A health data opt-out that doesn't opt you out, and no patient-facing access audit
The National Data Opt-Out does not apply to the Palantir-built Federated Data Platform (168/214 trusts signed up), justified via direct-care purposes and an unpublished s254 direction that Parliament has questioned; the BMA voted to oppose FDP rollout in June 2025. The Single Patient Record (Health Bill; NHS App from 2028) will centralise further, while medConfidential warns opt-out 'reform' will weaken what remains. Patients still cannot see who has accessed or received their record: 'data usage reports' promised since the care.data era were never delivered; medConfidential's volunteer register is the only tracker.
Two national data-trust collapses (care.data, GPDPR) each cost millions of opt-outs and years of research capability. Repeating the pattern with FDP and SPR risks a third, at the exact moment the government is betting the NHS's future on data.
A statutory single opt-out covering all secondary uses including FDP-hosted products, plus a patient-facing data-usage report in the NHS App showing every access and release, independently audited.
// State-led: Instrument: statutory single opt-out plus NHS App usage-report mandate.
A third national health-data-trust collapse looms as FDP and the Single Patient Record centralise now, the opt-out fails to cover them, and patients still cannot audit access.