Written questions by Wrigley.

Whether the contract for the Federated Data Platform will require Palantir to publish an open standard data schema to enable interoperability with alternative platforms.

The contract for the Federated Data Platform and Associated Services (FDP AS) includes provisions to ensure interoperability and support for market development through the use of open standards. As part of this, the platform is underpinned by the NHS Canonical Data Model (CDM), which provides a consistent and open data schema that all parties connecting to the FDP must use. This ensures that data can be shared and understood across different systems and platforms, supporting interoperability and reducing the risk of vendor lock-in. To further support transparency and innovation, NHS England has taken steps to publish the CDM on GitHub. This enables developers and suppliers to understand the structure and semantics of the data used within the platform, and to build compatible solutions that can integrate with the FDP. The publication of the CDM is part of a broader commitment to openness and technical sovereignty, ensuring that the National Health Service retains control over its data infrastructure and can transition to alternative providers if needed.

Whether NHS trusts have received (a) financial support and (b) incentive payments to enable uptake of the Federated Data Platform.

NHS England has procured and paid for licences to provide a Federated Data Platform instance for all trusts and integrated care boards for the full duration of the contract. This includes providing onboarding and implementation support and ongoing access to a National Centre of Excellence and user forums.

Whether (a) federated machine learning and (b) transfer learning techniques have been employed in the Federated Data Platform.

Neither federated machine learning nor transfer learning techniques are currently utilised within the NHS Federated Data Platform (FDP).The FDP is designed to support operational use cases such as elective recovery, care coordination, and discharge planning by enabling secure, real-time access to data across National Health Service organisations. While the platform supports advanced analytics and data integration, it does not currently employ federated or transfer learning methods as part of its architecture or functionality.NHS England continues to monitor developments in artificial intelligence and machine learning to ensure that any future applications involving NHS data align with core NHS principles, including safety, fairness, and accountability.

Whether NHS England has conducted data transfer impact assessments on (a) access, (b) processing and (c) codebase maintenance undertaken by overseas Palantir staff.

There is no overseas processing of data of any type by the Federated Data Platform (FDP) programme, and therefore transfer impact assessments are not required. This is laid out in the FDP Information Governance Framework, which is available at the following link:https://www.england.nhs.uk/long-read/federated-data-platform-information-governance-framework/

Whether (a) containerised services, (b) data pipelines and (c) Application Programming Interface integrations used within the Federated Data Platform are managed from (i) repositories and (ii) orchestration tools hosted outside the UK.

There is no overseas processing of data of any type by the Federated Data Platform (FDP) programme, and therefore transfer impact assessments are not required. This is laid out in the FDP Information Governance Framework, which is available at the following link:https://www.england.nhs.uk/long-read/federated-data-platform-information-governance-framework/

Whether (a) synthetic datasets, (b) model parameters, (c) algorithm weights and (d) derived feature maps generated using NHS training data have been (i) exported to and (ii) accessed from locations outside UK sovereign data zones.

There is no overseas processing of data of any type by the Federated Data Platform (FDP) programme, and this includes synthetic data and all functionalities. This is laid out in the FDP Information Governance Framework, which is available at the following link:https://www.england.nhs.uk/long-read/federated-data-platform-information-governance-framework/

Whether the Government has issued guidance to help ensure that AI solutions trained on NHS datasets align with NHS principles.

Artificial Intelligence (AI) solutions trained on National Health Service datasets must align with core NHS principles, including safety, fairness, transparency, and accountability. These principles are embedded in the NHS’s approach to digital innovation and data use.To support this, NHS England utilises guidance developed by the NHS Transformation Directorate, which sets out expectations for the safe, lawful, and ethical use of AI in health and care settings. This includes ensuring that AI systems are explainable, that data is used responsibly, and that decisions remain under human oversight.The guidance has been reviewed by the Health and Care Information Governance Working Group, including the Information Commissioner’s Office (ICO) and the National Data Guardian (NDG), and is publicly available on the NHS Transformation Directorate’s website:https://transform.england.nhs.uk/information-governance/guidance/artificial-intelligence/This framework helps ensure that AI innovations developed using NHS data are aligned with NHS values and are deployed in a way that benefits patients, supports clinicians, and maintains public trust.

What (a) encryption key management protocols and (b) physical hosting zones are in place to ensure NHS datasets remain (i) logically and (ii) geographically partitioned from Palantir’s multi-tenant infrastructure.

Access to National Health Service health and social care data within the Federated Data Platform (FDP) is tightly controlled. The FDP incorporates advanced Privacy Enhancing Technology (PET), which has been procured from a separate supplier to ensure independence and to mitigate any conflicts of interest.It is a contractual requirement that personal data stored in the FDP and NHS PET cannot be accessed by its own personnel or contractors from outside the United Kingdom. In accordance with General Data Protection Regulation principles of transparency and accountability, NHS England has published details in the FDP Information Governance Framework. This framework is available at the following link:https://www.england.nhs.uk/long-read/federated-data-platform-information-governance-framework/

Whether the Federated Data Platform’s architectural governance model includes constraints on cross-domain identity federation between (a) NHS instances and (b) other public sector deployments of (i) Foundry and (ii) Gotham.

