases—for example, where patients give their consent for their records to be shared—but this alone will not bring them within the scope of the Bill. The NDG’s remit extends to all health and adult social care data but purely private bodies are not required to have regard to published guidance.
Placing the National Data Guardian on a statutory footing is important for many reasons. This is a significant time in the history of health and care and it is critical to maintain and strengthen public and patients’ support. People want to know what their data is being used for, who it is being shared with and why. A statutory National Data Guardian will be key in ensuring that citizens’ confidential information is safeguarded securely and used fairly and lawfully. I thank everyone for their help so far and I hope that we can make swift progress with the Bill. I beg to move.
My Lords, I am very pleased to support the Bill. It is a simple Bill, which has been a long time coming. I pay tribute to two friends: Jo Churchill and Dame Fiona Caldicott, both of whom I know extremely well. Dame Fiona Caldicott has been a staunch guardian of the public interest so that patients can have confidence that whenever their data is kept and used, it is secure and used responsibly and transparently. In 1997, after her first review, she established what became known as Caldicott Guardians in every hospital in the land. As somebody who was involved in the use of patient data at that time, I can tell your Lordships that you had to satisfy the Caldicott Guardians—they were no pushover. They were there to make sure that patients’ data was used appropriately and responsibly and that the purpose was clear. It is because of this that all the professional bodies—the royal colleges, the GMC, the researchers and research organisations, and all others—back the Bill.
It is a simple Bill. It is necessary to put on a statutory basis what has been working extremely well on a non-statutory basis. Following the disestablishment of the national governance board, there was no statutory body to be the arbiter and the guardian of patient data. Putting the National Data Guardian on a statutory basis will provide that. As has been laid out clearly and in detail by the noble Baroness, Lady Chisholm, it is there to give guidance and help and to work on behalf of patients and the public so they can have confidence that the data about them or their health is used appropriately and for a clear purpose. This becomes even more important as we go further in using data to develop genomic information to improve healthcare and to develop things such as artificial intelligence for diagnosis. The National Data Guardian will therefore have an extremely important role to play.
I support what the noble Baroness, Lady Chisholm, said: we must not confuse the Bill with taking over any of the role of the Information Commissioner, or, for that matter, the Data Protection Act. This is completely different from them. It is focused on health and care data—how it is used and who is the guardian of that information in the public interest. I strongly support the Bill and hope that we will not hold it up in any way whatever. It would be a great pity if the Bill failed because of some misunderstanding of what it is all about.
My Lords, I too very much welcome the Bill and the way that it was introduced by the noble Baroness, Lady Chisholm, with appropriate detail and clarity, and the speech by the noble Lord, Lord Patel. Like them, I agree that it is important to give the authority of a statutory footing to the National Data Guardian, Dame Fiona Caldicott.
I remind your Lordships of my interests in respect of my part-ownership and administration of a company called xRapid. Without wanting to go into any kind of long advert for its technology, it demonstrates why I am excited by health technology. This particular technology uses an Apple iPhone attached to a microscope to allow diagnostics, such as of malaria. It works in the same way that a laboratory technician does: it recognises what it sees through a microscope and gives a diagnosis. To be able to do that the computer has to be trained, which is done by it looking at a series of images so that it can learn what the parasites look like. That is health data which has to be collected in order for the machine to be trained. But I see the huge social benefit of that technology—in the end, of that data being used—to provide much cheaper and much more accessible and affordable access to diagnostics around the world.
I have huge excitement around the potential for machine learning and other artificial intelligence to be able to spread some significant health benefits. I want that excitement to build and for others to share it but I am also aware of the worries that people have about the privacy of their data. I share those worries, especially about the inferences that can be drawn from data when it may not have been collected for a specific health purpose, as in this case, but is then mashed with data that has been collected with consent for health-related purposes. Inferences and intelligence are then drawn from what is found and analysed.
