Privacy and the secondary use of data in health research in Scotland

Abstract

In response to new data protection legislation for the UK and widespread concern about its implications, the Scottish Executive set up the Confidentiality and Security Advisory Group for Scotland (CSAGS) to place the use of personal health information in a modern setting. The group affirmed the principle of consent and, more broadly, the importance of involving patients and the public in decisions about their health information. It promoted methods of acceptable anonymisation of data, and the need for good stewardship and disclosure of data uses to the greatest extent possible, where explicit individual consent and anonymisation were not practicable. They did not recommend pursuit of legislation, preferring consensus, informed debate and widespread acceptance of the proposed arrangements. The Scottish Executive is now responding to the work of CSAGS to develop systems that command public and patient confidence, promote good practice for clinicians and researchers, and preserve important public health and research functions.