Birmingham NHS trust passes medical data to Telefonica without patient consent

The data was anonymised and used to train Telefonica's mental health predicting AI

Another NHS trust has apparently handed over medical data to a tech company without first asking patients. 

According to a report in the Times, Birmingham and Solihull Mental Health NHS Foundation Trust gave Telefonica access to five years of medical records. The data was anonymised, with names and addresses removed, but patient consent was not sought. 

The aim of the Telefonica project is to use an algorithm to spot when patients need mental health interventions, predicting if they will go into crisis in the next four weeks.

The report said initial trials on 25 users showed it "adding value to clinical care" but also returning many false positives, adding to doctors' workloads unnecessarily. 

So far, the Spanish tech giant has only used historical data, presumably for training its algorithm before it was used to make predictions on the 25 users for the test.

Related Resource

Your guide to overcoming Brexit's data management challenges

Understand Brexit and the data law modifications it may cause

Download now

"The healthcare data does not leave NHS servers and is not used by Telefonica for any reason outside of the pilot," it said in a statement to the Times

The project is in early stages, and for the second stage there are plans to incorporate phone data, such as location and message records, according to a Health Services Journal report from last year

For the second stage of the project, the trust will be asking the Information Commissioner's Office for advice before moving forward — it's unclear why the trust did not check in with the data watchdog before the initial trial. Patients will be able to opt-out of future work, but again, it's unclear why they weren't notified and asked for consent for the first stage of the project. 

The ICO has been approached for comment but has yet to respond. 

AI is increasingly being used in healthcare, with algorithms trained to spot different types of cancer from radiology images but also beginning to shift towards supporting diagnosis. However, the AI needs to be trained on data, hence such companies turning to the NHS.

Back in 2016, Google-owned DeepMind sparked a scandal with a kidney illness prediction app it developed using data from the Royal Free Hospital Trust. Patient consent wasn't sought, which the ICO subsequently deemed broke data protection laws

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
HPE wins networking contract with Birmingham 2022 Commonwealth Games
Network & Internet

HPE wins networking contract with Birmingham 2022 Commonwealth Games

15 Oct 2021
What is cyber warfare?
Security

What is cyber warfare?

15 Oct 2021