I was supportive of the Data Protection Act, as it now is, but at the time of its passing I also pointed out the limitations as I saw them, in that it is a consent-based regime. It is very difficult to give consent about information if I do not know that you have it, because you have inferred it from analysing various sources of data that I might not know about. That is why I have previously talked in this House about the need for us to explore mechanisms such as data trusts and a statutory duty of care on technology companies, similar to the duty of care that they have in the physical world in respect of environmental protection or health and safety. In that way, they can then be held to account in a more general way for how the technology is used for social good.
Those concerns are good reasons for our needing a National Data Guardian in respect of health. I had some initial concerns about how that guardian would relate to the regulators but as set out by the noble Baroness, Lady Chisholm, in her speech I am satisfied that there would be a reasonable relationship—one whereby the National Data Guardian issues guidance, and the trusts and other health bodies would adhere to that guidance. If they did not, then it might be referred to the regulator.
I also remind the House of my interest as one of the chief officers at Tes Global, a large education business. I guess that my only question—if the Minister is in a position to answer questions when he responds—would be around the remit of the National Data Guardian. At Tes, we hold all sorts of data on teachers’ behaviour but we do not really hold any for children. I understand from my relationship with education the particular sensitivities that we have around the collection of children’s data: how it is held, who it is shared with and what happens when there are data breaches in respect of children. I am aware that there are 25,000 schools in this country collecting data on a systematic basis, many of which are led by people who are struggling to understand their obligations under the Data Protection Act and GDPR. I think that they would welcome guidance from a National Data Guardian, if such a person had a remit that extended to children and vulnerable adults. If the Minister were able to give any thoughts on it, has any consideration been given to extending the role of the National Data Guardian or finding another body that could perform a similar function in respect of children and vulnerable adults’ data as a whole?
I very much welcome the Bill and hope that it proceeds quickly, as the noble Lord, Lord Patel, said. We should get this on to the statute book quickly so that these protections can be put in place and it becomes part of a range of what has to be ever evolving legislation where we, as policymakers and legislators, are continuously keeping an eye on an ever evolving technological landscape. That will allow us to live in a society which can realise the excitement that I have around health technology and other social technologies, with the confidence of knowing that our rights as individuals in respect of the privacy of our data are being maintained.
My Lords, I refer noble Lords to my registered interests, particularly as founder and chair of the 5Rights Foundation. Like the noble Lords who have already spoken, I very much welcome the Bill. Dame Fiona Caldicott’s role is important and if by putting her guidance on a statutory footing we give it more weight, then that can only be a good thing. I want to raise some things that are not covered in the Bill. I have one substantive point about the value of the data that the NHS holds and a couple of questions for the Minister.
The longitudinal data gathered by the NHS since its inception is one of the most valuable health datasets in the world. Within it lie clues to the next generation of drugs and treatments, and entirely new ways of thinking about prevention, treatment and cure. Equally, the gathering of data across health and social care could revolutionise the provision of services. If we knew the impact of meeting, or failing to meet, the social needs in the community on health outcomes, or could accurately predict the social care resources required for certain health conditions, it could help government to provide the right service at the right time to the right people, most probably at less cost.
While using data to improve health and social care outcomes is an exciting prospect, I believe we need to do it in a way that benefits the NHS and the British people. In 2016, the Royal Free London NHS Foundation Trust allowed DeepMind, an artificial intelligence company owned by Google, to access 1.6 million patient medical records in a trial of its Streams app, which was an alert, diagnosis and detection system for acute kidney injury. Subsequently, the arrangement was found to have been given on an “inappropriate legal basis” that broke data protection laws and revealed swathes of highly personal information without patient consent. The following year, Taunton and Somerset NHS Trust partnered with DeepMind on the very same app. In spite of a freedom of information battle and a data audit done by Linklaters on the instruction of the ICO, we still do not fully understand the financial or IP benefits of this deal to the NHS. But we do know that, earlier this year, DeepMind stated that while it was currently providing its development resources free to the NHS,
“it would determine how much to charge the NHS … later”.
The costs of healthcare have become distorted with drug companies and private providers demanding eye-watering sums from the NHS. I wonder whether this Bill is an opportunity to start redressing the imbalance because, if the national data guardian Bill ensured that the value of the IP that emerges from our health data was properly recognised, that data could, with the consent of the patient, be shared or sold on a basis that that could revolutionise the financing of our struggling health service in the future.