Each local organisation operates its own instance of the NHS Federated Data Platform (FDP), for which it is the data controller. These instances are designed to support local autonomy and governance, allowing organisations to opt into core products that enhance patient care delivery.The architectural governance model of the FDP does not include provisions for cross-domain identity federation between National Health Service instances and other public sector deployments of Foundry or Gotham. Instead, the platform enables local organisations to connect and share information currently stored in separate systems, but only where there is a legal basis to do so. This ensures that data sharing is conducted within a safe and secure environment, respecting organisational boundaries and data protection obligations.Further technical and governance details are outlined in the information governance framework for the FDP, which confirms that all data remains within United Kingdom sovereign zones and that access is restricted to authorised personnel. The information governance framework for the FDP is available at the following link:https://www.england.nhs.uk/long-read/federated-data-platform-information-governance-framework/

Whether his Department has had deductions with Palantir Technologies Ltd on (a) profit-sharing arrangements and (b) access to derivative data linked to NHS research outputs.

NHS England has entered into a contract with Palantir, the NHS Federated Data Platform Associated Services (FDP-AS) contract, which is available at the following link:https://www.contractsfinder.service.gov.uk/Notice/0f8a65b5-23a2-4294-abb1-a7fd8efb3ad0The FDP-AS Agreement does not include provision for profit sharing arrangements and Palantir does not have access or rights to any National Health Service data under the FDP-AS, beyond those as required to perform its function as a data processor under instruction by the NHS.

Whether his Department has received representations from (a) Palantir Technologies Ltd and (b) its subsidiaries on combining data functions under a single NHS data contract.

My Rt Hon. Friend, the Secretary of State for Health and Social Care met with representatives of Palantir on 4 June 2025. The meeting was to discuss the importance of the rollout of the Federated Data Platform, including progress towards having all trusts onboarded. The meeting did not discuss combining data functions under a single National Health Service data contract, and the Department has not received representation from Palantir or its subsidiaries on that topic.

Whether (a) outputs and (b) intermediate artefacts generated via Foundry workflows are permitted to be retained by Palantir Technologies for the purpose of product refinement.

All products, outputs, and intermediate artefacts generated within the Federated Data Platform, funded by the National Health Service under the NHS Federated Data Platform Associated Services (FDP-AS) agreement, are the intellectual property of the NHS, and Palantir is not permitted to utilise these for their own purposes. Further information on the FDP-AS is available at the following link:https://www.contractsfinder.service.gov.uk/Notice/0f8a65b5-23a2-4294-abb1-a7fd8efb3ad0

Whether pseudonymised NHS data processed within the Federated Data Platform is subject to remote (a) operability and (b) telemetry access by (i) engineers and (ii) DevOps teams located outside the UK.

There is no overseas processing of data of any type by the Federated Data Platform (FDP) programme, and this includes synthetic data and all functionalities. This is laid out in the FDP Information Governance Framework, which is available at the following link:https://www.england.nhs.uk/long-read/federated-data-platform-information-governance-framework/

What discussions he has had with NHS England on its data cleaning specification for Palantir; and whether that specification defines how patient data are (a) extracted, (b) transformed and (c) loaded into the federated data platform.

NHS England has not had any discussions with my Rt Hon. Friend, the Secretary of State for Health and Social Care on this matter. Each local organisation has their own instance of the NHS Federated Data Platform (FDP) for which they are the data controller, and can opt into any of the core products that support delivery of patient care. Local organisations can connect and share information currently stored in separate systems to support staff to access the information they need in one safe and secure environment, where there is a legal basis to do so. Data is only ingested into an FDP Tenant following establishment of the legal basis and a specific purpose for usage of that data. Most commonly this is for use in FDP products, for example those which support the management of waiting lists, theatre scheduling, or effective discharge of patients. Data is extracted, cleaned, enriched, and transformed according to the requirements of each use case or product. The FDP program uses the concept of the NHS Canonical Data Model to ensure that data is treated consistently across FDP Tenants, and this enables the development of consistent, reusable products. Prior to ingestion from the source systems to the FDP Tenant, the NHS-Privacy Enhancing Technology (NHS-PET) service registers the flow. NHS-PET is a standalone service located between primary data sources and the FDP-Associated Services (AS) platform, providing a data orchestration and privacy service for FDP-AS data ingress and inter-tenant transfers. The NHS-PET service creates records of the types and uses of data which are used in every instance of NHS FDP. If the data is to be used for secondary uses, not direct care, the NHS-PET service can treat personal data to remove identifiers utilising techniques such as anonymisation, masking, generalisation, and pseudonymisation. Privacy treated data is modelled by FDP-AS and is then made available for specific purposes.

