NHS England has published an ethical code of conduct (the Code) to ensure that only the best and safest data-driven technologies are adopted by the NHS. The Code is aimed squarely at technology companies developing and implementing AI and other data-driven technologies for use by the NHS. It specifies that suppliers involved in developing technologies to tackle some of the biggest issues in healthcare, such as dementia, obesity and cancer, must meet a “gold-standard set of principles” designed to protect patient data to the highest standards. The Code will also be used by health and care providers when evaluating and selecting AI solutions. Other objectives include:
promoting the UK as the “best place in the world” to invest in HealthTech
reassuring patients and clinicians of the effectiveness and safety of AI and their data
guiding the development of new products so that they are suitable for the NHS in the future
helping the NHS to get a fair deal from the commercialisation of its data resources
The last of these objectives is of particular relevance as it should help to drive commercialism within the NHS that has, until now, often been lacking.
The Code sets out the behaviours expected from those developing, deploying and using data-driven technologies, based on the ethical principles for data initiatives developed by the Nuffield Council on Bioethics:
respect for persons
respect for human rights
accounting for decisions
The Code’s 10 principles are:
Understand users, their needs and the context
Define the outcome and how the technology will contribute to it
Use data that is in line with appropriate guidelines for the purpose for which it is being used
Be fair, transparent and accountable about what data is being used
Make use of open standards
Be transparent about the limitations of the data used and algorithms deployed
Show what type of algorithm is being developed or deployed, the ethical examination of how the data is used, how its performance will be validated and how it will be integrated into health and care provision
Generate evidence of effectiveness for the intended use and value for money
Make security integral to the design
Define the commercial strategy
Principle 10 is of particular relevance in helping to shape and frame the commercial structures for AI-related engagements between the NHS and the private sector. The starting point is that wherever the NHS data pool is the basis of the commercial arrangements, the five Life Sciences Sector Deal 2 guiding principles (set out on page 46) must be followed:
Commercial use of NHS data must have an explicit aim of improving the health and care of patients in the UK, including through the discovery of new treatments, diagnostics, and other scientific breakthroughs. The terms of any arrangements should, where possible, include quantifiable and explicit benefits for UK patients
NHS data is an important asset and, in entering into commercial arrangements, NHS organisations should ensure they agree mutually-beneficial and fair terms
Commercial arrangements should not undermine, inhibit or impact the ability of the NHS, at national level, to maximise the value or use of NHS data, i.e. arrangements should not be exclusive or include conditions limiting any benefits from being applied, nor should they undermine the wider NHS digital architecture, including open standards and interoperability
Commercial arrangements should be transparent, clearly communicated and should not undermine public trust and confidence either in the NHS or wider government data policies
Commercial arrangements agreed by NHS organisations should fully adhere to all national level legal, privacy and security obligations, including the National Data Guardian’s Data Security Standards
The following should also be considered (before engaging in any contract negotiations): proportionality; scope; exclusivity; value; ownership of intellectual property; liability; audit; bias; and roles.
The Code aims to tackle emerging ethical challenges associated with the use AI in the NHS and the wider health and care system. The Department of Health and Social Care and NHS England will engage with the Centre for Data Ethics and Innovation on further developing the Code to ensure it fits with evolving best practices. Further updates are expected towards the end of 2019.
The legal content provided by Fladgate LLP is for information purposes only and should not be relied on in any specific case without legal or other professional advice.
Copyright is owned by Fladgate LLP and all rights in such copyright are reserved. Material is not to be reproduced in whole or in part without prior written consent.
Fladgate LLP is a limited liability partnership, registered in England and Wales with registered number OC334334. It is authorised and regulated by the Solicitors Regulation Authority, number 484783. The term partner is used to refer to a member of Fladgate LLP. A list of members is available at the registered office shown above.