NHS: Technology

(asked on 13th May 2020) - View Source

Question to the Department of Health and Social Care:

To ask Her Majesty's Government what safeguards to individual privacy they are putting in place in respect of the use of personal data, applications and other forms of technology to help stop the spread of COVID-19.


Answered by
Lord Bethell Portrait
Lord Bethell
This question was answered on 20th May 2020

We have worked rigorously to make the app as privacy-conscious as possible, only collecting the data necessary to fulfil its epidemiological purpose and save lives. Existing law and National Health Service standards set out a framework of protective measures which ensure that user data remains secure and confidential and that the app is legally compliant. These standards include those set out within the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 in cases where data is provided that might identify an individual. The details of how an individual’s data will be used and how the requirements of GDPR and the European Convention on Human Rights apply have been set out in the Privacy Notice and the Data Protection Impact Assessment but these include that data sharing will always be proportionate and the collected data will be minimised. The key security and privacy designs of the app have been published, along with the source code, and we have welcomed scrutiny from experts at the National Cyber Security Centre, our independent Ethics Advisory Board, the Information Commissioner’s Office, and security researchers and ethicists from industry.

Reticulating Splines