Code of conduct for data-driven health and care technology

Code of conduct for the use of digital technology in health and care.



The code of conduct contains a set of principles that set out what we expect from suppliers and users of data-driven technologies.

The aim of the code is to make it easier for our suppliers to understand what we need from them, and to help health and care providers choose safe, effective, secure technology to improve the services they provide.

Published 5 September 2018
Last updated 18 July 2019 + show all updates
  1. Principle 10 has been updated. When the basis of a commercial arrangement is NHS data, it must adhere to the revised guiding principles described in the guidance 'Creating the right framework to realise the benefits for patients and the NHS where data underpins innovation'.

  2. The document has been updated throughout with the following changes: removed the ‘commitments’ section; shortened the introduction so that it provides clarity about the overarching strategy; reordered the principles so that they are in a sequence that makes sense when you are developing a product; rewritten and shortened the principles so that they are easier to follow and put into practice; changed references to GDPR to the Data Protection Act 2018; clarified that the principles of the code of conduct currently apply to England only; added references to other ongoing programmes of work, including the Life Sciences Industrial Strategy.

  3. First published.