As always, let us know what you think - if there are more recent / complete / credible studies out there which draw different conclusions, let us know!
The UK has a long history of public support for health research, as evidenced by the large number of participants in clinical trials and population studies (For example, the UK Collaborative Trial of Ovarian Cancer Screening and UK Biobank have recruited their targets of 200,000 and 500,000 individuals (respectively) with minimal objection to the use of their healthcare data) and the generous contributions to medical research charities such as Cancer Research UK and the British Heart Foundation.
Public engagement initiatives in relation to specific issues, such as the use of patient data, generally show that research is warmly supported. The attitudes of over 1,000 adults towards participating in health research were examined in the Wellcome Trust Monitor survey. Seventy-one per cent of participants indicated that they would be willing to give blood or tissue samples for research and 62% were willing to test a new treatment for a disease from which they were suffering.
Evidence from two national research studies demonstrates that a small number of patients complain about receiving direct invitations to participate in research. The UK Collaborative Trial of Ovarian Screening is one of the largest ever randomised controlled trials, covering 13 NHS Trusts in England, Wales and Northern Ireland, with successful recruitment of more than 200,000 women. Of the 1.2 million women invited to participate in the study only 32 complained about being contacted. UK Biobank reported from its integrated pilot phase that approximately 1 person from 1,000 invitations indicated that they did not want to participate because of concerns that their contact details had been provided to UK Biobank by the NHS.
There are a large number of organisations working to improve patient and public engagement with health research, including (but not limited to) UK Clinical Research Collaboration (UKCRC), INVOLVE, regulators themselves, the medical Royal Colleges, research charities and disease specific patient groups working to help the public understand the role and importance of research as an integral part of the care system.
The influential role of mass media has important implications for the formation of public opinion and consequently public behaviour and the actions of policy makers. The most significant impact on attitudes towards the storage, transmission and use of personal data in healthcare is made by coverage of breaches of regulations and guidelines.
Though many of the stories do not relate to data used in research per se, their impact contributes to patients’ concerns about any use of personal medical data.
Storage and transmission of data are key to research, many large datasets (for example the national disease registries) inducting data from a variety of sources and releasing data for research to geographically dispersed users. A key aspect of the conduct of research is the ease with which those researchers can receive the data. The choice of transmission method is not driven solely by actual risk analysis: while an encrypted DVD has a high level of innate security, public perception of sensitive information being moved around on DVDs, memory sticks and laptops is an important consideration. In fact it was a major issue identified in the UK Ministry of Justice's report on Data Sharing, 2008.
A recent article from eWeekeurope.co.uk backs up perception with data under the inflammatory headline “A Freedom of Information request by… Software AG has revealed that most public sector bodies have no idea about secure data transfer.” The article cites recent examples of the loss of sensitive information by public bodies: “A couple of years ago, Her Majesty’s Revenue and Customs (HMRC) lost a number of CDs containing private information on thousands of people. But there have been many more recent examples. Last July the UK Ministry of Defence admitted it had lost an entire server from a secure building – as well as 1.7 million individuals’ personal data. In November the UK Rural Payments Agency (RPA) lost backup tapes containing the payment and banking details of 100,000 farmers in the United Kingdom. And only last month an NHS worker in the secure mental health unit of a Scottish hospital was suspended, after he lost a USB stick containing patients’ medical records. The USB stick apprently contained unencrypted sensitive information – including the criminal histories of some violent patients at the Tryst Park unit at Bellsdyke psychiatric hospital. The stick was later found by a 12-year-old boy in the car park of an Asda supermarket.”
The NHS was recently (April 2010) revealed by the Information Commissioner’s Office (ICO) to be responsible for the highest number of serious data breaches of any UK organisation since the end of 2007. David Smith, deputy commissioner at the ICO told the Infosec security conference the NHS had highlighted 287 breaches to it in the period, accounting for more than 30% of the total number reported. Most of the breaches were the result of stolen data or hardware, followed by 82 cases of lost data or hardware. Richard Vautrey, the deputy chair of the British Medical Association's GPs committee thinks the number of breaches reflect the size and complexity of the NHS (the UK's largest employer with 1.7m staff) as well as its culture of openness. Whilst comments in the BBC’s coverage mention in mitigation that the public sector’s culture of reporting all breaches contrasted with the private sector’s behaviour, these do little to lessen the impact of the headline: “NHS worst for data breaches.”
 The Academy of Medical Sciences: A new pathway for the regulation and governance of health research
 Ministry of Justice: Data Sharing Review, 2008 [Richard Thomas, Information Commissioner; Dr Mark Walport]