Article Text

Download PDFPDF

How should we think about clinical data ownership?
  1. Angela Ballantyne
  1. Department of Primary Health Care and General Practice and the Bioethics Center, Otago University, Wellington, New Zealand
  1. Correspondence to Dr Angela Ballantyne, Department of Primary Health Care and General Practice and the Bioethics Center, Otago University, Wellington, New Zealand; angela.ballantyne{at}


The concept of ‘ownership’ is increasingly central to debates, in the media, health policy and bioethics, about the appropriate management of clinical data. I argue that the language of ownership acts as a metaphor and reflects multiple concerns about current data use and the disenfranchisement of citizens and collectives in the existing data ecosystem. But exactly which core interests and concerns ownership claims allude to remains opaque. Too often, we jump straight from ‘ownership’ to ‘private property’ and conclude ‘the data belongs to the patient’. I will argue here that private property is only one type of relevant relationship between people, communities and data. There are several reasons to doubt that conceptualising data as private property presents a compelling response to concerns about clinical data ownership. In particular I argue that clinical data are co-constructed, so a property account would fail to confer exclusive rights to the patient. A non-property account of ownership acknowledges that the data are ‘about the patient’, and therefore the patient has relevant interests, without jumping to the conclusion that the data ‘belongs to the patient’. On this broader account of ownership, the relevant harm is the severing of the connection between the patient and their data, and the solution is to re-engage and re-connect patients to the data research enterprise.

  • data
  • ownership
  • public interest
  • research
  • private property

This is an open access article distributed in accordance with the Creative Commons Attribution Non Commercial (CC BY-NC 4.0) license, which permits others to distribute, remix, adapt, build upon this work non-commercially, and license their derivative works on different terms, provided the original work is properly cited, appropriate credit is given, any changes made indicated, and the use is non-commercial. See:

Statistics from

Request Permissions

If you wish to reuse any or all of this article please use the link below which will take you to the Copyright Clearance Center’s RightsLink service. You will be able to get a quick price and instant permission to reuse the content in many different ways.


The clinical data ecosystem is complex and fragmented. Clinical data are increasingly valuable to both the public and private health sectors. Public sector agencies are under mounting pressure to use clinical data to drive better, cheaper, more efficient health services. In the private sector, healthcare data mining is a growing market. This involves purchasing electronic health records (EHRs) and selling data analytic services to pharmaceutical and other companies. Different regulation, cultural norms and incentives operate in the public and private sector, in clinical care and research and in relation to actively disclosed medical information (eg, in research and clinical care) versus the surveillance and collection of health information (eg, via the medical internet of things, wearables and smart devices). This variability leads to diverse standards and assumptions regarding data ownership in different sectors.

The focus of this article is on health data created in the course of a clinical consultation, primarily in jurisdictions with national healthcare systems such as Britain, Aotearoa/New Zealand, Singapore and Australia.[1] I am specifically interested in the rhetoric of ownership and different ways of understanding the work ‘ownership claims’ are doing in debates about appropriate management and stewardship of clinical data.

The rhetoric and metaphor of ‘ownership’ are increasingly important to debates in the media, health policy and bioethics about the appropriate management of health data. ‘It is hard to know…who really owns the data’1 is a common refrain. Unpacking what work the idea of ownership is doing is important for several reasons. First public views about clinical data management matter both intrinsically and instrumentally. Whether or not patients actually do (or should) own health data, they certainly have relevant interests at stake. By virtue of these interests, patients are entitled to have their concerns considered and addressed. More pragmatically, when data scientists overstep the parameters of the social licence (as was seen with the case in the UK[2]) patients will withdraw their co-operation from data collection and sharing activities. It is therefore practically important to understand the different narratives about ownership currently in play. Second, data regulation and research ethics rules in relation to secondary uses of clinical data are in flux in many jurisdictions.[3] To the extent that talk about data ownership influences these regulatory revisions, we need to understand the underlying drivers that lead to claims of data ownership. Third, secondary use of clinical data has significant potential to increase the effectiveness of medical care—saving lives, improving outcomes and patient safety, and cutting costs. Advances in artificial intelligence, learning healthcare systems and precision medicine all depend on access to clinical data. If claims of data ownership and individual control present a barrier to the use of data, we should be confident that these claims are robust.

