The NHS is building one of the most ambitious data systems in its history: the Federated Data Platform (FDP). Designed to connect patient information across hospitals, trusts, and care systems, it promises faster diagnoses, better planning, and more efficient services. But behind the scenes, the project has become one of the most controversial digital initiatives in the UK.

The FDP is being developed under a £330 million contract awarded to US data analytics firm Palantir — a company best known for its work with intelligence agencies. When the contract was published, 417 out of 586 pages were redacted, including key sections on how patient data would be protected, prompting legal action from the Good Law Project (source).

What the Federated Data Platform actually is

According to NHS England, the FDP is a system that brings together data already held by NHS organisations into a single, secure interface. It does not replace existing systems — it connects them. The goal is to help staff access information more quickly and reduce delays caused by fragmented data (source).

The platform will process:

  • Personal data such as names, NHS numbers, and contact details
  • Health data including diagnoses, treatments, and care history
  • Operational data used for planning and resource management

NHS England says the FDP will support everything from bed management to cancer pathways, helping staff make faster, better-informed decisions.

Why the controversy?

The backlash isn’t about the idea of improving NHS data — it’s about how the project is being built, who controls it, and what it could become in the future. Several major concerns have emerged:

  • Lack of transparency — huge sections of the Palantir contract were redacted, including data protection clauses.
  • Legal uncertainty — lawyers have warned that key aspects of the FDP currently lack a lawful basis.
  • Mission creep — campaigners fear the platform could expand to include GP data or be used for non-care purposes.
  • Commercial involvement — Palantir’s background in defence and intelligence raises concerns about long-term control.

The Register reported that NHS England received legal advice stating that the FDP’s privacy-enhancing technology — provided by IQVIA — does not currently have a legal basis for processing personal confidential data. If unresolved, the NHS may be forced to allow patients to opt out of the system entirely (source).

What data will the FDP use?

NHS England’s privacy notice confirms that the platform will process:

  • Identifiable patient data (names, NHS numbers, dates of birth)
  • Health records and clinical information
  • Operational data used for planning and service delivery

The data comes from existing NHS systems — hospitals, trusts, and integrated care boards — and is stored in a secure environment with access controls. NHS England emphasises that the FDP is not a single national database, but a network of connected systems.

Will GP data be included?

This is one of the biggest public concerns. NHS England says GP data will not be included “initially,” but campaigners warn that the wording leaves the door open for future expansion.

Given the scale of the platform and Palantir’s long-term involvement, critics argue that mission creep is a real risk.

Who can access the data?

According to NHS England, access is limited to:

  • NHS staff involved in direct care
  • Authorised analysts working on planning and service improvement
  • Technical teams maintaining the platform

Palantir staff may have access for maintenance and support, but NHS England insists that Palantir cannot use the data for its own purposes.

Legal challenges and public trust

The Good Law Project has launched legal action demanding the release of the unredacted contract, arguing that the public has a right to know how their medical data will be used and protected.

Meanwhile, lawyers advising NHS England have warned that unless the legal basis is clarified, patients may need to be given the option to opt out of the FDP entirely.

This uncertainty has fuelled public distrust — especially given the NHS’s history of data breaches and previous failed attempts to centralise patient information.

So here’s the thing

The Federated Data Platform could transform the NHS by connecting fragmented systems and giving staff the information they need to deliver better care. But the combination of redacted contracts, legal ambiguity, and Palantir’s involvement has created a cloud of suspicion around the project.

Until the government provides full transparency and a clear legal framework, the FDP will remain one of the most controversial digital projects in the UK — a symbol of the tension between innovation, privacy, and public trust.

Read more

The Online Safety Act: Will the UK Force WhatsApp and Signal to Scan Your Messages?
Facial Recognition in the UK: Safety Tool or Surveillance Creep?
The NHS Federated Data Platform: Modernisation or a Massive Data Grab?
Predictive Policing in the UK: Smart Technology or Automated Discrimination?
Digital Borders: How AI Is Quietly Transforming UK Immigration Decisions
Smart Meters in the UK: Helpful Upgrade or a New Form of Energy Surveillance?
15‑Minute Cities: Urban Planning Vision or Digital Movement Control?
Britcoin: Modern Money or a Digital Surveillance Tool?
AI in the UK Public Sector: Efficiency Revolution or Mass Job Loss?