Without a clear mandate, individual trusts with crippling budget deficits may be tempted to commoditise patient data in exchange for cash injections offered by corporations with far deeper pockets. The breakthroughs and advances that patient data makes possible may well then be sold back to the NHS at inflated prices, creating the risk that they will be out of the reach of the very people upon whose data they were built. To understand the value of the data in the NHS, we need only look at the share price of data-rich companies, even those with no revenue. The Secretary of State for Health and Social Care is particularly well placed to understand the value of what we hold. I would love to see the Government use this Bill to give the National Data Guardian a duty to develop binding and enforceable guidelines for the sale and exchange of health data for research and development. Those guidelines should fully reflect the sensitivity of the data and the singular value of the NHS dataset.
In addition to this point, I would like further details about the powers of the National Data Guardian. Will the Minister say what duty health providers have to comply with the National Data Guardian’s guidance and to demonstrate how they have done so? As noted by the shadow Minister in the other place:
“Without a requirement for organisations that receive advice to provide evidence of their response in a way that can be easily disseminated, there is no way we can be sure that the Data Guardian will be effective”,
since,
“to ‘have regard’ to advice does not always mean that they take action in respect of that advice”.—[Official Report, Commons, Health and Social Care (National Data Guardian) Bill Committee, 6/6/18; col. 7.]
If, as has been explained, the purpose of putting the National Data Guardian’s role on a statutory footing is to give it weight, which we all welcome, surely a requirement to prove that the guidance has been acted upon is essential.
In looking at the information about the Bill, I found it hard to establish how the National Data Guardian will decide what guidance is needed. A positive obligation to provide the NDG with information about current data-sharing arrangements through report or audit would enable her to identify and anticipate potential issues and to address them in her guidance. Perhaps the Minister will explain why this obligation does not form part of the Bill.
I understand that children’s health data is covered by the Bill but not children’s social care data because that is covered by the Children and Social Work Act 2017. This carve-out raises the question of how family social care data will be considered, especially with regard to decisions made about one family member that can be made only in full sight of the family’s circumstances. I am sympathetic to the Government’s concern about conflicting guidelines, but the absence of guidance for children’s social care may well create greater conflict than a judicious overlap. The Association of Directors of Children’s Services, the Local Government Association and medConfidential are just some of the many organisations which have said that without children’s social care data in scope the National Data Guardian role is “a risk”, “perverse”, “not sensible” and “not a data guardian”.
The challenge we have about data in the 21st century is about its flow between one environment and another. Its value, beneficial and malign, lies in the fact that it can be amalgamated to reveal patterns of information and create new intellectual property. For that reason, it is frustrating to see children’s data being treated on a sector-by-sector basis. Has the Minister given any thought to how the partial coverage of children in this Bill fits with the Government’s other activities in this area, including the age-appropriate design code, potential outcomes from the Centre for Data Ethics and Innovation and the long-awaited internet safety strategy? Once again, I am afraid, I must put on the record my deep regret that the Government have deliberately chosen to deprioritise children by removing the UK Council for Child Internet Safety’s child focus, which could have served as a single point of expertise to consider children’s needs across all sectors.
I conclude by acknowledging the kindness of the noble Baroness, Lady Chisholm, in discussing the scope and purpose of the Bill in the run-up to today’s debate. I hope that I will receive comprehensive answers on all of these points, if not this morning, then certainly before the Bill progresses.
My Lords, I thank the noble Baroness, Lady Chisholm of Owlpen, for introducing this important little Bill. From these Benches, we support it. Patient data is precious to each and every patient, and it is vital to the success of treatment that it is shared appropriately with those who have care of the patient. As the noble Lord, Lord Patel, said, it is also precious to the NHS as a resource for research into new treatments and for monitoring the effectiveness of existing treatments. As such, it has a value, which raises the ethics of how it is used by the NHS and others. These two aspects of data make it highly desirable that we have a person, backed by an office and adequate resources, who can establish best practice and ensure it happens.
