The digitisation of the health environment has led to a proliferation of data sources, which in turn created huge NHS ‘data lakes’. These sources of Big Data could be utilised for the next big medical breakthrough, allowing academic and pharmacological research to identify new drugs, or even treatment methodologies. Equally, such data would be valuable to drug companies, therefore monetising this data could provide much needed funding for the NHS.

However, currently this Big Data is rarely used, being kept safe to protect the patients from whence it came, with good reason as the Data Protection Act 2018, and its precursor the General Data Protection Regulations (GDPR), hold the NHS as legally responsible from maintaining the confidentiality of this information.

The dilemma is how to use the data to improve medical outcomes for the masses, whilst not identifying the individual. Many attempts have been made to anonymise patient record data, however it is recognised that by cross referencing data sources it can be all too easy to reduce the probability of re-identification to unacceptable levels.

The use of Big Data analysis to focus on prevention thereby reducing the number of acute interventions, was highlighted by Peter Knight, Chief Information and Digital Officer at Oxford University Hospitals NHS Trust, at the Westminster Health Forum earlier this year.

‘Big data is key to the future of the NHS.’ he said. ‘It will give us the evidence-base to make significant changes. Data science is developing in the UK as a whole, and we need to seize the opportunity.’ Equally automation of data analysis holds potentially huge diagnostic potential, for example, a sensor-based home sputum test for cystic fibrosis patients is able to spot the early signs of a lung infection up to 15 days before clinical symptoms become apparent.

All these positive examples of improving medical practice need to be balanced against the potential for misuse, such as the UK Government's Care Data system which was launched in 2014 but cancelled in 2016 after an investigation found that drug and insurance companies were able to buy information on patients’ mental health conditions, diseases and smoking habits. It is obviously a complex issue, however resolving this conundrum would have considerable positive impacts for patients, the NHS and the private sector that support them.

The issue is that data protection affects us all, but the tools to solve this conundrum are available. Great strides have been made recently by the UK Government to clarify best practice and setting up both the Information Commissioners Office and the National Cyber Security Centre.

With the regulatory boundaries now set, is it now time for the private sector to step up and provide some pragmatic solutions? We think it is.