GPC England has long advocated for broader use of the OpenSAFELY platform, and NHS England has confirmed that the system will now be cautiously expanded to cover non-COVID analyses, including clinical audit, service evaluation, health surveillance, and research. The BMA is supportive of this next phase, recognising the robust privacy and transparency methods developed by Professor Ben Goldacre’s team, which continue to protect practices as data controllers of the GP record.
What’s changing?
- OpenSAFELY, initially developed for COVID-related data analyses, is now being extended to other areas of research and population health.
- Analyses will continue to run securely within the GP electronic health record system (EMIS Web or SystmOne), and pseudonymised data never leaves your practice system.
- NHS England will act as data controller for the service once initial queries have taken place, and only aggregate data will leave the platform.
- Only anonymous, aggregate outputs are shared, with every action on the platform publicly logged in real time.
What practices need to know:
- Practices remain the data controller for their patients’ records.
- There is no direct interaction with pseudonymised patient-level data when analyses are run.
- A formal Data Provision Notice (DPN) will be issued shortly, after which practices will have six weeks to confirm acceptance by pressing a button within their clinical system.
- Further communications from NHS England will outline exactly when and how to do this.
- The BMA will provide more information and next steps once the Direction is issued.
Further information
We will add a link to the relevant BMA guidance pages when they become available.