I agree with the noble Lord, Lord Knight of Weymouth, about the importance of knowing that we have proper and accurate data collection to enable us to exploit the enormous potential of artificial intelligence. When I left university more than 50 years ago, I worked at the Christie Hospital reading cervical smears. My job is now done much faster and probably more accurately by a computer, and there are many other opportunities to speed up diagnosis and make it more accurate. That is one of the many reasons why this Bill is needed.
The measures that have been taken over the last few years, since the debacle of care.data, to protect patients’ data and privacy have been very helpful, and I hope this latest step will go a long way to countering the lack of trust in some quarters which followed the data breaches of the past. Fundamentally, to have confidence in the system, patients should be able to know how data about them is used. That is necessary if the NDG is to be meaningful.
Currently, many patients who want to see how data about them is used go to theysolditanyway.com. While it has a very negative title, it is not an official NHS site. The launch of the new NHS app would be a great opportunity for the NHS to make full and accurate information available to every patient. Patients understand how important it is that their data should be shared appropriately between health and care workers who are providing services to them. Indeed, it is highly desirable that all who have care of patients have relevant information on which to act. We have all heard of cases where this has not happened. I hope the Minister will be able to assure us that, with the safeguards that will be in place when this Bill becomes an Act, the quality, capacity and interoperability of IT provision in the NHS and care systems will be up to the job.
However, patients are perhaps less aware of the value of anonymised data to researchers. Without access to it, medical research would be put back a long way. The first figures from the national data opt-out designed by the National Data Guardian are now available. They show that while hundreds of people made a consent choice each month using the online service, thousands of people did it at their GP. The latter option has now been taken away by Department of Health and Social Care. Is this the Government’s idea of a successful digital service? Is it not vital to have an effective public information scheme so that patients understand the issues surrounding their consent, what is being done with their data and how to make their choice? The figures suggest that that has not been done so far, but it is early days.
I hope that when the Bill becomes law the Government will be making an effort to explain to patients how their information is being protected and why they can now have confidence that when they allow their data to be used it will be done in an efficient and ethical manner in the interests of all patients now and in future.
Turning to specifics, I think it is welcome that the NGD may not only issue statutory guidance but provide help and information to assist health and care organisations not just to comply but to achieve excellence in the way they handle patients’ data and any constraints on their use of that data in generating income. Clause 4 provides that the Bill extends to England and Wales only. However, the Bill’s Explanatory Notes state that Clause 1, which provides for the NDG to publish guidance and give advice, information and assistance, applies only in relation to the processing of health and adult social care data in England. Given that health is devolved in Wales, can the Minister please explain this for the record as it has been explained to me behind the scenes?
I turn to the issue of cost. The Explanatory Notes state that the Bill may result in some,
“implementation costs for the bodies and individuals required to have regard to the Data Guardian’s published guidance, in that they will need to review and assess the relevance of the guidance”.
Given that NHS trusts, GPs, local authorities in respect of adult social care and so on are all under financial stress, what is being done to provide for these costs? It is not just a matter of assessing the relevance of the guidance, as the notes say; there may be a need to put in place new systems for ensuring that they are compliant with the guidance, and that also has a cost.
In Committee in another place, Chris Bryant MP made the point that MPs often have confidential information about constituents’ health given to them willingly by the patient when asking for help or making a complaint about their treatment, and that sometimes applies to Peers too. He asked whether the NDG would be able to advise MPs about the handling of this data even though they are not covered by the Bill. The answer from the Minister was not very helpful: she said she hoped health organisations would be open and helpful to their MPs about these issues. That is all very well, but it did not give Mr Bryant the assurance that he was seeking about help and guidance for Members, so can the Minister do so now?
Having asked these various questions, I assure the Minister that we on these Benches are very supportive of this mainly uncontroversial Bill.
My Lords, I pay tribute to the noble Baroness, Lady Chisholm, for bringing the Bill before us today. I join her and others in paying tribute to Dame Fiona Caldicott. The Bill has the support of these Benches.
