NHS shares patient information with Home Office for immigration enforcement
A government document has revealed the patient information sharing agreements between NHS Digital and the Home Office, while data shows that more than 8,000 requests were made in 2016.
Details of the procedures and process for sharing patient information have been set out in a memorandum of understanding between the Home Office, the Department of Health and NHS Digital, published for the first time this week.
Although the MoU – which details the rules on patient information exchange between NHS Digital and the Home Office – came into effect on 1 January this year, government authorities have been able to request information from the NHS for law enforcement activities for some years.
The latest figures from NHS Digital show that the Home Office made 8,127 requests for information in 2016 up to November – the last date for which records are available.
Of these, 5,854 were approved and traced, with a further 1,583 requests approved but where NHS Digital was unable to trace the information.
This compares with 339 requests from the police during this time – of which 73 were approved and traced – and 2,703 requests from the National Crime Agency – of which 574 were approved and traced.
According to the MoU, the Home Office can request non-clinical information – such as last known address, date of birth and date of NHS registration – from NHS Digital in relation to immigration offences, such as escaping detention or exceeding a time limit to stay in the UK.
The document say that, because this information is “administrative in nature” it “falls at the less intrusive end of the privacy spectrum” and that the nature of immigration offences mean “there is a low probability of mistaken identity”.
The Home Office can only request information if it fulfils certain criteria, including that it has used “all usual sources of internal information” to establish contact with the person and that the disclosure of such information is “a matter of public interest”.
However, the document states that because of the non-clinical nature of the records requested, “the public interest threshold is lower”, especially “where there are concerns regarding the safety or welfare of an individual, such as a vulnerable child or adult”.
It argues that there is a public interest in disclosing data on offenders under the Immigration Act, emphasising the importance of “effective immigration controls” for the UK – for instance by allowing the removal of “those who might pose a danger to the public”.
The document also says that immigration offenders “harm the economic wellbeing of the country” and that it is in the public interest that “limited UK resources and public services (including the NHS, jobs, schools, housing) are protected from unnecessary financial and resource pressures”.
The document making clear that NHS Digital can refuse a request from the Home Office “without limitation…if it is not satisfied that the request is in the public interest”, but less than 120 of the 8,127 requests in 2016 were rejected by NHS Digital.
The memorandum adds that all information must be sent to the Home Office under secure NHS mail and that all transfers of information, in both directions, must be done under the data protection principles in the Data Protection Act.
In addition, all information exchanged in these circumstances “will not be kept longer than is necessary for the purpose set out in this MoU”, and that once it is no longer relevant it must be destroyed securely.
NHS Digital is required to respond to a tracing request from the Home Office within 20 working days, but the Home Office can also request a shorter time frame if there are “exceptional circumstances”, which the memorandum said includes concern over the wellbeing of children.
The memorandum defines the Department of Health’s role as one of oversight – for data flow, accountability arrangements and updating ministers where necessary – and of brokering solutions in the event of issues between NHS Digital and the Home Office.
Shadow home secretary Diane Abbott described the use of patient data for immigration enforcement as “unacceptable”, arguing that it could deter people from seeking medical care and that “it should stop now”.
Devices are designed to check against national criminal and immigration databases and return results in under a minute
As part of a mission to grow its use of healthcare technology, the city will trial the expansion of telehealth referrals in secondary as well as primary care
Public sector ICT charity to migrate all customers – understood to include local and central government bodies – by the end of 2018, after deciding public cloud is the way forward
Home Office issues tender for £2m project
BT's Malcolm Stokes explains how organisations can attribute accurate figures to cyber risks in order to make a viable business case.
BT's Ben Azvine argues that the frequency and impact of breaches is increasing and we need to continuously adapt and innovate to stay ahead of the threat environment
BT has a team of over 2,500 security experts working to maintain the highest standards. Here we meet some of them and find out what they do.
BT's Amy Lemberger argues that having the right security in place to protect your organisation is no longer just an option. It is a necessity.