NHS data - an incredibly valuable public asset

The NHS holds a huge amount of health data. In fact, it’s the largest set of structured, machine-readable health data in the world. The data is so good thanks to the fundamental values of the NHS as a health service that cares for everyone - that means the data covers all of us, across the UK, regardless of wealth or background.

Responsible use of this data can be of huge benefit, helping improve care and develop new treatments. Patient data has helped the response to Covid, and, with proper safeguards to protect the public interest, more could be done in the future. One estimate of the value of patient data to the NHS puts it at a staggering £10 billion per year.

An asset to be stripped?

Private corporations have also spotted the value of NHS data – and are keen to cash in. They are seeking contracts from the government to provide outsourced data services to the NHS.

These contracts can be lucrative in themselves – Palantir’s latest contract is for £330 million – but the even bigger prize is access to the data itself. Many companies see public data as a resource they can exploit to develop highly profitable new products and services.

This raises huge questions for the NHS. How far can private companies be trusted with sensitive health data? If private companies are involved, how can we make sure the data is not misused? If NHS data is used by a private company to develop profitable products or services, how do we ensure that the NHS gets a fair share of the benefits? How can we ensure short-term work with tech corporations does not lock the NHS into an expensive long term dependency?

Palantir got its foothold in the NHS via contracts rushed through in secret, under the cover of the pandemic while the procurement rules were relaxed, without an open process and with details only revealed thanks to Foxglove’s legal action. Many other companies, from failed investment firms like Greensill Capital to US health insurance corporations like Centene, responded to the Covid-19 pandemic by stepping up efforts to cash in on the NHS. NHS data will be an increasingly important focus for private companies looking to profit from our health service.

The NHS Federated Data Platform contract and Palantir

In 2023, Palantir was awarded the £330m contract for the NHS Federated Data Platform (FDP). According to the NHS, FDP is: “designed to connect vital health information across the NHS.”

Palantir got the contract after previously running 36 FDP pilots at trusts around the country. These pilots ran on Palantir’s Foundry, the same platform used for the Covid Datastore, Palantir’s first contract with the NHS which it was granted in secret and without competition, and was only made public at all because tech justice non-profit Foxglove and reporters at openDemocracy forced its publication.

In 2026, the British Medical Journal reported that it had seen evidence suggesting the benefits of the FDP pilot at Chelsea and Westminster Foundation Trust, promoted as a Palantir success story, were overstated.

There are serious questions to be asked about the governance process of how Palantir’s tools handle patient data. In 2023, NHS England told the openDemoracy that it would alter or remove identifiable personal information before it was passed to Palantir.

Then in 2026, it was reported in the Financial Times that Palantir would in fact be given access to raw, identifiable patient data. An internal NHS briefing said that this meant there could be “unlimited access to non-NHSE staff” to FDP tools and the identifiable patient information they contain. That is a huge change to make to the governance of NHS data that the briefing admits presents “a risk of loss of public confidence”.

In spring 2026, it was reported that ministers were exploring triggering the break clause in Palantir’s contract for the FDP, due to mounting public pressure.

According to the government, the FDP contract is for seven years, ending in 2031, with the initial term ending in March 2027. The advertised end date is 15 February, 2027.

A cautionary tale: DeepMind’s contracts with NHS Trusts

The troubled relationship between AI company Deepmind, a subsidiary of Google, and various NHS Trusts, illustrates the risks for the NHS of working with Big Tech.

The Royal Free Hospital trust granted DeepMind access to 1.6m patient records to develop its ‘Streams’ app to diagnose acute kidney injury. Moorfields Eye Hospital also allowed Deepmind access to data to train algorithms.

The Information Commissioner’s Office (ICO) found that the Royal Free had unlawfully given patient data – but the data has never been returned. Moorfields is now being forced to pay to use the technology developed with the public data it let DeepMind access. Meanwhile DeepMind Health, originally a separate subsidiary with an independent health ethics board, has been swallowed by Google – and its ethics board disbanded.

The blueprint for Big Tech exploitation of NHS data is plain to see. First, persuade the NHS to grant access with promises of helping improve treatment. Next, exploit that access to develop valuable new, privately-owned, products and services. Then, sell those products globally without sharing the profits with the NHS - and start charging the NHS for products which were developed thanks to NHS data.

The collapse of care.data and the need for public trust

Previous attempts by the NHS to develop data systems collapsed because of a lack of public trust. Care.data was a programme to transfer all patient data from GP surgeries to a centralised database. This aimed to support resource planning and research to improve care. Plans included linking the data to other NHS datasets and offering potential to external parties, including academic researchers and private companies.

The scheme was dogged by patient mistrust. A lack of consultation, a poorly designed opt-out process, and the involvement of private companies caused widespread concern. Mistrust of the scheme led to huge numbers of patients opting out of their data being shared.

The level of opt-out was so high – some 1.2 million patients - that in 2016 the NHS was forced to abandon the programme.

The future of NHS data: a story that could go one of two ways

We could make the next chapter of NHS history a story of using our collective health data for collective good. We could give patients a say in how data is used and how their privacy should be respected. We could build up the capacity of trusted NHS staff to use data well, improve the NHS’s own data infrastructure, and avoid over-dependency on private companies.

But that’s not how Big Tech companies like Palantir want the story to go. Unless we speak out, there’s a risk that the NHS slides into a long-term dependency on expensive US tech firms to analyse their data. And that Big Tech exploits and abuses its access to our health data, privatising the benefits of a resource that belongs to all of us.