The purpose of the Bill, as noble Lords have said, is to establish a statutory footing for the National Data Guardian for Health and Social Care. This role is responsible for providing advice and guidance to all the relevant parties regarding the processing of health and adult social care data in England. I agree with other noble Lords that the NDG is vital in helping to ensure that confidential health and care data is used and shared appropriately, upholding and protecting high standards for medical confidentiality. As the noble Lord, Lord Patel, said, it is very important that the organisation that is already providing this crucial function has wended its way into this position. We welcome the fact that that is to be recognised in statute.
As noble Lords know, the Information Commissioner’s Office is the regulator for compliance with the general data protection regulation and the Data Protection Act, but there is no equivalent national regulator for the confidentiality of personal healthcare data—information provided by a patient to a healthcare professional for the purposes of receiving care or treatment—despite significant public interest in maintaining a confidential healthcare service. We on these Benches support the creation of a statutory basis for the National Data Guardian’s role, given the hugely important role that it plays in this area. I thank noble Lords and the National Data Guardian for the consultation and discussions that all stakeholders have been able to take part in in preparation for the Bill. We have appreciated that.
That is in sharp contrast to the conduct regarding the Mental Capacity Bill. If I might swerve slightly for a moment, I was shocked to learn that the Minister and his colleagues have rejected a freedom of information request about the consultation that they carried out before the Mental Capacity Bill was introduced to the House, which was also in sharp contrast to the level of transparency and consultation by the Law Commission when it looked at mental capacity. I feel I need to say to the Minister that he really could learn a few things about how to manage complex policy issues from the National Data Guardian and indeed the Law Commission.
I return to the Bill. The circuitous route to get here, which was mentioned by the noble Lord, Lord Patel, has actually been beneficial to where we have ended up and what we have before us. I welcome the fact that the Bill includes the social care data and the importance of protecting patients’ data wherever they find themselves in the health and social care system. I echo and agree with my noble friend Lord Knight’s remarks and questions, and I share his excitement about the use of data and the benefits that it can bring to patients and their families.
I have received a briefing from the National AIDS Trust. I do not wish to delay the Bill but I think this briefing raises some important points about it. The National AIDS Trust agrees with the rest of us in strongly welcoming and supporting the Bill. Given that HIV stigma and discrimination are still prevalent in society, people living with HIV need to be assured that appropriate protections around confidentiality are in place when they access health and social care services. Indeed, the NDG herself has proved to be an invaluable source of expertise and advice when it comes to the health and social care system maintaining that essential balance between confidentiality and communication for this group.
The concern that the trust wants me to raise on its behalf is that in Clause 1 the Bill provides for a legal duty on relevant public bodies to have regard to guidance published by the NDG,
“about the processing of adult health and social care data in England”.
In Clause 2, “Interpretation”, “health and social care data” is defined. The NAT’s concern is that this definition of health and social care data could be interpreted to exclude non-clinical, demographic data that relates to an individual—for example, home address and family details—from the scope of the NDG’s guidance. Individuals do not distinguish between the kinds of information that they provide to health and social care services and, of course, expect all their information to be treated confidentially. Polling undertaken by NHS Digital recently found that the general public consider it as important that the NHS keeps their address confidential as their clinical information. I would be grateful if the Minister could give a clear assurance that the wording of the Bill, particularly at Clause 2(6), includes within the scope of health and social care data, and thus of the National Data Guardian’s guidance, all data, including non-clinical data, held on individuals by health and social care bodies.
The National AIDS Trust talked about asking to have the Bill amended. That is almost certainly not necessary but I would like the assurance that it seeks. I would also like to be assured that the definition, and the clarity that is required in regulation, is there. This is one of those Bills where the regulations are going to be very important. I hope the Minister will be able to assure the House that, when the regulations are drafted, a proper consultation, including with Members here who have expressed an interest, takes place.
