Members of Parliament criticised NHS England after reports revealed staff from the US technology company Palantir Technologies received access to identifiable patient information before it had been pseudonymised.
Reports from the Guardian and Financial Times said internal NHS documents referred to “unlimited access to non-NHSE staff” working on the NHS Federated Data Platform, known as the FDP. The platform brings together NHS datasets through AI systems and shared digital infrastructure.
Palantir received a £330m contract from NHS England to help build the FDP. The company already works with military and government agencies in the United States, the UK and Israel, which has generated political and public criticism around patient privacy.
MPs and patient groups objected because outside contractors gained access to information capable of identifying patients before personal details had been removed from datasets. Campaigners believe public support for NHS technology projects depends on strict control over who can view medical records.
Internal NHS briefing documents acknowledged “considerable public interest and concern about how much access to patient data Palantir/Palantir staff have”, according to the Guardian.
What Have MPs And Campaigners Said?
Labour MP Rachael Maskell, who previously worked at the NHS, criticised the growing involvement of Palantir inside health service data systems.
She said, “As Palantir get their claws deeper into our NHS data we can see how it is opening it up to greater private interest. This is a dangerous development and I ask the government to get a grip on this project before it is too late.”
Martin Wrigley, a Liberal Democrat member of the Commons technology select committee, criticised how NHS England handled the system.
He said, “This somewhat cavalier attitude to data security demonstrated how this whole project does not have security by design at its heart. The public will be rightfully concerned that data privacy is not the first concern.”
The Patients Association also criticised NHS England after reports emerged about expanded contractor access to patient information.
Rachel Power, chief executive of the Patients Association, said patients wanted “transparency, clear boundaries around access to their data, and to be consulted when changes to those agreements are proposed”.
The criticism comes from the worry and fear that patients may lose trust in NHS digital systems if private contractors receive deeper access to medical information without public consultation.
More from News
- What Does The King’s Speech Mean For Businesses In The UK?
- The US And China Are Negotiating AI’s Future – Is The Middle East’s Neutral Position Still Tenable?
- Why Are Brands Moving From Traditional To Affiliate Marketing?
- World Password Day 2026, Part 2: How Are Passkeys And Security Shaping Industries?
- Wolverhampton HealthTech Leader Wins Digital Healthcare Award At Medilink Midlands 2026
- Is Uber’s New Data Mining Strategy Exploitative As Drivers Lose Their Jobs To Self-Driving Vehicles?
- Vision 2030 Promised A Tech Economy – Are MENA Founders Actually Benefiting?
- Behind The UK Government’s £50 Million Investment To Manage Illegal Drones
Why Does Patient Data Create Such Political Arguments?
Medical records have highly sensitive information about illnesses, mental health treatment, prescriptions, hospital visits and family medical histories. Many patients accept NHS data sharing for healthcare planning and treatment, though reactions become far more negative when private technology companies gain access.
NHS England previously said patient information would stay protected within NHS systems after the Palantir contract received approval during 2023. Reports about identifiable data access therefore generated anger among campaigners already opposed to the FDP contract.
Political criticism also comes from Palantir’s growing involvement across British public services. The Guardian recently reported that the company was nearing another agreement with the Metropolitan police involving AI analysis for criminal investigations.
Public opposition around Palantir already existed before the latest NHS reports came up. Hundreds of thousands of citizens and many backbench MPs have objected to the company receiving public sector contracts, according to the Guardian.
The latest reports intensified criticism because they arrived during a period when AI systems are becoming more deeply embedded inside healthcare and policing systems across Britain.
What Do NHS England, Palantir And Experts Say?
NHS England defended the arrangements and said all outside consultants accessing patient information require government security clearance and director level approval.
The organisation also said strict audit systems monitor access to identifiable information. Engineers sometimes need temporary access while working on technical systems known as data pipelines, according to the reports.
Palantir rejected accusations that it can freely use NHS patient records because the company operates as a “data processor” rather than a “data controller”.
The company said, “Using the data for anything else would not only be illegal but technically impossible due to granular access controls overseen by the NHS.”
Technology executives speaking after the reports argued that public trust depends on keeping sensitive healthcare information under British oversight and regulation.
Stuart Harvey, chief executive of Datactics, said, “The NHS can’t deliver effective AI without modern data infrastructure, but public trust is built on data privacy and sovereign architecture, not assurance. Patients need confidence that sensitive information remains under UK jurisdiction and subject to UK regulatory oversight.”
Sachin Agrawal, managing director for Zoho UK, said, “Once critical healthcare infrastructure becomes dependent on foreign technology providers, the government risks losing control over how data is governed, sparking a much wider conversation on the need for data sovereignty.”
He also said, “The NHS continues to accelerate AI adoption and the public needs assurance and transparency that sensitive data remains under UK jurisdiction, subject to strong governance, auditability and control built from the start.”
