Members of Parliament are raising serious concerns about the NHS’s decision to give US tech firm Palantir broader access to patient data. The move allows company staff to view identifiable patient information before it’s been stripped of personal details – a significant expansion of the controversial £330 million contract.
This development comes as Palantir faces growing opposition to its expanding role across UK public services, from policing to healthcare. The company’s background supporting military operations and immigration enforcement has made its NHS involvement a lightning rod for privacy campaigners and politicians alike.
What access has Palantir been granted
NHS England recently allowed Palantir staff and other contractors to access patient data before pseudonymisation takes place. Pseudonymised data has identifying details like names or NHS numbers replaced or masked to protect privacy.
According to Financial Times reporting, an internal NHS briefing revealed this grants “unlimited access to non-NHSE staff” to parts of the NHS’s federated data platform. This system brings together health datasets from across the NHS to support planning, treatment and service improvements.
The internal briefing acknowledged “considerable public interest and concern about how much access to patient data Palantir/Palantir staff have” and noted risks to “loss of public confidence.”
Why this change was made
NHS England says the platform contains hundreds of different datasets, making it time-consuming for contractors to apply for individual permissions each time. Palantir engineers need access to work on the system’s “data pipelines” – the technical processes that move, clean and organise data.
The health service maintains that instances where contractors see identifiable patient data are logged and monitored. All external consultants must have government security clearance and director-level NHS approval.
Politicians and campaigners push back
The decision has sparked criticism from multiple MPs across party lines:
- Rachael Maskell, Labour MP and former NHS worker, called for the entire Palantir project to be stopped, saying it opens NHS data “to greater private interest”
- Martin Wrigley, Liberal Democrat on the Commons technology committee, criticized the “cavalier attitude to data security”
- Campaign group Foxglove argued patients “never consented” to their data being accessed by a company known for “targeting people, not caring for them”
The Patients Association expressed concern that patients weren’t consulted on such a significant change to data access arrangements.
Palantir’s expanding UK role faces resistance
This NHS controversy sits within broader opposition to Palantir’s growing presence in UK public services. The company is reportedly close to securing an expanded contract with the Metropolitan Police to analyze criminal intelligence using AI.
Recent polling shows more than two-thirds of UK citizens are concerned about Palantir’s increasing number of public contracts, while 40% distrust the company not to misuse NHS patient data.
Palantir maintains it acts only as a “data processor” following NHS instructions, not a “data controller” that could use information for its own purposes. The company says using data for anything else would be “not only illegal but technically impossible” due to access controls.
What happens next
NHS England defended the arrangement, saying access is limited to “a small number of people” working on the data platform. The health service emphasized its “strict policies” for managing data access and regular compliance audits.
However, this marks a notable shift from NHS England’s 2023 promise that “personal data remains protected and within the NHS at all times” when the Palantir contract was first announced. The growing political pressure suggests this issue will continue to face scrutiny as the platform rolls out across the health service.