Ministers say NHS data access unchanged – but it’s clear a fight took place
Key Points
- Health minister Preet Kaur Gill told Parliament on 28 May 2026 that high-level access permissions on the NHS Federated Data Platform have not been expanded.
- The denial follows Financial Times reporting that NHS England agreed to create an admin role giving external contractors, including Palantir staff, access to identifiable patient data.
- An internal April 2026 NHS briefing note warned of a risk of loss of public confidence and recommended capping and time-limiting the wider permissions.
- Palantir built the platform under a £330 million contract won in 2023 and says it acts only as a data processor under NHS control.
- The minister's answer did not address the admin role or the briefing note, leaving the data minimisation question raised by MP Martin Wrigley unresolved.
Health minister Preet Kaur Gill has told Parliament that high-level access permissions on the NHS Federated Data Platform have not been expanded.
The written answer, published on Thursday (28 May), responded to Liberal Democrat MP Martin Wrigley, who asked what assessment had been made of the impact of expanding such permissions on the NHS principle of data minimisation.
“There has not been an expansion of high-level access permissions,” Gill said. She added that NHS England had identified no adverse impact on data minimisation from how permissions are managed on the platform, and that access runs on a role-based and purpose-based footing so users reach only the minimum data needed for an approved function.
Wrigley’s question referred back to a July 2025 answer on the same platform, part of a running line of parliamentary scrutiny of who can see NHS records.
The answer runs against reporting published in May. The Financial Times reported that NHS England had agreed to create an administrative role giving external contractors, including staff at the US technology firm Palantir, access to identifiable patient data held in the National Data Integration Tenant, a holding area for records before they are pseudonymised.
Palantir won the £330 million contract to build the Federated Data Platform in 2023, a procurement that drew two legal challenges over its speed and transparency.
The platform links operational data across NHS trusts in England to support waiting list management and care planning, so the records it draws on cover large numbers of patients.
What the briefing note said
An internal NHS briefing note from April 2026, reported by the Financial Times, flagged a “risk of loss of public confidence” in how patient data is safeguarded if the wider permissions went ahead.
The note recorded that external workers had asked for the same access held by security-cleared NHS England staff because applying for each individual permission had become too inconvenient.
It recommended capping external administrative access, time-limiting the permissions and putting them under regular review. Gill made no reference to the administrative role or the briefing note in her answer.
Palantir has said it operates as a data processor under the contract, with its NHS customers acting as data controllers, and that using the data for any other purpose would be both illegal and technically impossible under access controls overseen by the NHS.
NHS England has said anyone external who needs access must hold government security clearance and be approved by a member of its staff at Director level or above.
NHS England describes the platform as operating under a privacy by design approach, with data minimisation set as a core requirement of its information governance framework. Its published privacy material states that national data opt-outs do not currently apply to data processed in the products running on the platform, and that the page will be updated if that changes.
The gap left by the parliamentary answer is the one Wrigley’s question targeted: whether the administrative role described in the reporting counts as an expansion of access, and how it squares with a principle that limits data use to the minimum necessary.
