NHS: Databases
(asked on 10th October 2025) - View Source
Question to the Department of Health and Social Care:
To ask the Secretary of State for Health and Social Care, what safeguards are in place to ensure that patient data managed by Palantir under the Federated Data Platform contract cannot be (a) accessed, (b) used and (c) transferred for purposes unrelated to NHS (i) care and (ii) administration.
NHS England ran a rigorous independent and transparent procurement exercise for the NHS Federated Data Platform (NHS FDP), in line with public contract regulations.
The selection was made by multiple assessors against clear criteria following an open tender process where any supplier could respond with their solution. Potential suppliers were required to demonstrate their financial, commercial, security, and technical capability to meet contractual requirements.
The plans for an NHS FDP followed a consultation with trusts and integrated care boards to gather insight in order to understand what their common issues and challenges were in relation to data. The programme is supported by a Data Governance Group, made up of information governance professionals. The programme is also supported by the Health and Social Care Data Public Panel, a group consisting of patient, public, and professional representatives with an interest in patient data, including the Office of the National Data Guardian.
Privacy by design is a core principle of the NHS FDP, with robust security measures to safeguard patient information. Access to data must have an explicit aim to benefit patients and/or the NHS in England.
Palantir provides the software platform, Foundry, that underpins the NHS FDP. NHS England remains the data controller at all times for the national instance. Each NHS organisation is the data controller for their local NHS FDP instance and decides how their local data is used.
Palantir operates strictly under the instruction of the NHS. They do not own or control NHS data.
The NHS FDP is built with robust security and privacy controls, including Privacy Enhancing Technologies procured separately from Palantir. Data access is tightly governed. Only authorised users can access data for approved purposes, and all access is logged and auditable.