Palantir’s NHS patient data access through a £330 million contract has ignited a firestorm of controversy over who controls Britain’s most valuable health information and why a US surveillance firm now holds the keys to it. The arrangement, which the company describes as a unified platform consolidating fragmented NHS databases, critics characterize as an unprecedented handover of intimate medical records to a private corporation with roots in law enforcement and warfare.
Key Takeaways
- Palantir’s NHS contract is worth £330 million, though implementation costs may push total taxpayer spend to £1 billion
- The contract was awarded in November 2023 with 417 of 586 pages redacted for commercial confidentiality
- NHS data covers 65 million UK residents and is valued at an estimated £10 billion per year
- The Federated Data Platform is expected to onboard all NHS providers and integrated care boards by 2028/29
- Critics compare the arrangement to DeepMind’s controversial Royal Free Hospital deal, warning of Big Tech exploitation
Why Palantir’s NHS Role Triggers Deep Unease
Palantir was founded to support law enforcement, warfare, and policing operations—a mission that sits uncomfortably with stewardship of the NHS’s intimate patient records. The company’s founder has reportedly expressed skepticism about the NHS itself, claiming it makes people sick, a statement that raises questions about his commitment to public health. Yet somehow this surveillance-focused firm now manages the infrastructure through which millions of British patients’ most sensitive data flows.
The secrecy surrounding the contract amplifies the concern. When NHS England finally published the agreement in late December 2023, 417 of the 586 pages were blanked out, including sections on data protection, because they remained subject to commercial negotiation. This is not transparency. This is a public institution handing over the keys to a private company while keeping the public locked out of the details.
The True Cost and Scale of Palantir’s NHS Footprint
The headline figure of £330 million masks the real financial burden. That initial contract value, which started at £182 million before rising to £330 million, covers only Palantir’s software and services. Implementation costs at individual hospital-trust level push the total taxpayer bill closer to £1 billion, according to analysts tracking the rollout. By 2028/29, NHS England expects all providers and integrated care boards to onboard to the Federated Data Platform and deploy Palantir’s core products and population health management tools.
The scale of what Palantir now influences is staggering. NHS data represents the largest set of structured, machine-readable health information in the world. One estimate values it at £10 billion per year. For context, Greater Manchester and other regional systems already operate their own data-sharing arrangements, yet NHS England is pushing a centralized Palantir platform that would consolidate these separate databases into one unified system. The decision to standardize on Palantir rather than build on existing regional infrastructure is a strategic choice that locks the NHS into dependence on a single vendor.
The Campaign Against Palantir’s NHS Access
Critics argue the contracts were rushed in secret, without an open procurement process, and details emerged only through legal action by the Good Law Project. Doctors’ Association UK commissioned polling showing that 48% of people would likely opt out if their data were held by a private company. Yet patients were never asked. The decision was made by NHS managers negotiating behind closed doors.
Advocates draw a direct line between Palantir’s NHS arrangement and DeepMind’s controversial deal with Royal Free Hospital, in which the Google subsidiary gained access to patient data without meaningful consent. Both deals follow a similar pattern: Big Tech approaches the NHS, promises efficiency gains, and walks away with access to one of the world’s most valuable datasets. The difference is that Palantir’s footprint is far larger, touching the entire English NHS rather than a single hospital.
What makes this comparison urgent is that once patient data is centralized and accessible to a US firm, the governance and oversight structures that protect it become critical. Yet those protections remain obscured by commercial confidentiality clauses and redacted contracts. If the NHS cannot explain to the public why Palantir was chosen over alternatives, or what safeguards prevent mission creep from healthcare analytics to law enforcement data-sharing, then the arrangement lacks the transparency a public institution demands.
Can the NHS Realistically Reverse Course?
One obstacle to change is technical lock-in. As Marc Farr, quoted in reporting on the FDP, noted: if existing systems manage cancer referrals today and work reliably, the NHS cannot simply turn them off until Palantir’s unified platform is proven to handle that workload. This creates a transition trap. The NHS commits to Palantir, builds dependency, and finds itself unable to switch without disrupting patient care. By the time problems emerge, alternatives are no longer realistic options.
The governance question is equally thorny. NHS England’s expectation that all providers onboard by 2028/29 suggests a top-down mandate rather than a choice. Individual trusts and integrated care boards may lack the autonomy to opt for competing platforms or maintain legacy systems. This concentration of power in a single vendor, especially one with Palantir’s background, contradicts the principle that public health data should serve the public interest, not corporate interests.
What happens if Palantir’s NHS data is breached?
The research brief does not detail Palantir’s specific security protocols or breach liability terms, so the contract’s redactions make this question impossible to answer publicly. That silence is itself a problem. If a breach exposed 65 million UK residents’ health records, who bears responsibility—Palantir, NHS England, or both? What compensation would patients receive? These answers should be transparent before the system goes live, not discovered after a crisis.
Is there a way to use NHS data responsibly without Palantir?
Yes. NHS data could improve care and support research if managed for the public benefit rather than corporate convenience. Existing regional data-sharing systems prove that the NHS can coordinate information without handing control to a US surveillance firm. The question is not whether data consolidation is possible—it is whether the NHS should consolidate under Palantir or pursue alternatives that prioritize public ownership and democratic oversight.
The Palantir NHS contract represents a critical inflection point for healthcare data governance in Britain. The decision made now will shape whether patient data serves patients and the NHS, or whether it becomes another asset extracted by Big Tech. The public deserves clarity on why Palantir was chosen, what the full costs and risks are, and whether there were genuinely no better options. Until those questions are answered transparently, the controversy will only deepen.
Edited by the All Things Geek team.
Source: TechRadar