There is some merit in the notion of ownership, not least because of its immediate intuitive appeal. But the underlying normative assumptions are rarely explored. Too often debate jumps from ownership claims to ‘solutions’ based on the notion of clinical data as private property (in a legal, or quasi-legal sense) and the proposals that patients should be able to sell their clinical data. This interpretation is problematic, unnecessarily narrow and misconstrues much of the important work performed by ownership rhetoric. I argue in favour of a broader relational account of ownership, and suggest that the solution to potential data harms involves strategies to reconnect patients with their data and engage them in debates and decision-making about secondary uses.

Interests in clinical data

Many parties have interests in clinical data, including the data subjects (patients), those making use of the data and those with an interest in the outcomes of research. Access to clinical data is subject to powerful political, economic and scientific interests, including the public interest in research, treatment and improved clinical care.2 Clinical data contain information that can contribute to telling many different stories about health, disease and well-being (see figure 1.)

Figure 1

A relational view of clinical data.

Patient data ownership is increasingly presented as a solution to various concerns about current data use and the disenfranchisement of citizens and collectives in the existing data ecosystem. Motivations for claims of patient data ownership include privacy protection, control over potential uses of data (eg, excluding uses that are contrary to the patient’s values) and a desire to share in the benefits generated by the use of clinical data. Potential data harms are presented in box 1.

Box 1

Data harms

Data harms can include:

  • Privacy breaches (unjustified or unauthorised intrusions into a patients’ personal sphere);

  • Discrimination and stigma (data may be used to characterise individuals or groups in ways that confer disadvantages);

  • Disenfranchisement (a lack of transparency and engagement regarding secondary data use);

  • Disempowerment (a loss of control and agency over secondary uses of data); and/or

  • Exploitation (patients or data producers do not benefit sufficiently from secondary uses of clinical data).

The proposed solutions to these potential harms rely more or less explicitly on a private property interpretation of ownership, with the implication being that treating data as private property would protect against these harms. But patient control of data does not necessarily prevent against all, or even many, potential harms. For example, patients generally see controlling access to clinical information as a significant aspect of maintaining their privacy. But patients may be overestimating their ability to protect the data. Privacy protection depends primarily on health information legislation/regulation, responsible data governance and data security systems. Even if patients were required to consent to all secondary uses of their clinical data, they are unlikely to be in a strong position to accurately assess these features and therefore make informed decisions about when to share their data. Patients may experience stigma by virtue of their membership to a group, regardless of whether their personal clinical data was used in research.

Private ownership claims

A dominant refrain in the media and some bioethics literature is that patients own their health data.[4]

People see their health data as being the product of their bodies and actions.3

There is broad agreement that it is individuals who should not only control their own data but also have the right to make decisions about access to their data…4

Eric Topol, a physician researcher leading part of the US precision medicine initiative All of Us, has issued a data manifesto for patients claiming ‘You need to own your data; it should be a civil right’.5

The rhetoric of individual ownership is likewise employed by academic researchers in order to engage the public in discussions about health data, DNA and genomics. For example, the global public engagement research funded by Wellcome and the Alliance for Genomics and Health is entitled Your DNA, Your Say.6

Evidently, the notion of personal data ownership is prevalent across the literature on clinical data—in academic work, public engagement, media and industry discourse. Some have even argued that, as ‘owners’, patients should have the opportunity to sell their data directly to researchers or companies.

Patients as data traders

There is a flourishing lucrative global trade in health data. Over 200 companies trade in EHRs.7 QIVIA is a $20 billion US-based data-mining firm that operates in more than 100 countries, compiling health dossiers on more than half a billion patients, drawing from doctors’ records, prescriptions, insurance claims, lab tests and more.8 Some commentators are concerned that patients are potentially exploited and unfairly excluded from the benefits of the new data economy. This concern drives the development of platforms to let patients participate as traders of health data.

For example, founders of the co-operative Savvy[5] argue that connecting patients with the medical industry is a lucrative market, and patients should not be excluded from buying and selling in this market.