Finally, I entirely agree with the noble Baroness, Lady Kidron, about the value of NHS data. It is of value to patients and families, but it is also hugely valuable to organisations that want to exploit it and, if they do so, that should be for the benefit of the NHS, not for private benefit. I suspect that the Bill is not the place to solve that problem, but the noble Baroness was absolutely right to put that issue on the record. We had a very good debate a few weeks ago about precisely this matter, which a group of us wants to discuss with the Government on a cross-party basis: how we ensure that the nation as a whole benefits from the fantastic NHS database that we have in this country because our NHS has existed for so long. It should benefit not only us but the whole world. I also echo the noble Baroness’s question about PALS and children.
Noble Lords on these Benches absolutely support the Bill. We welcome it, we want it to speed through the House, and we look forward to the discussions that we probably need between now and its final stages.
My Lords, it has been with great interest and pleasure that I have listened to the discussion on this important Bill, introduced by my noble friend Lady Chisholm, and I speak on behalf of the Government in support of it here today. I join other noble Lords in congratulating my honourable friend Jo Churchill on her efforts in introducing the original Private Member’s Bill and on being a mainstay in keeping attention on it after it fell at the last election; my honourable friend Peter Bone, who has worked closely with Jo and many others in the other place to get the Bill to this point; and my noble friend Lady Chisholm on introducing it so lucidly and bringing to life the importance of its provisions.
I also join other noble Lords in recognising the enormous contribution that Dame Fiona Caldicott has made to the area of data safety and security in the health and care service. As the noble Lord, Lord Patel, pointed out, over many years she has had a profoundly positive impact in this area. The Bill’s purpose, and in some ways its genesis, rests on her work and desire to put the issue even more front and centre than it is today. I thank her profoundly for that.
At the heart of our discussion today is maintaining and strengthening the public’s trust in the appropriate and effective use of health and social care data. The interests of patients and the public are at the heart of this Bill and the reason why it is such an important piece of legislation. As we reflect on it, I think it is important to bear in mind two truths. The first is that the NHS remains the most trusted institution in the country for holding and using data. That was confirmed by recent research by KPMG. The second is that in England, we have a world-class, comprehensive health system offering a unique opportunity to bring together an unrivalled, diverse, longitudinal dataset on the health and care of more than 55 million people. Let me be clear: we need to protect the first truth, otherwise we will not realise the extraordinary benefits provided by the latter. Giving the NDG a statutory footing is an important part of realising the same, because we will underpin the trust we need to deliver the healthcare transformation that we all want to achieve.
As the noble Baroness, Lady Kidron, and the noble Lord, Lord Knight, pointed out, the potential gains in front of us from the digital revolution are enormous: improving outcomes for patients, making the health system safer and more efficient, and improving research so that patients benefit more quickly from medical breakthroughs. To secure these benefits, we need to appreciate and act on people’s concerns about how their data is used, who it is shared with and whether that is lawful. People want to understand, and have more control over, how their data is collected and used, and to see the benefits being realised for themselves, other patients and the health system more widely.
The noble Baroness, Lady Kidron, makes an excellent point about the value of data and points out some of the concerning behaviour that we have seen in recent history. I agree with the noble Baroness, Lady Thornton, that the Bill is not the right place to deal with those issues, but there is a concerted effort—heavily influenced by the NDG—going into what is the proper way to value the NHS data asset and then realise that value in a fair way that maintains the public’s confidence. We had a fantastic debate instigated by the noble Lord, Lord Freyberg, about six weeks ago on that topic. In that time, we have published a new code of conduct on data driven technologies, and there will be much more to come. I look forward to working with the noble Baroness on developing that.
As the noble Baroness, Lady Walmsley, reminded us, the ghost of care.data is always present at this feast. Experience tells us that public confidence in the Government’s ability to hold, share and use data cannot be taken for granted. If data and information are to be used effectively and their great potential unlocked, we need to strengthen the public’s confidence in the safeguards in place to protect it from inappropriate use. Of course, this is a time of great technological change, and new uses of data are transforming the type of care that is possible to deliver. There are exciting government initiatives to make the best of this opportunity: local health and care records, global digital exemplars and digital innovation hubs. Meanwhile, academics, clinicians and life sciences companies of the kind mentioned by the noble Lord, Lord Knight, are developing pioneering digital therapies and algorithms that will utterly transform healthcare in the years ahead.
