Using patient data to improve health is a tricky area, but it can be done safely and responsibly, writes health tech chief medical officer Dr Shaun O’Hanlon.
The Information Commissioner’s Office’s recent ruling on the Royal Free Hospital’s collaboration with Google DeepMind
has reignited the debate on the appropriate use of patient data to improve care.
Indeed, its conclusion that the hospital had unlawfully released patient data may have stopped some nascent data analytics projects in their tracks, or at least given trust directors and chief clinical information officers major cause for concern.
But it would be completely counterproductive if innovative thinking were stopped because of this. Data holds the key to huge improvements in patient care – but only if we can use it safely and appropriately.
Fifteen years ago, my own company began a collaboration with the University of Nottingham
to explore the potential for clinical data to be used to improve the health of the nation. This not-for-profit academic-industry collaboration has delivered some groundbreaking research and provides useful lessons on how patient data can be used safely to improve care.
Where we started
QResearch was founded in 2002 as a not-for-profit collaboration with the University of Nottingham. It is led by Julia Hippisley-Cox, professor of clinical epidemiology and general practice and a working GP.
Our aims were ambitious – to use the extensive patient data recorded on our GP software every day to transform the health of the nation. Fifteen years on, the QResearch database is firmly established as a leading source of information for ethical medical research. It now contains anonymized data covering a historical UK patient population of more than 28 million people. The data is provided free of charge from around 1,500 GP practices.
Protecting patient confidentiality was critical to this project. Without robust measures in place, our aim to deliver beneficial and ethical research would have fallen at the first hurdle.
Our response was to develop an extensive set of protections that include:
What difference have we made?
- the pseudonymisation of all patient data collected (a multi-layered process ensures that patient-level data can be extracted from a practice database without attaching any strong patient identifier, such as date of birth, name, address)
- researchers who are approved to use the QResearch database can only receive fully anonymized data; they are also only provided with the data required to answer their research question – not the whole dataset
- special protection is employed to protect the identity of the GP practices participating in the database
- patients can opt out if they do not wish their data to be shared.
Fifteen years on, what difference have we made? I believe it has been profound. Using the database, professor Hippisley-Cox and her team have undertaken groundbreaking medical research and created clinical tools that have changed medical practice in the UK and beyond.
Here are two examples.
Heart and circulatory disease kill more than one in four people in the UK, causing around 160,000 deaths each year (source: BHF).
In 2007, QResearch published a new risk calculator (QRISK) to help clinicians better identify people at risk of developing heart disease. Following extensive evaluation, the calculator replaced the Framingham score which had been used for 30 years and was under-estimating the risk in certain populations including the most socially deprived and South Asian men.
QRISK is now used extensively in everyday medical practice. The rate of death from heart disease has plummeted in the last ten years, and while we cannot claim this is all due to QRISK, I have no doubt that improved detection of risk and preventative intervention has played an important part.
In 2013, QResearch released the QCancer algorithm to help GPs spot signs of cancer earlier (diagnosing cancer is complex, many patients present to their GP up to six times before a referral is made).
The algorithm works out the risk of a patient having a current but as yet undiagnosed cancer, taking account of risk factors and current symptoms. There are two calculators, one for men and one for women. We are carefully watching diagnosis rates of cancer for evidence of the impact of this tool and there is certainly evidence that referrals are being made earlier.
What can we learn?
While few projects are likely to be conducted at the size and scale of QResearch, the collaboration provides some valuable pointers for those looking to use patient data to improve care.
Here are three key lessons:
Dr Shaun O’Hanlon is Chief Medical Officer at EMIS Group. Follow him and the organisation on Twitter @drshaun @EMISGroup @EMISHealth
- Patient confidentiality first and foremost. However laudable your aims, the end never justifies the means if patient confidentiality is breached. So before you do anything, make sure that you have thoroughly considered how you will protect patient data. Consult with key stakeholders – users, patient representatives, academics, privacy advocates and information governance experts. Industry events and online forum discussions are good sources of practical advice – you can read more about QResearch’s individual approach online.
- All but only. In the era of big data, it can be tempting to think that bigger is better, but ethical practice dictates that you should limit the amount of data you are accessing to all but only what you need for that particular purpose. This means that you need to carefully scope your research project in some detail at the outset. This takes time and can’t be rushed.
- Think big. Accessing patient data is a tricky area, and while we do need to tread carefully, this doesn’t mean we should limit our aspirations. I would encourage you to think big – the scale of the challenge facing the NHS and public health demands it. Used in the right way, patient data is a powerful tool to move us forward.
Like this post?
Share it on Twitter or leave a comment, below.