Health and Social Care (National Data Guardian) Bill Debate
Full Debate: Read Full DebateChristopher Chope
Main Page: Christopher Chope (Conservative - Christchurch)Department Debates - View all Christopher Chope's debates with the Department of Health and Social Care
(6 years, 5 months ago)
Public Bill CommitteesIt is a great pleasure to serve under your chairmanship, Dame Cheryl. I welcome the Minister and shadow Minister to the Committee.
The purpose of the Bill is to put on to a statutory footing the office of the National Data Guardian for Health and Social Care, and to promote the provision of advice and guidance about the processing of health and adult social care data in England. It would be remiss of me not to mention the work of my hon. Friend the Member for Bury St Edmunds (Jo Churchill): she has worked hard for a long time to establish the position of the National Data Guardian for Health and Social Care, and her perseverance and tenacity have ensured that we are on track to deliver it.
I thank the Minister and shadow Minister for their help and support with the Bill—and special thanks, of course, go to Dame Fiona Caldicott, who has pioneered the work on ensuring that the NHS handles data properly. She has been very helpful to me in the preparation of the Bill.
Clause 1 creates the Office of the National Data Guardian for Health and Social Care, referred to in the Bill as the “Data Guardian”. It makes general provisions about the Data Guardian’s functions and the way in which they are to be carried out. Subsection (2) empowers the Data Guardian to publish guidance about the processing of health and adult social care data in England. I should like to make it clear that it also covers public health data.
Subsection (3) imposes a duty on certain organisations and individuals to have regard to the National Data Guardian’s published guidance. Comment has been made as to why the Secretary of State is not included in the list. However, the Department of Health and Social Care is already included in the definition of those who have to have regard to the National Data Guardian’s advice, so it would be superfluous to include the Secretary of State.
Subsections (4), (5) and (6) cover requirements in relation to the Data Guardian’s published guidance. Those subsections are intended to keep the guidance relevant over time and, if necessary, updated to reflect new evidence. It has been suggested that subsection (5) should add an obligation that organisations and individuals that process health and social care data should provide the Data Guardian with appropriate information. I argue that that would create a duplication of the remit of regulators that already exist in those sectors. The Data Guardian’s role is as an advocate for the patient and the public, to build and maintain public trust. The role is as much about supporting individuals and organisations to get it right first time as it is about commenting, advising and providing guidance. It is not the intention of this Bill to create another regulator, but that the National Data Guardian should work with the Information Commissioner’s Office and the Care Quality Commission.
It has also been suggested that subsection (6) should add a duty that all data controllers and their data processors must publish their response to all advice issued. That would be extremely burdensome on those organisations and individuals, and it would be toothless without sanctions. Accountability should be assessed through actions, not written responses; the existing regulators would be able to assess the adherence to guidance and would cite the National Data Guardian during any investigation.
Clause 1(7) allows the Data Guardian to give informal advice, assistance and information to anyone, as long as it is about or relates to the processing of health and adult social care data in England. Clause 1(8) gives the Data Guardian flexibility in how far any particular piece of advice, assistance, information or guidance may be extended. The effect is to clarify that the Data Guardian can publish guidance and give advice on specific topics or themes, and can target it to certain organisations, individuals or sectors as appropriate. Clause 1(9) provides that the duty to have regard to the Data Guardian’s published guidance applies only in so far as the guidance is relevant to the functions or services of the body or person.
Clause 1(10) introduces schedule 1 to the Bill. As clause 1 and schedule 1 are being debated together, I will make some brief comments on schedule 1. The schedule makes further provision for the establishment, maintenance and operation of the Office of the Data Guardian. It sets out the Data Guardian’s terms of appointment and covers a broad range of matters related to the Office of the Data Guardian. It includes its constitution, its financial and reporting framework, and how members of staff and advisers are reported and remunerated. I draw the Committee’s attention to paragraph 15 of schedule 1, which provides that the Secretary of State must pay to the Data Guardian the amount that he considers appropriate for the purpose of enabling the Data Guardian to carry out his or her functions.
The Committee will be aware that there was some debate about the cost during the money resolution debate. I thank hon. Members who are here today and those who took part in the debate. I want to make clear that, although the estimated cost is £725,000 per year, that is only an additional £225,000 per year and relates to putting the Data Guardian on a statutory footing. As the Committee will know, there is already a Data Guardian, which costs £500,000; we are just putting this on a statutory footing and saying it is the right thing to do.
