This essay, on the the new NHS medical database, was my Observer column this week. It was published on 6 June 2021, under the headline “Tell me how you’ll use my medical data. Only then might I sign up”.

Would you allow your medical data to be anonymised and used for research into cancer or to aid future pandemic planning? Most people would probably say yes. I certainly would. But what if that data could be accessed by tech giants such as Google, medical corporations such as Babylon Health, security firms such as Palantir, or coercive state institutions like the police or immigration service? That raises a few red flags. And what if that anonymised data could in fact help pinpoint who you are? Now you’re getting me worried.

That’s the problem with medical data. It is indispensable for research and planning. And yet it can also be used in ways that invade our privacy or harm our future. It’s a tension likely to shape the character of healthcare and medical research. Rarely, though, do we have an open debate about this, an honest public conversation about the good and the bad. Governments, public institutions and private corporations – all would rather simply grab our data with the least amount of fuss.

That is just what is happening right now. Last month, the government quietly announced a scheme called General Practice Data for Planning and Research (GPDPR) under which, from July, all data held by GPs about their patients will become part of a central database that can be accessed by researchers and private corporations. You can opt out – but only until 23 June. Beyond that date, even if you object, the database will still keep the information it already has. The project, the opt-out and the deadline have all barely been publicised. Many doctors are hostile to the scheme, worried about questions of privacy and trust.

There are two kinds of medical databases important to the NHS. The first allows clinicians to access the records of patients they may be treating. So, for instance, if someone allergic to penicillin turns up at A&E, that information will be available to doctors there. One might have thought that such joined-up thinking already exists. Not so. A survey of NHS medical record-keeping in 2019 found 21 electronic systems, many of which could not share information. A quarter of NHS trusts were still using paper records. A new national system called Shared Care Records is expected to be in place by September, though there are still questions about privacy and access.

The second kind of database aggregates information from millions of people, allowing researchers and planners to see the big picture, from geographic or ethnic variations to hidden links between health issues. In 2013, NHS England launched its care.data project to create such an information store. The government was forced to close it down, however, after controversies over poor privacy safeguards and the sale of data to private companies.

That disaster may have been one reason for the new project being pushed through by stealth. The new database will include even more sensitive data, including on criminal activity, personal relationships and child abuse, as well as medical history. Yet a number of the problems that doomed the earlier scheme remain unresolved.

Many studies, for instance, have shown the possibility of identifying individuals even from anonymised data. The sale of such data to private corporations is still a live issue. In October 2019, NHS England’s top brass met big tech and pharma executives to discuss how they may be able to exploit the proposed database. There is, in principle, nothing wrong with private researchers accessing the data. The problem arises when it can be used potentially to snoop into our lives or to undermine the health service, for instance, by companies that want to take over GP surgeries.

Then there’s the issue of consent. Most medical procedures and research projects require “informed consent” – they cannot proceed without the explicit assent of individuals involved. The NHS data scrape rests on “presumed consent” – people are assumed to have agreed to give up their data unless they specifically opt out. This turns informed consent on its head. The problem is exacerbated by the almost furtive way in which the project has been set up. It’s the opposite of how an open, transparent system should work and could serve to undermine public trust in the NHS and in science.

When I die, I intend to leave my body for medical research. While I am alive, I am happy to donate my data for the same purpose. But I want that to be my decision. I want to know what the data is being used for. And I want to ensure that the public health service is not being damaged by the push for private profit. That’s not too much to ask, is it?