The modern healthcare sector leverages vast amounts of data, not just for direct patient care but also for secondary uses such as research, policy-making, and system improvement.  Healthcare data management is fraught with complexities and challenges, with the paramount responsibility of balancing the protection of sensitive patient information against the need for access to information that can save lives.

On one hand, there is legitimate excitement about new algorithms that can leverage data to improve diagnosis, monitoring, and managing conditions at both individual and population levels. Innovators across the spectrum are advocating for reduced red tape, arguing that streamlined processes would enable them to save and improve countless lives across the country.

On the other hand, high-profile alleged data breaches involving celebrities such as Catherine, Princess of Wales, NHS Organisations, commercial organisations like Grindr, and NHS Suppliers like TPP starkly illustrate the risks inherent in current practices and systems. These incidents highlight the need for robust data protection measures, but often this translates into increased regulatory hurdles and more red tape.

Outcomes of data misuse are often more easily attributed to specific organisations, individuals, or policy failures, so these risks often receive more attention. However, it is crucial not to underestimate the risks of preventing data access, which costs lives.

The Layered Complexity of Data Access

In healthcare, data access governance varies in granularity, from open public data to specific dataset-level access within an organisation. Access can be entity-level, based on data attributes, or record-level, where a doctor accesses only their patients’ records. The appropriate level depends on the data’s use and the user’s role. Direct patient care requires immediate, comprehensive access, while secondary uses like research may need restricted, anonymised datasets.

Governing Data Access

Although technologies are readily available, configuring the technology and choosing the right approach raises several key questions, including:

• Purpose and Use: What balance should be struck between the risks of accessing data, such as misuse, and the risks of preventing access to data, such as saving lives? What legitimate purposes are there for the use of health data and who decides? How does one ensure that access levels are commensurate with the need and role of the user in a complex multidimensional world?

• Consent, Ownership, Responsibility, and Accountability: How should patients be informed about the ways their data is used and what constitutes informed consent? Who owns healthcare data and what rights do patients have if their healthcare data is used for research, such as training AI diagnostics? Where does the responsibility sit for a dataset, particularly when it has been integrated from a wide number of diverse organisations? What accountability mechanisms should be in place for misuse or breaches?

• Transparency, Equity, and Access: How can we ensure equitable access, avoid disparities, and reduce discrimination and bias when data is accessed and used? How transparent should an organisation be about the data they have and their data practices? How does an organisation track downstream utilisation of their data?

• Security: What security mechanisms are needed to protect against data breaches? What can be utilised to monitor and regulate data access and use? What contingency plans need to be in place?

• Accuracy, Integrity, and Interoperability: How can we ensure the accuracy and integrity of health data, and are there different quality bars based on different use cases? What are the implications of using inaccurate or incomplete data? What are the implications when data is integrated from a diverse set of systems, and how are the additional risks managed?

Many of these questions are the subject of legislation, but their interpretation is not straightforward and will ultimately vary based on the context of the data, the organisation, the people involved, as well as the benefits and the risks involved. It’s also worth considering that sometimes the academically and philosophically excellent answer to a question may be so operationally intensive that an organisation simply doesn’t have the resources to implement it. At this point, they may need to circle back to consider other solutions in the context of the primary question:

What balance should be struck between the risks of accessing data, such as misuse, and the risks of preventing access to life-saving data?

Despite the complexity of providing secure and ethical access to healthcare data, clear mechanisms exist to reduce both misuse and the risks of withholding life-saving data. By establishing risk-based principles, frameworks, and processes, organisations can effectively plan for, mitigate, and evaluate the risks and opportunities of data sharing. Quality and Security Information Management Systems (ISO 9001/27001) offer processes to manage these risks and take necessary actions, as well as facilitate informed decision-making. Other interventions can include frameworks and processes such as implementing a research accreditation program that ensures only qualified personnel with legitimate needs access specific data or deploying technology such as data catalogs that reduce the risks associated with security, transparency, ownership, and responsibility.

A Call for Action

Managing data access in healthcare is complex but indispensable. The sector must continuously evolve to address these challenges, using innovative and secure methods to govern data access through a risk management approach. This ensures that patient privacy and security are maintained while unlocking data’s transformative potential to benefit society. Responsible data access can significantly reduce the risk of withholding critical information, ultimately saving lives and improving healthcare outcomes. Whenever the issue seems too complex or the temptation is to say no, we should keep asking: What balance should be struck between the risks of accessing data, such as misuse, and the risks of preventing access to life-saving data?