Whenever a patient is seen by a doctor, or enters their information into a medical app or platform, they’re providing the health community an invaluable resource: their data. But they’re not getting compensated for it.9

Blockchain technology (best known for its use in cryptocurrency) is now being touted as a tool to allow individuals to establish a self-sovereign ‘data’ identity, where they could control the sharing and use of their personal data, including health data.[6] This is viewed by advocates as a method of ‘democratising data and putting ownership back into the hands of users’.10

The exploitation claim here rests on the supposition that patients currently receive insufficient, or no benefit—patients are characterised as naively giving their data away for free (or more perniciously, having their clinical data stolen). Artist Jennifer Lyn Morone has argued that citizens are in a state of ‘data slavery’11 ; and the data-sharing partnership between the National Health Service (NHS) and Google’s DeepMind (see box 2) has been characterised as the NHS naively ‘gifting’ patients’ data to Google.12

Box 2

Secondary data use that surprised data subjects

In 2017, Canadian vibrator manufacturer We-Vibe settled a £3 million privacy class-action suit from users. Unbeknownst to users, We-Vibe had been collecting sensitive data about when the vibrators were used, settings, and more, linking data to users’ email addresses and using the data for future product development.43

Google’s DeepMind is an artificial intelligence (AI) division within Google, created in 2014. In 2015 the Royal Free hospital (London), a part of the NHS, provided DeepMind with 1.6 million complete and identifiable medical records to support further testing of an app called Streams to help detect acute kidney injury. This partnership was initiated without patient consent, public debate, research ethics approval or suitable transparency processes. Subsequent critique focused on patients’ reasonable expectations regarding how clinical data will be managed, questions of ownership and commercialization of NHS data, and the exploitation of NHS data for private sector gain.12

In 2014, the Samaritans (a UK charity) launched an app called Radar on Twitter that used and algorithm to identify words and phrases which indicated distress and potential suicidality. The app was pulled weeks later due to serious concerns from Twitter users, especially those with a history of mental health issues, who said they felt under surveillance. Critics suggested the Samaritans hadn’t given sufficient thought to the ethical consequences of monitoring the personal data of nearly 2 million Twitter users.44

The suggestion is that allowing patients to sell their data would resolve the unfairness (on the presumption that the market would set a fair price). However in the vast majority of cases patients have already benefited, at least with respect to clinical data. The collaborative process of clinical data construction is primarily designed to provide a clinical benefit to patients. Clinical data are created to inform and guide appropriate patient care. The use of data for research is a secondary purpose. So the implication that patients are exploited because they do not benefit directly from the secondary use of clinical data for research is not compelling.[7]

Implicit in the exploitation argument is the assumption that patients would want to benefit financially from their clinical data. In general, this is not supported by empirical research, which consistently shows that patients are uncomfortable with the commercialisation of clinical health data, in particular businesses accessing public administrative data sets for profit.13 14

Problems with a private property interpretation

Aside from the problems with the exploitation argument, there are several other reasons why the idea of private ownership of clinical data is flawed.

First, popular debate, as outlined earlier, seems to imply that ownership confers a, clear, indisputable legal right of control. But this is not the case. The reality of property law is much messier than this. Property rights consist of a bundle of different rights regarding access to and use of any property in question. In property law, several people may have interests in one piece of property and different rules will apply to priority conflicts between those interests. Important bodies of law relating to the collection, distribution, access and use of health (or sensitive/personal) information include: privacy, data protection, human research, anti-discrimination and intellectual property. Therefore, in any given situation, a plethora of statutes, regulations, codes and case law may apply to the competing claims to clinical data.15 In some common law jurisdictions, some judges have ruled that it is inappropriate to treat confidential information (including clinical records) as property.16 17 Other judges have agreed but concluded that, while the information may not be property, the rights to access and use may be proprietorial.18 Such an approach belies any simple notion that ‘ownership’ of clinical data is an easy solution to disputes.

