Skip to the content

NHS Digital creates new extraction service for GP data


Mark Say Managing Editor

Get UKAuthority News


NHS Digital is setting up a new collection process to give planners and researchers faster access to pseudonymised patient data from GPs.

It has announced plans to replace the General Practice Extraction Service (GPES) with a new General Practice Data for Planning and Research (GPDPR) service.

The organisation has designed a new technical system that pseudonymises the data at source and encrypts it in transit, and issued a data provision notice to GPs to enable the new collection process to begin from 1 July.

It said the pandemic has led to a significant increase in the need for GP data for purposes such as identifying people most vulnerable to Covid-19, rolling out vaccines and supporting research. It was legally directed to collect and analyse information about patients, including from GP records, for the duration of the coronavirus emergency period. 

The GPES performed adequately during the pandemic but is based on legacy technology, and looking forward there will be an enormous demand for NHS services for which data will be a crucial asset.

In the new system, any data that directly identifies an individual will be pseudonymised then encrypted before it leaves a GP practice. It will only be shared with organisations that have a legal basis and meet strict criteria to use it for planning, policy development, commissioning, public health and research purposes.

Patients will have the right to opt out of their data being shared.

Prioritising confidentiality

Sarah Wilkinson, NHS Digital CEO, said: “General practice data is particularly rich and valuable because many illnesses are treated predominantly in primary care. We want to ensure that this data is made available for use in planning NHS services and in clinical research, but it is critical that we do this in such a way that patient confidentiality and trust is prioritised and never compromised.  

“We have therefore designed technical systems and processes which incorporate pseudonymisation at source, encryption in transit and in situ, and rigorous controls around access to data to ensure appropriate use. We also seek to be as transparent as possible in how we manage this data so that the quality of our services is constantly subject to external scrutiny.”

The system has been developed in consultation with patient and privacy groups, clinicians, and technology experts, as well as with the British Medical Association, Royal College of GPs, the National Data Guardian (NDG) and other organisations.

Image from iStock, ipopba

Register For Alerts

Keep informed - Get the latest news about the use of technology, digital & data for the public good in your inbox from UKAuthority.