NHS patients cannot opt out of Palantir data use, but hospitals can refuse
Health Minister confirms individual NHS patients cannot opt out of Palantir's FDP data processing, but NHS trusts can refuse. Contract renewal due in February 2027.
In England’s National Health Service (NHS), the integrated data platform “Federated Data Platform (FDP)” built by US-based Palantir Technologies has entered a new phase of debate. Health Minister Preet Kaur Gill stated in Parliament that while individual patients cannot refuse (opt out) their data being processed on the FDP, NHS trusts (hospital operating organizations) can choose not to use it.
According to The Register’s report, Health Minister Gill explained in a response to Labour MP Neil Duncan-Jordan that patient opt-outs are limited to “secondary uses such as planning and research.” Regarding the National Data Opt-Out mechanism, the Minister stated, “It does not currently apply to products used across the NHS FDP as in most cases data is used for direct care purposes.”
This article provides detailed background on the issue, technical and institutional challenges, and its impact on the industry.
What is secondary use of patient data?
The NHS FDP aims to centrally manage data such as patient medical records and test results to improve the efficiency of healthcare services and optimize resource allocation. The problem lies in the fact that this data is used for both direct treatment purposes (direct care) and other planning/research purposes (secondary use).
Minister Gill’s response indicates that for data used in direct care, no mechanism for patient consent or opt-out exists. This is legally justified as data processing essential for patient treatment.
However, last month, NHS England changed its policy, revealing that some Palantir staff can now access identifiable patient data through an “admin” role. A document obtained by the Financial Times and confirmed by The Register warned that granting this access creates a “risk of losing public trust in NHS England’s assurances around patient data protection.”
Hospital-level opt-out is possible
Health Minister Gill, in a response to another Labour MP Rachael Maskell, acknowledged the possibility for NHS trusts to decline participation in the FDP. The Minister stated, “If an NHS organisation wishes to use an alternative solution, they retain the ability to undertake a local procurement, provided that it meets the relevant standards and supports the delivery of national priorities.”
According to NHS England statistics, 168 out of 214 NHS trusts in England have expressed participation in the FDP, 123 are actually operational, and 80 have reported some benefits. Of the 42 Integrated Care Boards in England, all except Greater Manchester are participating.
Criticism of Palantir and parliamentary action
Palantir’s involvement with the NHS, which began with similar activities during the pandemic response, has become increasingly controversial in recent years. Last week, the Science, Innovation and Technology Committee recommended that the NHS end its engagement with Palantir. In the past month alone, MPs have submitted 40 written questions regarding Palantir. Criticism is partly fueled by the company’s contracts with intelligence agencies and US Immigration and Customs Enforcement (ICE).
In a response to Labour MP Mark Sewards, Health Minister Gill clarified that the government will decide this year whether to extend the current FDP contract beyond its February 2027 expiry. The Minister also noted that the programme is among only 14% of major government projects to receive a “green rating” from the National Infrastructure and Service Transformation Authority, stating, “This indicates that the NHS FDP is progressing well.”
In a response to Duncan-Jordan, Minister Gill confirmed that the contract includes an exit management process covering intellectual property rights.
Implications for Japan’s medical data policy
In Japan as well, balancing the utilization of medical information with privacy protection is a crucial policy issue. With the planned construction of the National Medical Information Platform (tentative name), the scope of data processing rights for overseas vendors and patients’ opt-out rights could serve as reference points in system design.
The NHS case demonstrates that in large-scale medical data platforms, distinctions between direct care and secondary use, the scope of access rights granted to external company staff, and the transparency of procurement processes directly impact public trust.
Editorial Opinion
The NHS case involving Palantir raises critical issues regarding the governance of public medical data and the relationship with private technology companies. In the short term, debate in the UK Parliament is expected to intensify ahead of the contract renewal in February 2027. The government cites the “14% green rating” as evidence of progress, but the parliamentary committee’s recommendation to end Palantir’s involvement and the 40 written questions represent political signals that cannot be ignored.
From a long-term perspective, this issue transcends the merits of a single contract, positioning itself as a case study that questions the institutional risks of entrusting public medical data to overseas technology companies. The fact that Palantir also contracts with intelligence and immigration enforcement agencies amplifies public concern about secondary use risks of patient data. When countries including Japan proceed with similar infrastructure development, the question becomes how to design data subject rights, the scope of corporate access, and procurement transparency.
As an editorial board, we believe that in designing medical data infrastructure, a careful balance between technical efficiency and citizens’ right to informational self-determination must be considered. The current situation, where individual patients are not granted opt-out rights—even if for direct care purposes—appears to have room for improvement from a transparency standpoint. How NHS England will implement governance reforms going forward may influence healthcare IT policies in many countries, including Japan.
References
Frequently Asked Questions
- What is Palantir FDP?
- It is the Federated Data Platform built by Palantir Technologies for the NHS. It aims to centrally manage patient medical records, test results, and other data to improve healthcare service efficiency and optimize resource allocation.
- Why can individual patients not opt out of data processing?
- According to the Health Minister, most data handled on the FDP is used for "direct care" purposes, so legally, processing can be justified without patient consent. Patients can only opt out of secondary uses such as planning and research.
- Could this issue occur in Japan?
- Japan is also considering building a national medical information platform, raising similar issues regarding overseas vendor involvement and the scope of data subject rights. However, differences in legal systems and procurement procedures mean the exact same situation may not arise.
Comments