About us
The National Data Guardian advises on the use of confidential health and care data, supporting its safe, ethical, and trustworthy use for individual care and public benefit.
What the National Data Guardian does
The National Data Guardian (NDG) is an independent advisor to the government and the health and adult social care system in England.
They help ensure that confidential health and social care data is handled safely and used in ways that people expect and can trust.
The NDG is not a regulator with investigative powers. Instead, they provide advice and guidance that shapes data policy, practice and IT programmes, helping the system use data responsibly to support and improve people’s care, health service planning, and innovation and research.
The Department of Health and Social Care sponsors the role.
Watch a short animation about the National Data Guardian
The role of the National Data Guardian
How the NDG works
Key work areas include:
Improving access to healthcare information
The NDG supports timely access to the right healthcare information for clinicians, healthcare providers and patients. This includes:
-
advising programmes that aim to improve access to information in support of people’s care
-
providing clarity on when data can be used for activities essential to providing care, without needing additional legal approvals
-
emphasising the importance of cyber-security and resilience, including continuity planning to maintain safe care during cyber-attacks or IT system failures
Developing strong guidance and policy
Clear data policy and guidance can give professionals confidence and reduce barriers for important uses of data. The NDG contributes to this by:
- publishing both statutory and informal guidance to address gaps or uncertainties in specific areas of data governance, and working with organisations such as the Information Commissioner’s Office and NHS England to strengthen their guidance
- resolving grey areas in data policy by identifying and addressing complex legal and ethical questions, to support safe and trusted data use
- providing advice and reviews of government and NHS data policies, practices, and programmes to help ensure compliance with legal and ethical standards
Advising on transparency and engagement to strengthen trust
Promoting transparency, accountability and public engagement is essential to maintaining public and professional confidence in the use of healthcare data. This work includes:
- advising healthcare data programmes on effective public engagement and transparent communication, to build trust and help avoid failures caused by low public or professional confidence
- supporting and commissioning research into public attitudes towards data use, helping the health and care system stay aligned with what matters most to people
Promoting the Caldicott Principles and supporting Caldicott Guardians
The NDG owns and maintains the Caldicott Principles. These good practice guidelines were first established in 1997 and are widely used in health and social care to support responsible data handling.
The NDG also supports the UK Caldicott Guardian Council, which helps Caldicott Guardians uphold these principles within their organisations.
What the National Data Guardian does not do
It is also important to understand what the NDG does not do, so you know where to direct your questions or concerns.
As the NDG is not a regulator with investigative powers, they cannot investigate individual complaints from the public.
Although the NDG does not investigate individual cases, they do monitor common data issues. Where patterns show national concerns, these inform policy and guidance.
Questions, concerns or complaints about how healthcare data has been used or handled should be directed to the appropriate organisation.
Who we are
The current National Data Guardian is Dr Nicola Byrne, who is serving her second term. Each term lasts three years, and the current term ends in March 2027.
NDG Panel
The NDG is supported by an independent panel of experts from a range of fields.
Present NDG Panel members:
- Dr Natalie Banner (director of ethics at Genomics England)
- John Carvel (freelance writer, formerly social affairs editor of The Guardian)
- Claire Delaney-Pope (chief privacy and assurance officer and data protection officer at South London and Maudsley NHSFT. Independent member of NHS England’s Data Advisory Group)
- Dr George Fernie (senior medical reviewer at Healthcare Improvement Scotland and chair of the UK Caldicott Guardian Council)
- Dr Fiona Head (GP, public health consultant and chief medical officer at Cambridgeshire and Peterborough ICS)
- Dr Jeffry Hogg (clinical scientist at AI Policy and Research Group based between University Hospitals Birmingham NHS Foundation Trust and University of Birmingham)
- Mr Adrian Marchbank (consultant cardiothoracic surgeon, University Hospitals Plymouth NHS Trust)
- Maisie McKenzie (patient and public involvement representative)
- Dr Jessica Morley (postdoctoral researcher at the Yale Digital Ethics Center)
- Professor Daniel Ray (chief technology officer at Birmingham Women’s and Children’s Hospital and professor in health informatics at UCL)
- Dr David Sharp (healthcare management executive, former head of Telstra Health UK)
- Rob Shaw (managing director at Mercury Technology Ltd; former deputy chief executive of NHS Digital)
- Jenny Westaway (an independent member of NHS England’s interim data advisory group, lay advisor to Health Education England, and associate of a commercial cyber security resilience consultancy)
- Professor James Wilson (professor in the Department of Philosophy at University College London)
Find out more:
The panel meets virtually approximately 6 times a year.
Minutes of panel meetings are published online.