Palantir: Databases

Department of Health and Social Care written question – answered on 3 April 2023.

Alert me about debates like this

Photo of Baroness Merron Baroness Merron Opposition Whip (Lords), Shadow Spokesperson (Health and Social Care), Shadow Spokesperson (Culture, Media and Sport)

To ask His Majesty's Government, further to NHS England’s instruction to hospitals to use Palantir’s Faster Data Flows database, what safeguards they will put in place to protect patient privacy.

Photo of Lord Markham Lord Markham The Parliamentary Under-Secretary for Health and Social Care

All uses of data by the National Health Service must be ethical, for the public good, and comply with data protection law. This means there must always be a valid lawful basis for the collection and processing of personal information as defined under data protection legislation. Palantir only operates under the instruction of NHS England when processing data on the Foundry platform and does not have access to data, identifiable or otherwise, held within the Foundry platform instances licensed to NHS England nor are they permitted to use or share it for their own purposes.

NHS England will only share de-identified data with internal NHS England data analysts, integrated care boards and the NHS Providers that provided the data. De-identification practices mean that personal identifiers are removed from datasets to protect patient confidentiality. This includes techniques such as aggregation, anonymisation, and pseudonymisation. The level of de-identification applied to data may vary based on user roles and requirements for accessing the data. This is in line with guidance from the Information Commissioner’s Office as well as the General Data Protection Regulation.

Does this answer the above question?

Yes1 person thinks so

No0 people think not

Would you like to ask a question like this yourself? Use our Freedom of Information site.