The story that an medical insurance company has already done an exercise to “refine” its premiums by collating the NHS Hospital Episodes Database with Mosaic helps put the current debate over access to medical records into perspective. It also adds “bite” to my reprise on the “Bled Report” yesterday, particularly with regard to the sale of data collected as part of the delivery of a public service.
However, the more interesting question is why the NHS has not done such an exercise itself to help “refine”, alias plan, provision – particularly for those in most need because they are uninsurable. Had it done so, it should surely have made the results publicly available to heklp local authorities with their planning, as well as insurance companies.
At this point I should, however, add that I personally would have much more faith in the security of an exercise done by a phamarceutical or insurance company in co-operation with Experian, than one done by the NHS or any academic researcher.
The former understand the importance and value of confidentiality and have the budgets to go with it. The latter tend to think that their project is more important than all that security flummery, which they cannot afford (time or money) anyway.
I would be most surprised if this exercise was done in such a way as to compromise patient identity and confidentiality but there is little doubt that had it not been done by an organisation which takes information security and anonymity very seriously when doing such exercises, like Experian, it could have been.