First of all, thanks to the many readers who have commented on the last posting on this blog, which ruminated on its future. Your comments were very helpful (and also very kind). IP Draughts has not yet taken any major decision, and for the time being will continue as before.
Today’s theme is “big data” and the policy decisions that accompany it (not them, please!).
IP Draughts has come across this subject in several contexts recently. There is health data, such as that held by the UK National Health Service (NHS) about its patients. Several of our clients have been involved in licensing-in or licensing-out such data, whether as a hospital, university or start-up technology company. These activities can raise some significant data protection issues, but fortunately several members of our team have become very familiar with this area of law, including Francis Davey and Stephen Brett.
On the public stage, there have been well-publicised initiatives to mine such data. Lord Drayson recently raised £60 million from investors on the AIM market, for his company, Sensyne Health, which has entered into agreements with several NHS Trusts. He is reported as saying:
The NHS has a “responsibility to society” to make money out of patient data rather than allowing the profits to be captured by US technology companies…
[there is] an “ethical imperative” to use anonymised data to improve care.
The national focus on big data is not confined to the health field. So-called geospatial data is also under the spotlight. In last Autumn’s Budget, the UK’s Chancellor of the Exchequer announced the formation of a Geospatial Commission, which would “maximise the value of all UK government data linked to location, and to create jobs and growth in a modern economy.” More recently, the government has declared:
From emergency services, transport planning, and 5G networks, to housing, smarter cities and drones – the UK’s geospatial infrastructure has the potential to revolutionise the UK’s economy.
The government is currently recruiting for members of this commission and for the civil servants that will support them. The commission will set a strategy for commercialisation of the nation’s geospatial data, working with the main agencies that currently hold the data, including the Ordnance Survey and the Land Registry.
National initiatives spawn national policies and codes of practice. Where personal data is involved, and where the custodian of the data is a public body such as the NHS, documents of this kind are perhaps inevitable. The latest one to cross IP Draughts’ desk is called “Initial code of conduct for data-driven health and care technology“. It sets out “10 key principles for safe and effective digital innovations, and 5 commitments from the government to ensure that the health and care system is ready and able to adopt new and innovative technology at scale.” The document’s introduction explains the government’s underlying thinking:
Today we have some truly remarkable data-driven innovations, apps, clinical decision support tools supported by intelligent algorithms, and the widespread adoption of electronic health records. In parallel, we are seeing advancements in technology and, in particular, artificial intelligence (AI) techniques. AI is being used on this data to develop novel insights, tools to help improve operational efficiency and machine learning driven algorithms, and clinical decision support tools to provide better and safer care.
This presents a great opportunity, but these techniques are reliant on the use of data that the NHS and central government have strong duties to steward responsibly. Data-driven technologies must be harnessed in a safe, evidenced and transparent way. We must engage with patients and the public on how to do this in a way that maintains trust.
AI, AI, Oh!
The 10 principles are not particularly surprising or radical for anyone familiar with GDPR and government policy generally; what is noteworthy is that the principles have been brought together and published for the circumstances of big health data. They are explained in more detail in the document itself, but the headings are:
- Define the user
- Define the value proposition
- Be fair, transparent and accountable about what data you are using
- Use data that is proportionate to the identified user need (data minimisation principle of GDPR)
- Make use of open standards
- Be transparent to the limitations of the data used and algorithms deployed
- Make security integral to the design
- Define the commercial strategy
- Show evidence of effectiveness for the intended use
- Show what type of algorithm you are building, the evidence base for choosing that algorithm, how you plan to monitor its performance on an ongoing basis and how you are validating performance of the algorithm
The possibilities of big data, artificial intelligence (AI) and algorithms seem to have captured the attention of the UK government. These developments should mean more work for IP and IT lawyers and for technology transfer managers – and help to offset the likely negative effects for this part of the UK economy that will result from Brexit.