Last week, the Government published the Secretary of State’s new vision and a standards document on the future of healthcare, describing a more tech-driven NHS so that the health and care system can make the best use of technology to support preventive, predictive and personalised care.
The potential is here today, but to fully enjoy its fruits, we need to put in place a bedrock of reassurance. That means improving cybersecurity, as well as clear rules around privacy and data sharing. The National Data Guardian is an essential stratum in this bedrock. It is one safeguard that we already have in place to ensure that the interests of the patient are front and centre of all our deliberations about the best way for the NHS and the UK economy to make the most of those innovations.
Let me be clear, if I have not been already, that the Government strongly support the Bill. As my noble friend Lady Chisholm pointed out, it was a manifesto commitment of my party at the election. By supporting the Bill and putting the NDG on a statutory footing, we are playing our role in ensuring that it has the powers needed to make an even more positive contribution in future, allowing the office to effectively advise and challenge the healthcare system. As such, it represents a significant moment in our efforts to maintain and strengthen the public’s trust in the proper use of health and care data.
The Government want the Bill to succeed. I am confident that it will achieve the aims that my noble friend Lady Chisholm set out. The NDG will, as it has to date, work in concert with the Information Commissioner. There has consistently been cross-party support for the Bill, which I welcome in our debate today, as well as support from professional organisations within the health and care sector, as the noble Lord, Lord Patel, reminded us. I hope that it will make swift progress through its remaining stages.
Let me just deal with some of the questions raised today and, I hope, provide the reassurance that noble Lords are looking for. The noble Baroness, Lady Thornton, asked about demographic data. I can confirm to her that where issues surrounding demographic data have the potential to impact on or form part of the processing of health and adult social care data, this would fall within the NDG’s statutory remit and it would be able to publish formal statutory guidance on the topic, with organisations having a corresponding legal duty to have regard to that guidance. I hope that that provides the reassurance that she was looking for.
The noble Lord, Lord Knight, and the noble Baroness, Lady Kidron, asked about children’s social care data. Children’s health data is of course covered in the remit. The reason that their social care data is not is that it has its own safeguards and protections which operate within a different legal framework and is governed by its own statutory guidance. However, I can tell noble Lords that my department and the Department for Education have reached a sensible interpretation of the Bill which would not preclude the National Data Guardian engaging constructively with the DfE on adult social care data and its interaction with or effect on children’s social care data. There has been an exchange of letters between the departments to formalise this agreement. I am happy to provide more reassurance on that front, but what I can say now is that this relationship is already being developed and we are finding a sensible way to interpret the powers within existing regulatory frameworks to make sure that there is a much more joined-up system. I should also mention that the Department of Health and Social Care is working closely with the Home Office on its online harms White Paper so, again, we are making sure that there is a cross-government approach to dealing with this issue.
I will just quickly deal with some of the other issues that have been raised. The noble Baroness, Lady Kidron, asked about the duty of health providers. They have a duty to have regard to this statutory guidance, but this is of course the sort of thing that is inspected by the CQC and NHSI. It is worth pointing out that when the National Data Guardian provided her feedback on the WannaCry attack, it directly led to 10 data standards that are now embedded in the NHS contracts, so that gives you a sense of the kind of response that the system has to the high-quality advice that comes from the National Data Guardian when there are problems. I confirm to the noble Baroness that it will be up to the National Data Guardian to decide on her priorities.
The noble Baroness, Lady Walmsley, asked about the national data opt-out. I tell her that we ran an extensive public campaign in May, which has continued from then. It is now much easier to opt out oneself rather than, as she pointed out, having to go through GPs as in the past, which not all GPs were wild about, it has to be said. Nevertheless, the service is in a public beta at the moment, so we are honing and improving it and are always keen to have feedback. One thing that I found reassuring about the introduction of the new single data opt-out is that we have seen people who have previously opted out who are now opting back in. I find that rather encouraging; it is quite a good metric of whether we are doing the right thing. I therefore think that there is some cause for encouragement but I of course take the noble Baroness’s advice seriously.
