Policy paper

Framework agreement between the Department of Health and Social Care and the Health and Social Care Information Centre (known as NHS Digital)

Published 25 August 2022

The 2022 framework agreement between the Department of Health and Social Care, and the Health and Social Care Information Centre (known as NHS Digital).

Introduction and background

Purpose of document

This framework document (the ‘framework document’) has been agreed between the Department of Health and Social Care (DHSC) and the Health and Social Care Information Centre (known as NHS Digital) in accordance with HM Treasury’s handbook ‘Managing Public Money’. It has been approved by HM Treasury.

Following the government’s acceptance of the Laura Wade-Gery review in November 2021, NHS Digital’s functions will move into the transformation directorate of NHS England and Improvement (NHSE), with the intention to merge legally when legislation allows.

This framework agreement is intended for the transitional period before the dissolution of NHS Digital as a separate entity. Any timetables and responsibilities are only applicable as long as it retains its functions.

The framework document sets out the broad governance framework within which NHS Digital and DHSC operate. It sets out NHS Digital’s core responsibilities, describes the governance and accountability framework that applies between the roles of DHSC and NHS Digital, and sets out how the day-to-day relationship works in practice, including in relation to governance and financial matters.

The document does not convey any legal powers or responsibilities but both parties agree to operate within its terms. It is signed and dated on behalf of DHSC and NHS Digital.

References to NHS Digital include all its subsidiaries and joint ventures that are classified to the public sector and central government for national accounts purposes. If NHS Digital establishes a subsidiary or joint venture, there shall be a document setting out the arrangements between it and NHS Digital agreed with DHSC.

Copies of the document and any subsequent amendments have been placed in the libraries of both Houses of Parliament and made available to members of the public on the NHS Digital website.

This framework document should be reviewed and updated at least every 3 years unless there are exceptional reasons that render this inappropriate that have been agreed with HM Treasury and the principal accounting officer of DHSC. The latest date for review of this document is 2025.

Objectives

DHSC and NHS Digital share the common objective of delivering digital transformation, live services and data services to support health and social care. To achieve this NHS Digital and DHSC will work together in recognition of each other’s roles and areas of expertise. This will provide an effective environment for NHS Digital to achieve its objectives through the promotion of partnership and trust, and ensuring that NHS Digital supports the strategic aims and objective of the sponsor department and wider government as a whole.

The purpose of this document is to define critical elements of the relationship between DHSC as sponsor and NHS Digital. It is accompanied by an annual remit letter which sets out the deliverables of NHS Digital.

This is the third framework agreement between the department and NHS Digital and supersedes previous agreements. The agreement will be reviewed in Q2 and Q4 each year while NHS Digital continues in operation, to ensure it is fit for purpose. DHSC retains the right to propose amendments, additions or removals to this framework agreement, in consultation with NHS Digital. NHS Digital should also bring to the attention of DHSC any concerns about any element of the framework agreement.

Classification

NHS Digital has been classified as a general government organisation by the Office for National Statistics and HM Treasury Classifications Team. It has been administratively classified by the Cabinet Office as an executive non-departmental public body.

Purposes, aims and duties

Purposes

NHS Digital has been established under the Health and Social Care Act 2012. Its purposes are set out in part 9 of that act.

Powers and duties

NHS Digital’s main powers and duties stem from Part 9 and Schedules 18 and 19 of the Health and Social Care Act 2012, and the Medicines and Medical Devices Act 2021.

