A leaked internal briefing note describes a new admin role on the £330m Federated Data Platform that lets external staff bypass case-by-case data approvals. Patient groups and Labour MPs have called the change dangerous.
NHS England has decided to allow external personnel from contractors, including Palantir, to access identifiable patient data through a new administrative role on its main data platform, the Guardian reported on Sunday, citing an internal briefing note.
The change applies to the National Data Integration Tenant, a controlled environment that NHS England describes as a “haven” for identifiable patient data before that data is pseudonymised and passed into other systems connected to the Federated Data Platform (FDP).
Under existing rules, anyone working on the platform has to apply for approval to access specific datasets, a process known as a Controlled Data Access (CDA) request.
The briefing note seen by the Guardian says NHS England is creating a new “admin” role that grants broader permissions to approved external staff in a single approval, on the basis that applying for individual CDAs had become “too inconvenient”.
Palantir Technologies won the £330m FDP contract in 2023 and is the primary external contractor on the platform. NHS England has said that anyone external requiring access under the new arrangement must hold government security clearance and be approved by an NHS England director or more senior official. The list of contractors with potential access also includes consultancy firms supporting the programme.
The Federated Data Platform is designed to pull operational data from trusts across the NHS into a single environment for planning, waiting-list management and resource allocation.
Identifiable patient information is meant to remain inside the National Data Integration Tenant, with only pseudonymised or aggregate data passed to downstream FDP modules. The new admin role applies to staff working inside the tenant itself.
Patient groups and several Labour MPs criticised the change. Labour MP Rachael Maskell told the Guardian the move was “dangerous” and urged ministers to intervene to halt the broader FDP project. medConfidential, a patient-data-rights group, said the new role represented a material shift in how identifiable data is governed inside NHS England’s largest data programme.
NHS England said the change had been internally approved by its information-governance team and that all access remained subject to existing legal and clinical-safety frameworks.
Palantir declined to comment on the specifics of the access arrangement. The company has previously said it processes NHS data only on instructions from NHS England and does not own or commercialise the underlying data.
The change reignites a long-running political dispute over the FDP contract. Critics have argued from the start of the procurement process that giving a single US-headquartered defence and intelligence contractor central access to the NHS data spine creates concentration risk and undermines public trust.
NHS England and the Department of Health have defended the contract on the basis that it improves operational efficiency and reduces clinical-safety risk by consolidating fragmented data systems.
Wes Streeting, the Health Secretary, has not made a public statement on the latest disclosure. The government’s broader position has been that the FDP is essential to NHS modernisation and that data-access processes are subject to robust controls.
The briefing note suggests the trade-off the new admin role embodies: faster operational onboarding of external staff against tighter case-by-case oversight of which datasets they access.
The Information Commissioner’s Office has not formally commented on whether the new role triggers any additional regulatory review. The Guardian’s reporting did not indicate when the role was scheduled to take effect; NHS England did not provide a date when asked.