Second, even if we ignore the earlier arguments and decided to treat clinical data as privately owned, the data would still be subject to the state’s power to acquire and use property without permission. For example, many jurisdictions allow the state to seize property without consent for public projects, so long as fair compensation is provided. Even if patients were deemed to have property rights over their data, these resources could plausibly be used in public health activities without their permission as a legitimate exercise of the state’s police power.19 Use of clinical data for socially valuable research may be considered sufficient grounds to acquire and use patient data without consent.[8] For example, five US states have recognised patients’ ownership of genetic information, but two of these have implemented systems that allow unconsented use of this information in research.20

Put simply, no single party owns clinical data. Several actors have claims on it—the patient, the genetic relatives of the patient, the health professionals who create the data and the states that provide for the services and infrastructure to create and store the data. The notion of a simple right of private property is essentially a legal nonsense.

To be fair, property law itself may well be sufficiently nuanced, versatile and sophisticated to recognise competing interests and claims in property.21 In law, a private property model rarely confers the full bundle of rights to access and use property to a single owner. I am rejecting here the simplistic populist notion of private property, namely that patients’ could or should have unilateral power to control their clinical data.

Co-creation of clinical data

What are the grounds on which a patient might claim to be an owner of clinical data? One approach is to consider ownership as a form of Lockean natural right that arises when an agent mixes their labour with resources.22 23 This idea is broadly reflected in intellectual property laws, which protect original works of authorship or invention.23 Data scientists have argued ‘Data provided by humans can thus be seen as a form of labour which powers AI (emphasis added)’11; see also other works.24 25

But is it inaccurate to suggest that patients solely provide the labour that generates clinical data. Instead data are co-constructed through a collaborative process involving the patient and the clinician, with support from other professionals within the health system. Patients rely on health professionals to extract, interpret, process, describe, classify and store health information. Patients, even those who are medically qualified, require clinicians and health scientists to help construct their medical history, create radiology images, test blood samples and conduct gene sequencing. For example, if the patient writes a diary entry about their upset stomach, this writing belongs to the patient. But when a patient and doctor co-construct a medical history, this will look substantially different to the diary entry and that difference is a result of the intellectual work done by the doctor. The patient contributes the ‘raw material’ which is transformed into clinical data by the actions of medical staff.9

Not only does the raw material (patient description, physical samples) look significantly different from the final product (medical record); but substantial value has been added in the process. The clinical material desired for secondary research—EHRs, pathology slides, tissue samples—is co-constructed through a collaborative process involving the patient, the clinician and scientists working across the health system. Given these inputs, patients lack a compelling claim to a form of exclusive, private ownership. This conclusion demonstrates the error of conceiving of clinical data as the patient’s property.

Given these reasons for avoiding an interpretation of ‘ownership’ as an individual property claim, how else might we interpret the rhetoric of ‘ownership’?

Collective ownership claims

In addition to calls for private property rights in data, there are emerging narratives about collective ownership of clinical data. Given the co-production of data, these narratives are more compelling than private property claims. In national health systems (such as in the Britain, Australia, Singapore and New Zealand) doctors who co-produce clinical data are paid (directly or indirectly) as public servants, and the resources to store and manage data are provided by taxpayers. Arguably the results of these professionals’ labour are ethically co-owned by the state and should be used for public benefit and/or kept in the public domain.26 John Bell who headed the UK Life Sciences Industry Review regarding the NHS decision to share patient data with Google Deepmind argued that: ‘All the value is in the [NHS data and the data is owned by the UK taxpayer’.27 Others have argued that some data sets, such as those relating to the human genome, should be treated as the common heritage of humankind28 and protected as public property.3

A similar claim is made in relation to indigenous data sovereignty (IDS).28 Calls for IDS occur against the backdrop of historical collection and use of data to exploit, disempower and harm indigenous groups.29–31 IDS concerns the rights of a nation to govern the collection, ownership and use of its own data.32 In New Zealand, Te Mana Raraunga (the Māori Data Sovereignty Network) has called for sovereignty over Māori data,33 which broadly includes data about Māori organisations, businesses and resources, and data about Māori citizens.34

These claims go well beyond clinical data and are grounded in the collective interests at stake in secondary data use. They illustrate that there may be other approaches, apart from private property, which should be examined for effectiveness in settling disputes about data control and access.

