Key Takeaways

• Health Minister Preet Kaur Gill addressed MPs about concerns over NHS England’s disclosure of data access within the Federated Data Platform (FDP).
• Gill acknowledged an error in documentation that led to misunderstandings about who could access identifiable patient data but emphasized that appropriate safeguards remain intact.
• The NHS is committed to maintaining public trust and ensuring that data controls are effectively managed, stating that patient data is secure under NHS governance.

Minister Addresses Data Access Concerns

Health innovation and safety minister Preet Kaur Gill expressed regret during a recent session with the Health and Social Care Committee concerning the handling of identifiable patient data within NHS England’s Federated Data Platform (FDP). This meeting, held on June 16, 2026, followed rising concerns about how NHS England represented data access to the National Data Guardian (NDG).

The issues at hand stemmed from inaccuracies in NHS England documentation that mischaracterized who could access identifiable patient information through the FDP. Martin Wrigley, MP for Newton Abbot, led the questioning, highlighting reports indicating that identifiable patient data was flowing into the FDP system, raising concerns about unauthorized access by engineers from Palantir and others involved.

Gill assured MPs that while the documentation contained errors, all access to sensitive data is strictly controlled and monitored. “Nobody has access to the system without having a legitimate purpose, and all access is time-limited,” she clarified. The minister explained that the problem was primarily related to descriptive inaccuracies about access arrangements, not about the security controls themselves.

She acknowledged the misunderstanding arising from NHS England’s description of access protocols in its Data Protection Impact Assessment. “There was an error by NHS England that meant that the assessment was not clear,” she explained, confirming that only authorized users and support staff are granted access.

Gill noted that NHS England had recognized the concerns raised by the NDG and is actively revising its documentation to better align with the best practices in data protection. When questioned about public trust in the NHS governance structures, Gill maintained that the security and integrity of data access have not fundamentally changed, stating, “It just improved the description of who has access.”

Furthermore, Gill reinforced the NHS’s commitment to protecting patient data within the FDP, stating, “The NHS does remain in control of NHS data.” She emphasized that the platform holds data already in existence but organized differently within various systems.

Public confidence in the FDP remains essential, and Gill highlighted the importance of trust in the handling of patient information. “In the end, public trust really matters,” she said. To further assure the public, she stated, “The data is secure because the NHS is the data controller.”

The FDP is developed in partnership with Palantir under a significant £330 million contract, awarded in November 2023. Recent reports by Digital Health News suggested that NHS staff had been granted ‘unlimited access’ to identifiable patient data while working on the FDP project. However, Louis Mosley, executive vice chair of Palantir UK, clarified via social media that this refers to specific technical permissions within a staging environment rather than unfettered access to patient data.

This incident highlights ongoing discussions and concerns surrounding data governance in the healthcare sector, emphasizing the need for greater clarity and transparency in how patient information is accessed and managed.

The content above is a summary. For more details, see the source article.