Summary

In September 2018, the UK government published an initial code of conduct for data-driven health and care technology.

Advancements in health technology, especially in artificial intelligence (AI), have been widely heralded as presenting the opportunity to change health care as we know it.

In the real world, however, building, testing and implementing data tools and data driven solutions can prove harder than developers and technology companies expect.

In Depth

In September 2018, the UK government published an initial code of conduct for data-driven health and care technology.

Advancements in health technology, especially in artificial intelligence (AI), have been widely heralded as presenting the opportunity to change health care as we know it.

In the real world, however, building, testing and implementing data tools and data driven solutions can prove harder than developers and technology companies expect.

Complex approvals, overlapping regulatory frameworks and pricing inconsistencies can make it difficult to sell solutions to the National Health Service (NHS). This is coupled with real anxieties about whether big tech can be trusted with patient data, and these concerns are only exacerbated by loss of confidence in data-sharing sites over the last year and new caution about the risks of non-compliance with the General Data Protection Regulation.

If the code is widely adopted and achieves the status of other industry codes, especially those applicable to devices and pharma, this may bring clarity and consistency to those working in this field. It is worth noting that the success of other codes arguably stems from the strength and the requirements of relevant national industry bodies—something that may be necessary for digital health developers too.

The code is currently voluntary, but technology providers have been encouraged to sign up and use the code. The aim is for technology providers to demonstrate their commitment to the NHS and technology within the NHS by signing up to the principles.

You can give feedback on the code by responding to this questionnaire.

A final version of the code is expected in December 2018.

The code sets out 10 key principles for technology providers. Some of these principles replicate and are consistent with data protection principles in law and existing NHS codes (for example, the need for fairness, transparency and accountability).

Digital health providers and investors may wish to focus on some of the following areas when providing feedback:

  • Principle 1 - Define the User. Providers may want to consider whether they are able to identify the precise beneficiary of the data analysis at the outset.
  • Principle 3: Be fair, transparent and accountable. This principle also covers compliance with GDPR and providers may want to consider how the principles will apply to pseudonymous data or the research exemptions, which are common components of GDPR compliance for global data driven healthcare solutions.
  • Principle 8 – evidence of effectiveness for use
  • Principle 9 – the commercial strategy and how benefits will be shared with the NHS
  • Principle 10 – the evidence, performance and validation of the algorithm. Providers may want to consider how the principles will apply to the different datasets used in AI and machine learning (including training, validation or test datasets).

At the same time, the government has committed to simplifying the regulatory and funding landscape, creating an environment that enables experimentation and encourages the system to adopt innovation.