Non-property relationships with data

There are relationships, other than property, that can justifiably employ ownership language—rather than the data belonging to the patient, the data are about the patient. Here the emphasis is on the special relationship the patient has with the data as the subject to which the data refer. By analogy, in referring to ‘my’ children, I do not mean that they belong to me as property; rather I mean to call attention to the special relationship I have to them. This broader interpretation is preferable to ‘property’ because it seems to better capture patients’ concerns about being disconnected from their clinical data and points to more fruitful solutions than turning patients into data traders.

Clinical data ‘about me’ deserve protection because it has social meaning and therefore power. How the data are used can affect the health, personal and social well-being of the patient. Data about collectives, such as specific patient or demographic groups, or indigenous peoples, can affect the well-being of those groups. As a result of this relationship, the data subject(s) have legitimate interests in secondary use of the data.

Well-established legal and ethical obligations regarding patient confidentiality are evidence of a non-property relationship between patients and their data. Obligations of confidentiality might seem to lend credence to the idea that patients own their information as property, because the use or sharing of the information without consent looks like a type of misappropriation (theft). But the obligations of confidentiality do not arise because I have shared ‘my property’ with a health provider; instead confidentiality requirements support the importance of protecting data ‘about me’ because of the relationship between the data, my well-being and the value of the trusting relationship I share with my health professionals. Critically, this covers information I have directly provided, but also information from other sources—information in my medical history originally disclosed by my parents, or (potentially) the results of a genetic test carried out on a family member.

Consider the public engagement research cited earlier—Your DNA, Your Say. This looks like a straightforward property claim. But interestingly, when explaining the importance of the study, the researchers do not rely on property claims such as ‘the DNA belongs to the patient’. Instead, they refer to citizens’ interests with respect to the mainstreaming of genomic technologies in healthcare: ‘Empirical studies on attitudes, values and beliefs are incredibly valuable; they offer a voice from those who are, or will be, directly affected’.34 Here the patients are characterised as passive, they are the object on which the technology acts; and by virtue of this impact they have legitimate interests.

One further advantage of a broader relationship interpretation of ownership is that it provides a flexible framework for acknowledging multiple relationships with the data. ‘My’ child has multiple relationships—to me, the rest of her immediate family, extended family, different communities and social groups. So too, clinical data exist in multiple relationship—they tell a story about an individual patient, but also often about the family, various different communities (patient, demographic, geographic, ethnic and cultural) and about different diseases, prognoses and treatments (see figure 1). Benkler’s work on commons-based peer production in a networked environment provides a useful example of how different interests can be accommodated within a complex system: there need not be one single data owner.35 Thus the idea of ownership has normative value when it is used to draw attention to the rich and complex bundle of interests that we have in data that tells a story about us and our relationships to others.


On this reading, calls for patient ownership reflect the anxiety that arises from the severing of the relationship between patients and their data. Secondary uses for research may be (and often are) outside the patients’ expectations of data use and there is a lack of transparency in the data ecosystem making it hard, even for interested patients, to understand how their data are shared, linked, repurposed and re-used. Mittelstadt and Floridi argue that the ‘The emerging picture is of data subjects in a disempowered state, faced with seemingly insurmountable barriers to understanding who holds what data about them, being used for which purposes’.36 Several high profile cases demonstrate patients’ or users’ surprise at the way their health or clinical data are monitored, accessed and used (see Box 2). These surprises breed distrust and motivate calls for new tools to control and protect data.

As I have argued, the solution is not necessarily to focus on private property, monetarise patient records and encourage patients to become data traders. Instead, we should look to flexible models that reconnect patients to their data—thereby re-establishing the relationship between the patient and the data. The key features of this approach could be improved transparency, flexible consent models and patient and population involvement. Transparency is a necessary platform for public engagement and should be prioritised across the clinical data ecosystem. Then there are reconnection solutions that can work on the level of the individual patient such as dynamic consent.37 There are also models to empower collectives, based on co-governance and stewardship.33 38 For example, in New Zealand, health research conducted in District Health Boards must undergo Māori research review.39 In Australia, collective consent is sought for genetic research with indigenous communities.40 Future work in data ethics should look beyond narrow conceptions of private property to address data harms, and instead should explore broader models of patient engagement and collective governance of secondary research.


