Does Universal Credit herald the end of Medical Privacy?

It would seem difficult for IDS's Universal Credit to become any more farcical, but under the DWP's latest change to the rules, your medical records are open to all. Well, not quite all, but a quietly introduced amendment snappily titled as the Social Security (Information-sharing in relation to Welfare Services etc.) (Amendment) Regulations 2015 means that from 13th February IDS will be allowed to share the medical information of any Universal Credit claimant with any or all of: Local Authorities, charities working with DWP, the Citizen's Advice Bureau, Credit Unions and Social Landlords*, and do it without asking your permission.

The Social Security (Information-sharing in relation to Welfare Services etc.) Regulations 2012 being amended state:

7.5 Being able to share person’s data without needing to seek their consent every

time will help to speed up decision making, make the process of applying for a local

benefit or service much simpler for the individual, and ease the administrative

arrangements by removing the need to collect and record consent.

While their Privacy Impact Assessment notes:

2.5 The effect of these legal changes means that in relation to the purposes described, it will no longer be necessary to first obtain the consent of the person whose data is being shared.

(We should probably have been concerned when the original regulations went through, but it has taken the Amendment to draw them to people's attention. The sheer scope of Universal Credit means that the number of people potentially falling within the scope of the Regulations has just massively increased).

The Assessment also notes:

4.17 For the purposes set out in the 2012 regulations, we expect the total volume of data being shared to be significant.

And the figures given across a variety of areas imply that even before incorporating Universal Credit claimants the provisions for data sharing without prior permission were likely to affect at least one, and possibly several, million people per year.

For more on this, see the Guardian's article: A governmentagenda to dehumanise benefit claimants and Stephen Sumpter (@LatentExistence)'s piece Need benefits? Say goodbye to privacy, but while the immediate concerns are bad enough I want to look at what this could mean in practise and, particularly, the potential longer term impacts.

* For clarity, 'social landlord' excludes private and for-profit landlords, but includes practically everyone else in the housing market, whether housing associations, not-for-profit organisations, charities or whoever.

In Practise

For the moment the fiasco that is Universal Credit means there should only be limited impact for disabled people, as we have all allegedly been declared too complex for the system to cope with, but IDS appears to be making every effort to make it impossible for the next government, whoever they are, to back away from fully implementing Universal Credit, and the longer term aims are that Universal Credit will eventually spread its tentacles to enmesh: child tax credit; housing benefit; income-related ESA; income-based JSA; income support; parts of the social fund; and working tax credit - in other words practically every working-age adult in the country, including those in work, is going to end up with a Universal Credit claim of one type or another (DLA and PIP are currently excluded - but how long will that remain so?). A lot of these claims will require you to tell DWP about medical conditions and disabilities, in particular ESA (and JSA if you're disabled but able to work) will deliver practically a complete medical history into DWP's sweaty hands.

Now even organisations with a long term responsibility for medical privacy often make a complete arse of it, Big Brother Watch uncovered 2500 patient data breaches within the NHS on an annual basis, including data being stolen, posted on social media (50 cases a year!) and so on down to plain old-fashioned gross incompetence. And that is from an organisation focussed on medical confidentiality, with training and procedures in place and with a full understanding of its legal liabilities. DWP meanwhile is planning to hand medical data over to organisations which have never previously had the responsibility for holding medical data and all the extra legal responsibilities that brings under the Data Protection Act. Some of these organisations should hopefully have data protection policies and data controllers in place, but even for those DWP are talking about handing them data which raises their legal obligations to a much higher level. For organisations that have never held medically sensitive information, such as small employment-focussed charities, credit unions or social landlords, are they even going to be aware of their legal liabilities? Are their staff trained? Are their staff likely to have appropriate attitudes? Do they even need this information?

While there may well be cases in which people are happy for data to be shared, the reality is that a lot of DWP's existing knowledge of medical conditions and disability was given to them under the presumption that the data would remain within the organisation (as the Data Protection Act can reasonably be assumed to require) and in many cases was given with extreme reluctance in the face of an overtly abusive system (been there, done that). And the instant you have a change of circumstances that results in you falling into the clenches of Universal Credit, DWP has just written itself a get out-of-jail-free card that allows it to legally share that information with anyone it wants.

Longer Term - Where Will This End?

While people have been focussing on the immediate impact of this change, I think we also need to look at what it might mean in terms of what we know about DWP's longer-term data-sharing objectives. We have already seen individual DWP sponsored projects making a bid for direct access to our medical records, potentially for use in enforcing treatment as a condition of benefit receipt, we know DWP applied for access to the Hospital Episode Statistics database (summarising the details of every hospital stay) because it was one of the requests HSCIC turned down as too unreasonable to consider, at the same time they were freely handing the data over to insurance companies for use in price-setting. Meanwhile the Health Select Committee speculated that DWP will seek access to Care.Data, the controversial national database hoovering-up every patient's medical records from their GPs for research purposes (including commercial research purposes).

Outside of medical data, DWP's own Open Data Strategy states:

33. DWP is actively supporting the development of the National Fraud Authority‟s (NFA) intelligence sharing roadmap. IRIS will form one of the public sector hubs which will facilitate new data shares with other public and private sector counter-fraud bodies. DWP are continuing to work closely with the NFA in designing the intelligence sharing architecture and the legal framework.

And

39. DWP will ensure that the Universal Credit ICT system will support the production of aggregate data for use and re-use by industry and academia through open publication

And, getting back to health,

43. The publication of anonymised fit note data could provide healthcare professionals, individuals, employers and service providers (eg the occupational health sector) with an indication of the volume and content of fit notes at aggregate level. This in turn should help improve management of sickness absence and drive innovation in the occupational health and rehabilitation sectors

48. Linking welfare data sets. The Government will consider opportunities for linking welfare datasets to other government and commercial datasets to increase their value to industry.

49. Industry consultations have indicated that many data sets held by DWP have a high market value. However, this value would be enhanced in combination with commercial and other public data sets.

Equally, discussions at the Government-sponsored datasharing.org have had a significant focus on integration of DWP and HMRC datasets for use in a counter-fraud role. Combating fraud may be necessary, but many benefit claimants, myself included, know from first hand experience that DWP's response to alleged fraud tends to be intimidate first, ask questions later, no matter how ludicrous the accusation, no matter how damaging the consequences. When DWP attitudes towards data-sharing are primarily driven by their punitive use or commercial value, that makes extension of data under their control increasingly problematic.

The regulations under discussion here, together with the attitude to 'Big Data' shown above, betray the attitude to privacy that DWP is likely to bring to bear on HES or Care.Data if it ever gains access to them, and the threat that exists to what medical data it already holds. If DWP does gain access to HES/Care.Data, and we know that it wants access to this kind of data, then the (less than convincing) anonymity of HES and Care.Data is instantly compromised as the information is useless to DWP unless they decrypt individual identities and jigsaw the information with their own databases. This will create a situation in which every citizen's medical records transition into the hands of an organisation that, rather than seeing privacy as an obligation, sees itself in a punitive/data broker role and doesn't just want to share data, but is re-writing the law to ensure it can, no matter what the Data Protection Act might say. If DWP get their hands on our medical data on a national scale, then Medical Privacy in any real sense may cease to exist.