Britain hands health records to American defence contractor while local NHS trusts build superior alternatives
Greater Manchester and Leeds refuse Palantir's software, exposing a contract driven by politics rather than patient care
Matt Hennessey did not set out to embarrass the British government. As Chief Intelligence and Analytics Officer for Greater Manchester's health system, he spent six years building a data platform that links hospital records with community care, tracks disease patterns across a population of 2.8 million, and directs resources where they save lives. His team estimates their work prevented around 180 heart attacks and 200 strokes last year alone. The platform was built in-house, by NHS staff, using commercially available tools assembled with local expertise and funded by local budgets.
Then London told him to replace it.
In November 2023, NHS England awarded a £330 million, seven-year contract to Palantir Technologies—the American surveillance company founded with CIA seed funding—to build a national Federated Data Platform. Every trust and integrated care board in England was instructed to adopt it. When Hennessey's team evaluated what Palantir was offering, they discovered something awkward: their homegrown system "exceeds anything the FDP currently offers." Capabilities already in daily use in Manchester were "two to three years away" in Palantir's version. Adopting the national platform would be, they concluded, "a time-consuming and possibly retrograde step."
Manchester is not an outlier. Leeds Teaching Hospitals Trust, operating seven hospitals for 1.5 million patients, warned NHS England in a private letter that switching to Palantir would mean they "lose functionality rather than gain it." Trusts in Hampshire, East Kent, Wigan, and elsewhere reached similar conclusions. By late 2024, fewer than a quarter of England's 215 hospital trusts were actively using the platform, despite months of pressure from NHS England to comply. An open letter from the NHS Chief Data and Analytical Officer Network noted that many trusts "already have similar tools in use that presently exceed the capability" of what Palantir was trying to develop.
Britain is paying £330 million for software its own data professionals say is worse than what they already have. The question is why—and what it reveals about a country that has lost the ability to distinguish between efficiency and dependence.
A platform nobody asked for
The official rationale is sensible enough. NHS data sits in silos that do not communicate. A patient discharged from one trust may need care coordinated by another; without integration, information falls through cracks, resources are wasted, and patients suffer delays. A national platform that standardises data collection and sharing could address these inefficiencies. Palantir's software was used during the vaccine rollout, earning the company a foothold in NHS systems that it has since methodically expanded.
But the contract that followed bore the fingerprints of a foregone conclusion. Rival bidders received just one month to respond to the tender—a timeline critics argued gave decisive advantage to Palantir, which already knew NHS systems intimately from its pandemic-era work. When the 586-page contract was eventually published, three-quarters was redacted, including most sections dealing with data protection. NHS England then spent an additional £8.5 million hiring consultancy KPMG to "promote adoption" of the platform to trusts that had not volunteered to join. The sequence suggests not competitive procurement but managed inevitability.
None of this explains why the resulting product appears technically inferior to what several trusts already operate. The answer may lie in the gap between what Palantir does well and what the NHS actually needs. Palantir's core competency is integrating vast datasets from disparate sources and making them searchable and analysable at scale—capabilities honed through contracts with intelligence agencies, military organisations, and border enforcement bodies including US Immigration and Customs Enforcement. Its Foundry software is undeniably powerful. But power is not fitness for purpose.
Healthcare data integration requires not just technical capability but deep understanding of clinical workflows, regulatory constraints, and the particular sensitivities of patient information. Systems that clinicians will actually trust and use require collaboration over years, not deployment from Denver. Manchester's advantage was precisely its lack of grandiose ambition. Hennessey's team built incrementally, responding to the specific needs of local clinicians, earning what they called a "hard-won foundation of trust" with both the public and health professionals. Palantir arrives with impressive technology and no such foundation. In healthcare, that foundation is the product.
The infrastructure of strategic dependence
The Palantir contract matters beyond its immediate technical failures because it fits a pattern Britain has spent decades weaving—one that is now becoming impossible to ignore.
Consider water. In 1989, Margaret Thatcher privatised England's water utilities, creating the only developed country in the world to transfer its entire water and sewerage system into private hands. Today, more than 70 percent of England's water industry is owned by foreign entities. Thames Water's investors include sovereign wealth funds from the UAE, Kuwait, and China, alongside Canadian pension schemes and Australian infrastructure funds. Yorkshire Water is majority-owned by investment firms from Hong Kong and Singapore. Northumbrian Water is three-quarters owned by a Hong Kong conglomerate. The consequences are now visible in sewage-choked rivers, collapsing infrastructure, and a debt mountain exceeding £60 billion—accumulated not to fund investment but to finance dividends extracted by overseas shareholders.
The pattern extends across British infrastructure. Water, energy, ports, airports, railways, much of the nuclear industry—all substantially in foreign hands. The intellectual assumption underpinning these transfers was that ownership does not matter, that global capital markets allocate resources more efficiently than states, and that the nationality of an investor is irrelevant to the quality of service delivered. This assumption has proven catastrophic in water. It may prove catastrophic in healthcare data.
What distinguishes the Palantir contract is not merely foreign ownership but the specific character of the owner. Palantir was founded with funding from In-Q-Tel, the CIA's venture capital arm, and has built its business primarily on contracts with American intelligence agencies, the military, and law enforcement. Its technology has been used to track migrants for deportation. Its UK executive vice president, Louis Mosley—grandson of British fascist leader Oswald Mosley—recently accused the British Medical Association of "choosing ideology over patient interest" for opposing the NHS contract. The company's chairman, Peter Thiel, described British affection for the NHS as "Stockholm syndrome" in a speech at the Oxford Union while his company was actively bidding for the contract. The health service, he suggested, should be "ripped from the ground" and replaced with market mechanisms. Palantir distanced itself from his remarks. Thiel remains chairman.
