NHS England is granting external consultants from companies like Palantir broad administrative access to identifiable patient records within the National Data Integration Tenant to streamline data processing workflows.

Key Points

• NHS England is transitioning from case-by-case data access approvals to a new "admin" role for external consultants.
• The policy change affects the National Data Integration Tenant, which holds identifiable patient information before pseudonymization.
• Palantir, which holds a £330 million contract for the Federated Data Platform, maintains that strict NHS-controlled access prevents unauthorized use.
• Safeguards include mandatory government security clearance, director-level approval for access, and regular audits of engineer activity.
• Internal NHS briefings acknowledge that the policy change risks damaging public trust in patient data security.
• Cybersecurity experts warn that broad administrative privileges increase the potential impact of a single compromised account.

Why it Matters

This policy shift highlights the ongoing tension between operational efficiency and the protection of sensitive health data within the UK's digital infrastructure. The move could influence future public trust in the NHS and set a precedent for how private technology partners manage large-scale government data repositories.