The clinical data ecosystem is already complex, and that is only likely to increase. I have argued that the rhetoric of ‘ownership’ works as a metaphor underpinning, justifying and motivating a wide variety of concerns regarding current uses of clinical data. In order to unpack some of these competing concerns, I have distinguished private property from other sorts of relevant relationships between data subjects, data producers and the data. When ownership claims are interpreted as private property claims, the solution appears to be platforms (for example blockchain) to allow patients to curate, control and sell their data. But there are problems associated with framing data as private property. In particular, clinical data are co-constructed, so a private property account would fail to confer exclusive ownership rights to the patient. I argue in favour of a broader relationship account of ownership—rather than the data belonging to the patient, the data are about the patient. But the data are equally about families, communities, diseases and health systems. Solutions therefore need to include flexible models to ‘reconnect’ patients and communities with their clinical data.


Thanks to Wendy Rogers, Cameron Stewart, Graeme Laurie and Liesel Theron for their advice and input to the arguments developed here, to the anonymous reviewers for their constructive suggestions and to the SHAPES Working Group on Big Data Ethics (CBmE, National University of Singapore) for fruitful discussions.



  • Correction notice The acknowledgements section of this article has been amended since it was first published online.

  • Contributors This is a sole authored paper.

  • Funding This research was funded by the Royal Society of New Zealand (Marsden Fund) Grant number UOO1515, and was partially conducted whilst on sabbatical as Visiting Research Fellow at the Yale Interdisciplinary Bioethics Center.

  • Competing interests None declared.

  • Patient consent for publication Not required.

  • Provenance and peer review Not commissioned; externally peer reviewed.

  • Data availability statement There are no data in this work

  • Note that a number of US states gave patients ownership of their genetic information, and several have considered whether to recognise patient ownership of health records. New Hampshire is the only state that explicitly gives patients ownership of their health data, and most states do not have any law delineating the custody of records. See Evans.19

  • were a program launched by the National Health Service in 2013 that aimed to extract and use anonymised patient data from General Practitioner (GP) records, to a central database held by the Health and Social Care Information Centre for research and analysis. The program was put on hold numerous times due to concerns about patient trust, social licence, consent and data security and was terminated in 2016.

  • Regulation that has been recently introduced, revised or is currently under revision the General Data Protection Regulation (GDPR) in Europe, changes to the Common Rule in the US, revisions to the National Health and Medical Research Council (NHMRC) guidelines in Australia and the current New Zealand public consultation regarding revisions of the National Ethics Advisory Committee (NEAC) research ethics guidelines.

  • Discourse about patient ownership of data is related to broader citizen science movements, where citizens are encouraged (some would argue exploited) to be ‘good bio-citizens’ by contributing their data and DNA to benefit medical research. Relevant literature includes: crowdsourcing, participatory surveillance, citizen science and the quantified self-movement (where citizens share data through mobile device-connected technologies). See Kostkova et al. 41

  • The Savvy platform is a cooperative, owned collectively by patients who buy a membership for US$34. Savvy connects patient with health researchers and companies looking for qualitative research participants; and members’ share of the annual profits depends on how active they have been in this research.

  • The Hub of all Things (HAT) microserver promises to empower individuals to own their personal data by conferring intellectual property rights over personal data to individuals through their ownership of a database; this would give individuals the power to control when their data are shared and re-used over the internet. See The HAT.42

  • Further, treating data as private property would not eliminate the risk of exploitation. Patients would be trading their data in an unequal market, with significant power differentials, which would likely drive down prices.

  • Generally the state is required to compensate owners if property is appropriated. So this might lead us to ask, if patients’ own their data, in what way should they be fairly compensated for non-consensual use of that health data for research? See Evans.19

  • This is the approach to medical records by the High Court of Australia in Breen v Williams (1996) 186 CLR 71, where the court found that health records belonged to a doctor as they had been written by the doctor, for the doctor’s own purposes, not for the patient.

Other content recommended for you