I congratulate my hon. Friend on having got his Bill so far. On the costs, the Data Guardian will basically be indemnified for the costs incurred, yet I see that the Data Guardian will have enormous flexibility to publish and give as much guidance or advice as they wish. Surely the Data Guardian could, by giving a lot more advice and guidance over which there is no control, result in significantly increased costs for the public sector?
I am grateful for my hon. Friend’s intervention and the fact that he is on the Committee; I know that all Committees welcome his membership.
The reason why we have a Data Guardian is to provide safeguarding and to make sure that the data is handled properly. Those costs can only be estimated; as my hon. Friend says, they could be more or less, depending on the requirements. That is exactly why we need a guardian. I would like the costs to be minimal, because that means that we are handling the guardian properly. But if there needs to be more, because there is a requirement to do more, there will be more cost.
Does my hon. Friend know of any case where a regulator given powers by Parliament has chosen to reduce the amount of powers that are used? Surely, the natural thing is for regulators to increase their activity, using the powers to the maximum and thereby increasing the costs.
I agree, but what we are not doing today is creating a regulator; I would not be likely to propose a Bill to create a regulator. The Data Guardian already exists and it is not a regulator—I specifically said that in my opening remarks. Although it is probably true that regulators do that, that is not what I expect to happen with the National Data Guardian.
It may well be a standard clause, but such clauses are often abused by the Government. For example, Parliament passed a measure to outlaw exit payments for public sector workers in the Enterprise Act 2016. We are still waiting for the regulations under that primary legislation to be introduced. The Government now say that they will have to consult on them. Effectively, what Parliament thought was happening—the limiting of public sector exit payments—has not happened.
The Bill is supported across the House, as the measure I have mentioned was. I should be grateful for some indication from the Minister of when the Government will implement it. It could be delayed by the Government by means of the regulation-making powers in the clause; or by the Government’s not appointing the Data Guardian. There are other ways in which it could be delayed, and if we take the past as a guide to the future we should be suspicious of the Government when they are not prepared to include in the Bill a commitment for it to commence on a given date.
Christchurch and Rhondda speak as one, in a uniting of the Christophers, something that will not, I think, happen very often. It is a serious point; I understand that such clauses are a frequently used means of tidying up the process of a Bill coming into force. However, it adds cost, because the Government must go through an additional process; and frankly there is no reason why we should not just put in a date and tell the Government to get their act together—because everyone supports the measure.
I hope—I am sure—that the Minister will now say, “We intend to do it as soon as practicable after the Bill has been through both Houses,” and all the rest of it; but it would be better for the date to be in the Bill, because then she would not have to do anything later, and, to use a valleys word, it would be tidy. Let us be tidy.
Tempted as I am to engage in debate on the abuse or otherwise of statutory instruments, I prefer not to go down that road. Suffice it to say, we should put provisions into action only once they are tidy, to use the term suggested by the hon. Member for Rhondda. We should be governed by the integrity of the rules we pass rather than by speed, but I can confirm that it is the Government’s desire to implement the Bill, which we fully support, as soon as practicable. Clearly, we already have a National Data Guardian; the Bill would just put it on a statutory footing. It is in all our interests that we do that as soon as possible, so the Government are content with the clause.
Will the Minister assure us that she will take personal charge of ensuring that the Bill is brought forward quickly? To go back to the example I quoted earlier, I had a meeting with the Chief Secretary to the Treasury and pointed out to her that one of the reasons there was a delay in implementing regulations was that civil servants did not have their heart in it and did not give it sufficient priority. The only way of ensuring that the civil servants in the Minister’s Department deliver on the wishes of the Committee and the House is for her to take charge and deliver. Will she ensure that the Bill is commenced before the end of this calendar year?
I completely agree with everything my hon. Friend says. It is Ministers’ responsibility to ensure that the decisions made by Parliament are actioned as promptly and effectively as possible. I know him well enough to be sure that he will hold me to account on exactly that basis if he does not feel the Bill comes forward quickly enough. I would like to see it commenced by the end of the year, and I will work with my officials to ensure that that is the case. If we cannot achieve that, I will give him an explanation.