Whether his Department has made an assessment of the potential risks of cross‑contamination risk when data from multiple NHS trusts are ingested into a single cloud environment.

In order to assess the risk and impact to data privacy, all Federated Data Platform (FDP) installations are required to complete a Data Privacy Impact Assessment (DPIA). An overarching DPIA for the FDP was also undertaken. Each FDP Tenant is a logically separated instance of the Foundry Platform. Each tenant has separate administrators, and independent control of all data ingress and egress. User access is controlled by a combination of Role Based Access Controls and Purpose Based Access Controls to ensure that access to data is only available to users with a documented and auditable reason for access. All changes to the product or platform go through a careful process of development, testing, quality assurance, and change management before they are released. This helps to prevent errors and problems. The FDP has several measures in place to keep data safe. These include:¾strong network security, namely firewalls and intrusion detection systems that monitor all network traffic to and from the platform, to block unauthorised access and detect suspicious activity;data encryption of all data stored on the platform, both when transferred, or in transit, and when stored on servers;purpose based access, as users only have access to the data they need to do their jobs. This helps to minimise the risk of unauthorised access to sensitive information;detailed logging and monitoring, as all user activity on the platform is logged and monitored for suspicious activity. This helps to identify potential security breaches quickly and maintains a full audit trail. Security logs are encrypted and stored securely;regular security testing, with the platform undergoing regular penetration testing and vulnerability scanning to identify and fix any weaknesses in its security;development lifecycle, with all changes to the product or platform going through a careful process of development, testing, quality assurance, and change management before they are released. This helps to prevent errors and problems; andmonitoring, as live services teams constantly monitor the product or platform 24 hours a day, seven days a week to quickly identify and fix any issues that may arise.

What intellectual property rights NHS England retains over (a) data models, (b) ontologies and (c) analytics solutions produced within the Federated Data Platform.

Within the NHS Federated Data Platform (FDP), the National Health Service retains the Intellectual Property of the solutions it funds or develops, including all associated data models, ontologies, including the NHS Canonical data model, products, and analytical solutions. Under the FDP-Associated Services Agreement between NHS England and Palantir, background Intellectual Property, prior to entering into the agreement, remains the property of the respective party.

Whether he has received recent correspondence from Palantir.

My Rt Hon. Friend, the Secretary of State for Health and Social Care received a letter from Louis Mosley, the Executive Vice President for the United Kingdom and Europe of Palantir Technologies, on 3 March 2025, offering to meet to discuss the roll-out of the NHS Federated Data Platform.

If he will make an assessment of the potential impact of working with commercial suppliers whose senior leadership have expressed overt political affiliations on the reputation of NHS England.

Commercial contracts awarded by the Department, NHS England, or other National Health Service bodies are held with a company rather than individuals.NHS bodies set their own policies on how to award contracts, but they must do so in line with the law, specifically the Public Contracts Regulations 2015 and now the Procurement Act 2023 which came into force in February 2025, and central policy. The Government uses a standard selection questionnaire that requires suppliers to confirm they meet certain standards. Suppliers can be excluded for a variety of reasons, including where they are guilty of grave professional misconduct or where they have shown significant or persistent deficiencies in the performance under a prior public contract. Full guidance on the Procurement Specific Questionnaire, which replaces the standard selection questionnaire under the Public Contract Regulations, can be found on the Government Commercial Function’s Procurement Pathways website.

What proportion of Federated Data Platform development work is carried out by UK‑based engineers; and whether data processing beyond AWS input processes is off‑shored.

All NHS Federated Data Platform (FDP) development work is carried out by United Kingdom based engineers, therefore there is no offshoring. This is documented in the contract, Information Governance Framework, and Memorandum of Understanding. It is a contractual requirement that personal data stored in the FDP and National Health Service Privacy Enhancing Technology cannot be accessed by its provider’s personnel or contractors based outside the UK. These measures collectively ensure that NHS data remains under UK jurisdiction and that all processing of patient information will be within the UK only. This is a contractual requirement, and one of the key principles of the Federated Data Platform Information Governance Framework. Data cannot be accessed or processed by non-UK Government entities.Information on how data is protected, who can access it, and under what conditions, is available at the following link:https://www.england.nhs.uk/long-read/overarching-data-protection-impact-assessment-dpia-for-the-federated-data-platform-fdp/#18-in-which-country-territory-will-personal-data-be-stored-or-processed

Whether NHS‑funded analytics solutions created on the Federated Data Platform have been (a) patented and (b) registered by (i) Palantir Technologies and (ii) its subsidiaries.

Within the NHS Federated Data Platform (FDP), where the National Health Service commissions and funds the development of solutions, the intellectual property of these solutions remains with the NHS.Under the FDP-Associated Services Agreement between NHS England and Palantir, background intellectual property, prior to entering into the agreement, remains the property of the respective party.