Loading...
Loading...
《金融时报》报道称,英国国民医疗服务体系(NHS)将授予Palantir承包商“无限制访问”患者数据的权限
Granting a private contractor broad access to patient records raises technical, legal, and ethical issues for data governance, security, and compliance. Tech teams must reassess access controls, auditing, and risk management around shared health data platforms.
Dossier last updated: 2026-05-11 18:47:35
The UK’s NHS England will grant Palantir staff and other external contractors an “admin” role giving broad access to identifiable patient data within the National Data Integration Tenant (NDIT) supporting the federated data platform (FDP). The internal briefing, seen by the Financial Times, signals a shift from case-by-case approvals to wider elevated permissions to speed setup and operations; it notes risks to public trust and recommends caps and time limits on external admins. Palantir and NHS say tight controls, audits and security clearances remain in place, while critics and cybersecurity advisers warn that expanded admin access increases breach and insider-threat risks. Palantir holds a £330m FDP contract with NHS England.
The NHS plans to grant Palantir staff and other external workers “admin” roles with broad, potentially unlimited access to identifiable patient data in the National Data Integration Tenant (NDIT) that feeds the federated data platform (FDP). The internal briefing — seen by the Financial Times — says the change eases previous case-by-case approvals and acknowledges risks to public trust and security, recommending caps and time limits on external admins. NHS England and Palantir insist strict controls, audits and government security clearance remain in place and that Palantir acts as a data processor under customer instructions. Critics warn expanded admin access raises breach and insider-threat risks for sensitive NHS data.
The UK’s health data system is reportedly set to grant Palantir effectively unrestricted access to NHS patient records under a government contract, sparking privacy and governance concerns. Palantir, a US data analytics company known for working with intelligence and defense agencies, would gain broad rights to link and analyze identifiable health data across NHS systems to support operational and planning functions. Critics warn this raises risks around patient confidentiality, commercial reuse, and oversight, while supporters argue it could improve resource management and crisis response. The decision matters for data governance, procurement transparency, and precedent for private tech firms handling sensitive public-sector data.
MPs and campaigners have raised alarm after reports that NHS England recently allowed Palantir staff unlimited access to parts of the health service’s federated data platform (FDP) containing identifiable patient records. The move, revealed in an internal briefing and reported by the Financial Times, contradicts earlier NHS assurances that personal data would remain protected, and comes despite warnings about public loss of confidence. Palantir, contracted under a £330m deal to build the FDP and integrate datasets with AI tools, says it is a data processor bound by NHS instructions and granular access controls; NHS England stresses security clearances and strict policies for external consultants. Critics call for greater transparency and stronger boundaries on data access. This matters because it raises privacy, governance, and vendor-control questions at the intersection of health data and AI.
The FT reports that the UK NHS will allow Palantir contractors broad, effectively unlimited access to patient records under a data arrangement tied to the health service’s data platform. Palantir, a US data firm, has been contracted to help run analytics and integration tools for NHS systems; critics warn the depth of access raises privacy and governance concerns about third-party handling of sensitive health data. Supporters argue the partnership enables faster integration, analytics and operational improvements across hospitals and care services. The dispute matters because it touches on data governance, vendor access controls, cross-border data flows and public trust in digitised healthcare infrastructure.
《金融时报》报道称,英国国民医疗服务体系(NHS)将授予Palantir承包商“无限制访问”患者数据的权限