NHS England expands Palantir's patient data access under £330m Federated Data Platform contract

NHS England has confirmed a policy shift granting Palantir staff elevated administrative access to the National Data Integration Tenant, a repository containing identifiable patient data. The US data analytics firm, which built its reputation serving US intelligence agencies, secured the £330 million contract to build the Federated Data Platform in 2023. Under the previous access framework, Palantir personnel working on the FDP were required to submit individual applications to retrieve specific datasets from the NDIT. The new arrangement eliminates that safeguard, according to a briefing document seen by the Financial Times and confirmed by The Register.

The FDP consolidates operational data across NHS England hospitals, including patient records, surgical waiting lists, and ambulance response metrics. Originally intended to help the health service recover from the pandemic backlog, the platform now places Palantir engineers in a substantially different technical position. Other consultants involved in the FDP project will receive comparable elevated access permissions under the revised policy.

The change has drawn concern from privacy advocates and medical professional bodies, who warn that expanding technical access for external contractors increases the risk of data exposure or misuse. The NHS has maintained that contractual confidentiality provisions and pseudonymization processes protect patient information. Nonetheless, critics argue the policy shift represents a meaningful departure from the original access controls designed to limit Palantir's direct interaction with identifiable health data. The development is likely to intensify scrutiny of government contracts awarded to companies with prior intelligence agency relationships, particularly when patient records are involved.