NHS opens the vault: Palantir and contractors get blanket access to patient records

NHS England has quietly decided to hand external contractors, including staff from Palantir Technologies, sweeping access to identifiable patient data. This marks a sharp departure from its previous approach of granting permissions case by case, and one that has already set off alarm bells internally.

The decision, revealed in an internal briefing note seen by the Financial Times, centres on the National Data Integration Tenant (NDIT), a component of the NHS's flagship Federated Data Platform (FDP).

According to the document, NHS England has agreed to establish a new "admin" role that gives non-NHS staff what the briefing itself describes as "unlimited access" to the NDIT and the patient-identifiable information stored within it. In addition to Palantir employees, staff from consultancy firms drafted in to help build the platform are also in scope.

The FDP is NHS England's ambitious attempt to unify fragmented data across the health service into a single, interconnected system. Palantir, the US data analytics firm, won a £330 million contract in 2023 to build the platform. The NDIT - the component at the heart of this controversy - is described in the briefing as a "safe haven for data" where patient information sits before it is pseudonymised and moved on to other parts of the system.

It is, in effect, the most sensitive layer of the entire architecture: the point at which records are still directly linkable to individual patients.

Under the approach that predates this decision, any individual working with the NDIT was required to apply for explicitly defined access to specific datasets. The new arrangement discards that model.

The briefing indicates that external workers pushed for the change because applying for each individual Clinical Data Access (CDA) approval had become, in their view, too cumbersome. The note records their reasoning: it is simply "too inconvenient to apply for all of the necessary individual CDAs."

NHS officials confirmed to the FT that the recommendation in the briefing had been accepted in recent weeks, though they stressed it would apply to only a small number of non-NHS staff, all of whom must hold government security clearance and be approved by an NHS England director or above.

What makes the briefing remarkable is not just what it authorises, but what it acknowledges. Written by a senior NHS data official in April, it explicitly flags a "risk of loss of public confidence" in how the NHS safeguards patient data.

It further notes that NHS England had committed to five "data promises" - including transparency about who can access patient information and what they can see - and warns that expanding unrestricted access directly undercuts one of those core commitments. "The more people have unrestricted access, the less that aim can be met," the document states.

Palantir's role in the NHS has never been without controversy. The company's deep ties to the US defence sector and its work in immigration enforcement have made it a flashpoint, with some NHS staff reportedly declining to work on the FDP over ethical objections to the firm. Its co-founder and CEO, Alex Karp, is a prominent backer of Donald Trump, adding a political dimension to an already charged debate.

Parliamentarians have taken notice. Martin Wrigley, a Liberal Democrat member of the House of Commons technology committee, described the situation as reflecting a "cavalier attitude to data security" and argued that the FDP project lacks security principles built into its core design.

Palantir, for its part, insists its software is legally and technically constrained. A company spokesperson said Palantir is designated under law as a "data processor," with the NHS acting as the "data controller," and that using patient data outside NHS instructions would be both illegal and technically impossible given the access controls in place.

Whether those assurances will satisfy a public that has not been consulted on these arrangements - and a parliament that is only now learning of them - remains very much an open question.