The deeper concern is jurisdictional. Under the US CLOUD Act, passed in 2018, American technology companies can be compelled to provide data stored on their servers regardless of where those servers are physically located. The UK and US have signed bilateral agreements facilitating cross-border data access for law enforcement. These arrangements were designed to expedite criminal investigations. But they create pathways through which data held by American companies becomes accessible to American authorities in ways that data held by British companies would not. For health records—immigration status, HIV status, mental health history, pregnancy, genetic predispositions—the implications extend far beyond abstract privacy concerns into concrete questions of vulnerability.
What Europe learned the hard way
The experience of European energy dependency on Russia offers an uncomfortable parallel that illuminates what Britain may be sleepwalking into.
For decades, Germany built its economic model partly on cheap Russian gas, piped through infrastructure designed to cement mutual dependence. German politicians across the political spectrum believed in the stabilising power of commercial interdependence. Trade would moderate Russian behaviour. Shared economic interests would prevent conflict. This theory survived the annexation of Crimea in 2014. It survived Russian interference in Western elections. It survived the poisoning of Sergei Skripal on British soil. It did not survive the full-scale invasion of Ukraine in February 2022.
The scramble that followed was ruinously expensive. European gas prices rose by an average of 163 percent in 2022. Germany built three LNG terminals at emergency speed. Countries that had allowed their energy infrastructure to atrophy discovered they had outsourced not merely fuel supply but strategic autonomy itself. The European Union has since cut its dependence on Russian gas from 45 percent of imports in 2021 to approximately 15 percent—but only through immense effort and expense that would have been entirely unnecessary had the dependency never been allowed to develop.
The lesson is not that foreign relationships are inherently dangerous but that certain categories of dependency create vulnerabilities that remain invisible until circumstances change. Energy supply is one such category. Control over a nation's health data is another. The United States is not Russia, and the current relationship between London and Washington is not adversarial. But the Palantir contract extends for seven years, and the lock-in effects of data platform adoption extend far longer still. Administrations change. Relationships sour. What seems like an efficient commercial arrangement today can become leverage tomorrow. German politicians were not naive; they simply underestimated how quickly assumptions about stable relationships could become obsolete.
Britain is now entrusting the health records of 55 million people to a company closely aligned with a US administration that has demonstrated repeatedly it views allies as transactional relationships to be exploited rather than partnerships to be honoured. The question is not whether current US-UK relations are good but whether they will remain so for the contract term and beyond.
The medical profession pushes back
In June 2025, the British Medical Association—the UK's largest doctors' union—voted at its annual representative meeting to oppose Palantir's rollout and lobby for the termination of all existing NHS contracts with the company. The motion passed with substantial majorities. It called Palantir "an unacceptable choice of partner" for handling patient data and committed the BMA to supporting members who wished to refuse to use its products.
The intervention carries weight beyond symbolism. Doctors are the end users of NHS data systems. If they do not trust a platform, they will not use it effectively, or they will build workarounds that defeat its purpose entirely. More significantly, patients respond to doctors' concerns. As the BMA's workforce lead, Dr Latifa Patel, noted, patients may "withhold information from their doctor to the detriment of their care if they do not trust the organisation processing their data." The breakdown of trust between patient and clinician harms health outcomes in ways no data platform can compensate for.
Palantir's response was revealing. Louis Mosley's accusation that the BMA had chosen "ideology over patient interest" echoed a familiar pattern in which technical expertise is framed as neutral while any questioning of commercial arrangements is dismissed as mere politics. Yet the BMA's concerns were grounded in concrete assessments of data governance, security, and ethics—not abstraction. Mosley's response inadvertently proved their point: a company that dismisses professional concerns as ideology is unlikely to build the trust that healthcare data systems require.
Manchester's resistance has been quieter but equally significant. Greater Manchester ICB remains the only integrated care board in England to formally defer adoption of the Federated Data Platform. In successive board meetings through 2025, officials have demanded "more evidence" that adoption would serve "the best interests of the GM population." They have established red lines around data access and retention. The message is unmistakable: we will not be bullied into adopting inferior technology for the sake of national standardisation.
What remains possible
The federated structure of NHS governance, which sometimes frustrates efforts at national coordination, now offers a form of protection. Unlike the privatisation of water or energy, where decisions were made centrally and are now nearly impossible to reverse without enormous expense and political will, the adoption of Palantir's platform depends on the cooperation of individual trusts and integrated care boards. If enough of them refuse—or adopt the platform only nominally while continuing to rely on local systems—the contract becomes far less valuable than its headline price suggests.
This resistance is not yet decisive. NHS England has made clear in its planning guidance that all trusts "must be onboarded" to the Federated Data Platform. The gap between mandate and reality, however, remains substantial. And the deeper question persists: can Britain develop a coherent approach to digital sovereignty before path dependencies make the current trajectory irreversible?
Other countries have managed it. France has invested heavily in national cloud infrastructure. Germany, chastened by its energy experience, is reconsidering its approach to critical digital dependencies. The European Union's data protection framework, whatever its implementation challenges, at least articulates a principle that citizen data deserves legal protection from foreign government access.
Britain has no equivalent framework and shows little inclination to develop one. The same political instincts that led successive governments to sell off water, energy, ports, and railways as though sovereignty were merely inefficiency dressed up as principle continue to shape decisions about digital infrastructure. The assumption that foreign ownership and operation pose no strategic risk persists, despite accumulating evidence to the contrary.
Matt Hennessey's team in Manchester has demonstrated that the NHS possesses the expertise to build world-class data platforms without outsourcing control to American defence contractors. Their success reveals the Palantir contract not as a technical necessity but as a political choice—one that can still be unmade, if enough people within the system are willing to insist on different choices before the window for making them closes.