In an effort to defeat the outbreak of Covid-19, technology firms in the UK are processing massive amounts of confidential patient information in a data-mining operation. This process is part of the government’s response to the coronavirus pandemic. The US-based big data firm Palantir is working with a UK-based AI and machine learning specialists, Faculty to strengthen government databases and assist ministers and officials to counter the pandemic. Faculty will also use the data to build predictive computer models around the Covid-19 outbreak.

According to a National Health Service (NHS) document, Faculty is working on a computer simulation to analyze the impact of a policy of targeted herd immunity. However, lawyers for Faculty said the proposed herd immunity simulation never took place. The digital transformation arm of the NHS, NHSX that has contracted the tech companies to build the Covid-19 datastore, said the technology would provide ministers and officials real-time information on health services, giving information about where demand is rising and where critical equipment needs to be deployed.

Reportedly, the companies involved do not have access to control the data and are not allowed to use or share it for their own purposes. They only had access to aggregated or anonymised data through NHS systems, Faculty’s lawyers said. The UK government had already said it would use Faculty and Palantir in a Covid-19 data project. Of which project, one portion is involved to give leaders in the NHS, Cabinet Office and Downing Street a live feed of cumulative statistics on hospitalisations, availability of critical care beds, ventilator orders and oxygen supplies.

The NHS documents also note the project comprises large volumes of data concerning individuals, such as protected health information, Covid-19 test results, the contents of people’s calls to the NHS health advice line 111 and clinical information about patients with intensive care.

Moreover, the documents suggest that while anonymised, confidential 111 information in the Covid-19 datastore may include people’s gender, postcode, symptoms, the mechanism through which any prescription was dispatched to them, and the precise time they ended the call. It suggests the project appears to be using a pseudo-NHS number to cross-match large datasets, such as a master patient index, an existing NHS resource that leverages social marketing data to segment the British population into diverse types at the household level.

Moreover, the documents note, while not a current priority, phone location data could be used in the datastore after two private companies came for help with contact tracing offered it to the government. Also, Faculty’s proposed policy, described as targeted herd immunity, was part of an NHSX and Faculty planning document reviewed around 23 March, more than a week after ministers emphasized that the controversial policy was no longer being contemplated.

Faculty’s lawyers suggested the proposed simulation was the result of solely internal, preliminary discussions. In addition, the planning document listed potential analysis of the impact of targeted herd immunity, as well as other possible government policies, including social distancing, school closures and quarantines of households.