There is currently much excitement about the opportunities for maximising the benefit of NHS data and utilising technology. We have advised on a number of CCG-led information sharing projects designed to unlock both a holistic patient record across primary and secondary care, including mental health, as well as social care, but also population health management to derive meaningful data to better risk stratify and plan services. There are clear potential benefits to providers who may collaborate with technology companies directly, commissioners who have a more strategic opportunity to implement technology-based solutions across a broader region and, ultimately, patients who will receive more timely, holistic care.

This positivity is, however, to some extent tempered by the steady flow of news articles which raise concern about private sector access to NHS patient data, such as the recent suggestion that supposedly anonymised data shared with pharmaceutical companies may not have been sufficiently de-identified. As a result it is a good time to take stock from a commissioning perspective as to the potential benefits and pitfalls of commissioning medical technology, which this article aims to do by drawing together some of the key recent policy developments and our experience. It is, inevitably, a very complicated area and so this is designed to be a high level summary only.

The Secretary of State for Health and Social Care has consistently affirmed his commitment to embracing medical technology within the NHS, as exemplified by his recent announcement at the Parliament and HealthTech Conference of a £140million artificial intelligence fund which will be run by the Accelerated Access Collaborative and will provide funding to companies who apply and satisfy the relevant criteria. However, a report from the Medical Technology Group in January 2020, albeit welcoming the Secretary's ongoing commitments to technology, suggested that there needs to be more sustained efforts from central government to embed a culture of innovation which drives the adoption of new technology. The lack of national clarity as to the fundamentals of the framework within which commissioners and providers should operate is certainly a recurring theme from our discussions with client across the health sector.

It is also a prominent theme in the Institute of Global Health Innovation's recent report on maximising the benefit of NHS data for patients , as exemplified by some of the recommendations it made:

  • The ICO should urgently consider issuing NHS-specific guidance about data sharing in the NHS; and
  • There needs to be a transparent public debate about clear rules for data access by research organisations in the private sector, followed by the establishment of clear rules;

This demonstrates the lack of consensus as to the consistent approach which those in the NHS should adopt in respect of patient data and technology, but also the lack of understanding as to the patient's perspective – particularly in respect of collaborations with the private sector. The concept of reasonable expectations is one which the National Data Guardian has always championed, and we expect that this will become a more prominent consideration as the use of NHS data develops.

This broad policy position demonstrates that there is considerable agreement that the value of NHS data, and the use of medical technology more generally, should be maximised as much as possible, particularly in light of the opportunity to significantly improve patient care. The Topol review gave an insight into the benefits we have already seen from data-driven technology, such as the Electronic Frailty Index to locally identify elderly people at risk of adverse health outcomes, and the developments in the use of AI to interpret medical images. Notwithstanding the clear consensus and excitement about embracing technology, there is considerably less agreement as to the core and essential governance requirements to get this done in a legally and ethically robust manner.

From a practical perspective of advising on a number of health technology collaborations and regional information sharing projects across the country, focus on the following from the outset is essential:

  • Understanding the patient perspective, and the communications which will be needed in order to ensure trust and transparency;
  • The contractual governance required to satisfy the requirements of the GDPR / DPA 2018, including consideration as to the roles being played by the commissioners of technology;
  • The specific patient data actually required for the purpose in question, and how much data is needed; and
  • Engagement with key stakeholders, for example GPs and other providers, early in the process to understand and clarify risk appetite across the health economy, in turn enabling providers to fully maximise opportunities.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.