Fresh scrutiny has emerged over the governance of NHS patient data after revelations that a senior health system figure encouraged the expansion of patient information into a technology platform built by US analytics company Palantir while simultaneously advising the company.
At the centre of the controversy is Matthew Swindells, who has served as joint chair of four major NHS hospital trusts in north-west London since April 2022. During the same period, he was also working as an adviser to Palantir through the lobbying and consultancy firm Global Counsel.
The situation has raised concerns among healthcare policy experts and campaign groups about potential conflicts of interest and the governance of sensitive patient data as the NHS expands its use of advanced digital platforms.
Proposal to expand data use in NHS technology platform
According to internal communications reported in early 2026, Swindells suggested that additional patient data, particularly information from general practitioners that could be integrated into a data platform used by NHS organisations. The system in question is linked to the Federated Data Platform (FDP), a nationwide digital infrastructure project developed by Palantir that aims to help NHS organisations connect and analyse healthcare data across hospitals and services.
In a 2024 email to senior NHS leaders, Swindells reportedly argued that flowing patient-level data into the platform could help automate workflows and support population-level research and operational decision-making. The email suggested that information already held in a regional system known as Whole Systems Integrated Care (WSIC) could potentially be used for clinical analysis and later deployed operationally through the national platform. However, the idea immediately triggered concerns from other officials about information governance, contractual limitations and the legal framework governing the use of patient data.
NHS data protection rules and regulatory safeguards
NHS England emphasised that strict legal safeguards apply to the sharing and use of confidential patient data. Officials stated that GP-level patient information cannot be uploaded to the Federated Data Platform without formal data-sharing agreements involving GP practices, hospital trusts and integrated care boards.
These agreements define precisely which medical records can be shared, who can access them and for what purposes. Such rules are designed to protect patient privacy while allowing health systems to use data for clinical management and research. The NHS’s move toward large-scale data platforms reflects a broader effort to modernise healthcare infrastructure. Systems such as the FDP are intended to integrate previously separate databases so that hospitals can manage waiting lists, coordinate care pathways and analyse population health trends more effectively.
Palantir, founded in 2003, specialises in data integration software that allows organisations to combine large datasets from different sources and analyse them using advanced analytics tools. The company has previously worked with the NHS during the COVID-19 pandemic, when its software helped analyse vaccination data and manage medical supply chains.
Conflict-of-interest debate intensifies
The revelations have reignited debate about the relationship between technology companies and public sector decision-makers. While Swindells had declared his advisory roles and was required to abstain from certain procurement decisions relating to Palantir, critics argue that informal influence over strategic discussions about data platforms still raises ethical questions.
Some policy analysts say the episode highlights the need for stronger transparency rules governing how senior public officials interact with private technology firms involved in healthcare infrastructure. Swindells has said that his comments referred to the potential use of GP data within a local data environment controlled by NHS organisations, not the national platform itself. He also stated that the proposal was never implemented.
The dispute underscores the increasing role of digital technologies in modern healthcare systems. Data platforms, artificial intelligence tools and large-scale analytics are becoming central to clinical research, service planning and operational management. However, these technologies also raise complex questions about data governance, privacy and public trust, particularly when sensitive medical information is involved.
Balancing innovation and accountability
For policymakers and healthcare technology providers, the controversy illustrates the delicate balance between accelerating digital innovation and ensuring strong oversight. Advanced data platforms promise significant benefits, from improving hospital efficiency to enabling faster medical research. Yet experts warn that these systems must operate within transparent governance frameworks to maintain public confidence in how sensitive health data is used. As the NHS continues to modernise its digital infrastructure, the Swindells–Palantir episode may serve as a reminder that technological transformation must go hand-in-hand with robust ethical safeguards.