In terms of how this relates to Wales, it will be up to the Welsh Government to implement with the same statutory force that the NDG will have in England, because health and care are devolved issues. That is something that the noble Baroness may be keen to impress upon the Welsh Government.
On the costs of implementation, all authorities have a responsibility to take standards into account—that is part of their normal, everyday life—but I should point out that there are major investments going into the IT space in health and care. For example, a big investment, which was centrally funded, has gone into replacing unsupported IT systems following the WannaCry attack. So there is central funding support for some of these changes.
Helpful advice and guidance is something that I would need to speak to Dame Fiona about personally. I am sure that she would be willing to provide it; it is certainly within her ability to do so and she is not precluded from that.
To conclude, I hope that I have been able to reassure all noble Lords that the Government take seriously and are dealing with the points that they have raised. This Bill is an essential building block in the foundation of trust that we need to have in this country in order to make sure that the public are with us on this extraordinary technological journey that we are on at the moment, which will transform the way that we deliver health and care and will deliver radically better health outcomes for patients. That is something that I am sure we all want to see. I close by once again thanking my noble friend Lady Chisholm for introducing this Bill. I look forward to its swift passage through this House.
My Lords, I thank noble Lords for their contributions today and support for this Bill. I must say, my life this morning has been made much easier, because my noble friend the Minister has answered all the questions raised, which I thought I was going to have to do. I feel that I have got off rather lightly, and he has done it so much better than I could have.
The NDG Bill is significant at a time when we must ensure that we maintain and strengthen public/patient support on the use of data for health and social care. As your Lordships know, it is in the greater use of technology and the integration of health and social care that the future of healthcare lies. I look forward to continuing dialogue with your Lordships as the Bill progresses. I ask the House to give the Bill a Second Reading and beg to move.
(5 years, 11 months ago)
Lords ChamberMy Lords, I understand that no amendments have been set down to this Bill and that no noble Lord has indicated a wish to move a manuscript amendment or to speak in Committee. Unless, therefore, any noble Lord objects, I beg to move that the order of commitment be discharged.
(5 years, 11 months ago)
Lords ChamberMy Lords, in moving that the Bill do now pass, I express my gratitude to all noble Lords for their interest in the Bill. I want particularly to thank the noble Baronesses, Lady Thornton, Lady Walmsley and Lady Kidron, and the noble Lords, Lord Patel and Lord Knight of Weymouth. Extended thanks must also go to my honourable friends in the other place, Jo Churchill, who introduced this Bill, and Peter Bone, its recent sponsor. My life was made a great deal easier during the passage of the Bill by the excellent work of the Bill team, and the continual assistance of the Minister, my noble friend Lord O’Shaughnessy, along with that of the Department of Health and Social Care. Before I sit down, I must also mention and thank the current National Data Guardian, Dame Fiona Caldicott, who has contributed so much to work in this area. I beg to move.
My Lords, I join my noble friend briefly in congratulating all those involved in the passage of the Bill. I also extend my thanks to her for her sterling work in raising this issue. The Government strongly support the passage of this Bill and we hope it will achieve Royal Assent swiftly. With the permission of the House, I need to clarify an important point raised at Second Reading on demographic data. I have laid a letter on this subject before the House as a more extended account.
The role of the National Data Guardian is, first and foremost, about good practice in supporting organisations and individuals who process health and adult social care data. The Bill is drafted widely to allow the NDG to issue guidance about the processing of health and adult social care data. This should be interpreted broadly and would allow for the NDG to produce guidance on issues that impact on the processing of health and adult social care data. This would include, for example, good practice in security standards for storing health and adult social care data. This is an example of where guidance is not strictly focussed on health and social data itself, but about the processes and issues that could impact it. Almost anything that should be taken into account when processing health and adult social care data—or which broadly has the potential to impact, affect or influence that processing—would fall within the scope of that definition. With that clarification, I hope we will be able to move forward and that noble Lords will support this Bill. I once again thank my noble friend and congratulate her on her sterling effort.
(5 years, 11 months ago)
Lords Chamber