Would you trust Google with your health?
- Reduce text size Decrease text size
- Increase text size Increase text size
- Print article Print
- Jump to comments Comment
- Share this article Share
- Email article to a friend Email
A Tory think tank believes companies such as Google and Microsoft could be entrusted with public healthcare data
After numerous embarrassing and high-profile government data breaches, the UK public has little faith in the public sector to look after personal information safely and securely.
But would they feel any more secure if that data were in the hands of giant web companies such as Google or Microsoft?
In June 2009, a report entitled “It’s ours: Why we, not the government, must own our data” was published by the Centre for Policy Studies, a right-wing think tank cofounded by Margaret Thatcher in 1974. And according to The Times newspaper the report, which introduces the topic of data handling to the classic private versus public debate, struck a chord with senior members of the Conservative party.
The thrust of the argument is that not only has the government proved itself to be incompetent and inefficient when it comes to large IT projects, it’s ownership of owns so much of the public’s personal data is also a threat to civil liberties.
The report recommends, therefore, that the government should “abandon expensive and failing centralised IT projects and yield control of personal information to individual citizens.” In practice, this would mean that the public’s data is entrusted to private organisations.
The report provides an illustrative example of how this might work: “The individual citizen could, if he or she so chose, use services such as [Microsoft’s online health information tool] HealthVault or Google Health to store their health records and to communicate with their GP or hospital,” it says. “This would eliminate the need for the NHS database.”
There are merits to the argument. The scale of such companies allows them to achieve much greater efficiency in data handling, which should translate to lower costs, as should the introduction of competition.
However, some would argue that these companies are naturally inclined to exploit their information assets for profit, and that this poses a greater threat to civil liberties than government surveillance.
Then again, it can be argued, private organisations already run most ‘public’ IT systems, albeit under contract. The links between the giants of Silicon Valley and the present leadership of the Conservative party, odds-on favourites to win the next general election, are such that Fraser Nelson, political editor of the Spectator magazine, recently dubbed them the ‘California Tories’.
It is reasonable, therefore, to expect to see some big web brands cropping up in public life soon.
François Bourdoncle, co-founder and chief strategist of search technology vendor Exalead, argues that public data should not be trusted with the giants of IT and the web
"Google's expertise is not in corporate IT and neither is Microsoft an expert in the web technology of the sort required. What’s needed is neither a £12bn central spine, nor a cloud-sourced arrangement, as is being proposed. This might be subsidised by vendors at first, but will have unpredictable, and potentially tremendous costs down the line, putting your data in a single contractor’s hands.
There is, however, a third way. The answer is an open platform, operated by a neutral partner, with a simple, solid, scalable web-based architecture, and most of all, open standards. This will mean a more robust system that cannot be held to ransom by a monopoly-minded vendor."
Susan Hall, commercial partner at law firm Cobbetts LLP, says that legal concerns could prevent US companies from controlling UK public data
"The contract to hold NHS health records would be a multimillion pound contract, and offering this to a company headquartered outside the EU, such as Google, would raise security issues given the differing data philosophies between the EU and the US.
The terms governing a mass export of health records outside the EU would have to be negotiated with the Information Commissioner. Any contract given to a company to store health records would need to act as a pre-nuptial agreement, concentrating in particular on what will happen when it expires or is terminated, as any loss of the data held, or even any interruption, could put people’s lives at risk."
