A former cabinet minister has warned that there could be a “battle royale” over a £480m NHS England data software contract sought by the controversial US tech firm Palantir, whose chair has accused the UK health service of “making people sick”.
David Davis, the Conservative former Brexit secretary who previously led the campaign against ID cards, said he was one of those with serious privacy concerns about Palantir’s bid. He is among at least a dozen MPs and peers across the political spectrum who are pressing the government for more reassurances about how patient data will be treated as the new data operating system is built.
Palantir, which grew out of a US spy organisation, is the frontrunner for the contract after it worked for almost nothing to create data software for the NHS during the Covid pandemic.
This year, the government has ordered NHS trusts to start using Palantir’s Foundry software in pilots across England to help the health service tackle the backlog in elective care as it recovers from the pandemic.
There are other bidders, including a UK data consortium and multinational tech firms, but Whitehall insiders believe Palantir is being lined up for the contract since its software is already being used.
Its founder and chair, Peter Thiel, who was a notable financial backer of Donald Trump, has claimed the UK has “Stockholm syndrome” when it comes to its affection for the health service. In contrast, Palantir’s chief executive, Alex Karp, has said he wished the US “had a healthcare system that served the poor and underserved as well as I perceive the British system does”.
Health ministers recently admitted that the NHS would not require any further consent from UK patients to use their health data gathered during the pandemic in its new operating systems, although people will be able to opt out.
The government, the NHS and Palantir have repeatedly stressed that the company is the provider of the software rather than controller of the health data, with government sources saying: “Palantir do not control the data and the NHS retains control.”
But Davis and other MPs and peers have been asking a string of parliamentary questions in an effort to discover exactly how the data is being used within the Palantir software, what types of analysis are being done, how many users there are and how privacy is being protected.
One parliamentary answer revealed that 11 trusts have already paused or suspended use of the Palantir Foundry software, which the government said was due to “operational” issues.
Speaking to the Guardian, Davis said: “Although promises are made about confidentiality, they are broken all the time. This is a recurrent problem, and if you have got an organisation like Palantir, whose reflex because of its previous work is not to respect privacy, then you have a problem.
“We have to keep pressing and find out exactly what they are using the data for. The harsh truth is that the government and NHS have been completely tone-deaf about privacy,” he added. “The government are very nervous about this [reaction to the deal]. At some point, I suspect this is going to turn into a battle royale.”
Philip Hunt, a Labour peer and a former health minister, has also been pressing the government for more details on its use of the Palantir software, finding that tens of thousands of NHS staff already have access to data through its system.
“I am not opposed to the use of patient data to enhance research and public health. Far from it. But is vitally important that there is as much transparency as possible and assurance on the integrity of the process and safeguards for patient data use,” he said. “The current NHS and current government doesn’t have a good track record of getting the details right, and the procurement shows no sign of going better.”
Asked about the pausing or suspension of 11 Palantir Foundry pilots, which are believed to total about 30, a Department of Health and Social Care spokesperson said: “We are not aware that any of these pauses or suspensions were related to concerns over data security or privacy; they were all operational issues. The use of Palantir Foundry software by the NHS, as with any software, must be in accordance with all relevant laws and standards which apply to information technology and the protection of people’s personal information.”
A spokesperson for Palantir said: “Whether our support for the Covid vaccine rollout, the 28% waiting list reduction we’ve helped deliver at Chelsea and Westminster NHS foundation trust, or the development of software proved to help speed up cancer diagnosis, data privacy and security are always paramount in all of our work.
“As a software company, we don’t collect or monetise data – we simply provide the tools to help customers organise and understand their own information. And precisely because our software is used in some of the most sensitive information environments in the world, it is built to ensure data sharing is controlled, auditable and in accordance with customer-defined purposes only.”
In relation to the pausing of Foundry at some trusts, the company said: “Palantir is currently live in four of the trusts referred to, soon to be live in another, while a further trust named was never part of the [elective care] programme.”
An NHS spokesperson said it was conducting “a fair and transparent procurement process”. They said: “The NHS is always looking to deliver care in new and innovative ways and achieve better outcomes for patients through reduced waiting times and more timely treatment – this is why we are investing in new software to enable us to deliver services more effectively and efficiently, while applying the highest security standards to keep patient information safe.
“NHS England is conducting a fair and transparent procurement process for this software, the NHS will remain in control of patient data at all times, and the chosen supplier will only operate under the instruction of the NHS. They will not control the data in the platform, nor will they permitted to access, use or share it for their own purposes.”
• This article was amended on 27 April 2023 to clarify that the Palantir data software bid refers to NHS England.