NHS Digital’s statutory duties in summary are:

• to establish and operate a system for the collection or analysis of information as directed by the Secretary of State or NHSE or as requested by other bodies
• to exercise such system delivery functions of the Secretary of State or NHSE as directed
• to have regard to
  • the information standards published by the Secretary of State or NHSE
  • such guidance issued by the Secretary of State as the Secretary of State may require
  • the need to respect and promote the privacy of recipients of health services and of adult social care in England
  • the need to promote the effective and efficient planning, development and provision of health services and of adult social care in England (when this is brought into force under the Health and Care Act 2022)
  • the need to promote the effective, efficient and economic use of resources in the provision of health services and of adult social care in England
• to publish data it has obtained under directions or requests unless one of the prescribed exceptions apply
• to publish a code of practice to be followed in relation to the collection, analysis, publication and other dissemination of confidential information on health services or adult social care in England
• to require any health or social care body, or any person (other than a public body) who provides health services, or adult social care in England to provide it with any information which it considers necessary for its functions or request any other person to provide it with such information
• to give advice or guidance on any matter relating to the collection, analysis, publication, or other dissemination of information to the Secretary of State, NHSE, any health or social care body, or any person who collects, or is proposing to collect, information which relates to the provision of health care or adult social care, or a person making a request to NHS Digital to collect data (under section 255)
• the Secretary of State must, at least once every 3 years, exercise the above power by requesting NHS Digital to give the Secretary of State advice about ways in which the burdens relating to the collection of information imposed on health or social care bodies and other persons may be minimised
• to seek to minimise the burdens it imposes on others, and to exercise its functions effectively, efficiently, and economically

Aims

NHS Digital’s strategic aims are:

• to be the national information and technology partner to the health and social care system
• to use digital technology to transform the NHS and social care - our mission is to harness the power of information and technology to improve health and care
• to supply information and data to the health service, provide vital technological infrastructure, and help different parts of health and care work together

The detailed objectives for NHS Digital for the year are captured in the remit letter from the national director and director of data policy on behalf of the Secretary of State for Health and Social Care to the CEO of NHS Digital.

The responsible minister

The minister for Innovation and the Secretary of State for Health and Social Care will account for on all matters concerning NHS Digital in Parliament.

The ministerial statutory powers in respect of NHS Digital are set out in sections 250 to 277 of the Health and Social Care Act 2012.

These are:

• the Secretary of State or NHSE may direct NHS Digital to establish and operate a system for the collection or analysis of information as specified in the direction and any person may make a similar request (known as a section 255 request - some section 255 requests are mandatory, for example those made by a principal body such as CQC, NICE) 
• the Secretary of State or NHSE may direct NHS Digital not to comply with a 255 request which is not a mandatory request - conversely, they may direct NHS Digital to comply with a request which was made by a person outside England
• the Secretary of State may give a direction to NHS Digital if the Secretary of State considers that it is failing or has failed to discharge any of its functions, or is failing to properly discharge any of its functions, and the failure is significant
• if NHS Digital fails to comply with such a direction, the Secretary of State may discharge the functions to which it relates or make arrangements for another person to discharge them on the Secretary of State’s behalf

Where the Secretary of State exercises this power, they must publish reasons for doing so.

Through the exercise of these powers and through sponsorship, the minister:

• is responsible for the policy framework within which NHS Digital operates
• provides guidance and direction to ensure the strategic aims and objectives of NHS Digital are consistent with those of the department and government
• approves the NHS Digital corporate plan and business plan
• determines its strategic objectives and ensures that it achieves them and delivers value for money
• has power of appointment in relations to non-executives including the chair, in line with the governance code on public appointments
• has a power of approval in relation to the appointment of NHS Digital CEO

The principal accounting officer (PAO)

The principal accounting officer is the Permanent Secretary of the Department of Health and Social Care.

Sponsor department’s accounting officer’s specific accountabilities and responsibilities as principal accounting officer (PAO)

The principal accounting officer (PAO) of DHSC has designated the chief executive as NHS Digital’s accounting officer and ensures that they are fully aware of their responsibilities. The PAO issues a letter appointing the AO, setting out their responsibilities and delegated authorities. The respective responsibilities of the PAO and accounting officers for ALBs are set out in Chapter 3 of Managing Public Money which should be read alongside the letter sent by the PAO to the chief executive on appointment.

The respective responsibilities of the PAO and accounting officers for ALBs are set out in chapter 3 of Managing Public Money.

The PAO is accountable to parliament for the issue of any grant-in-aid to NHS Digital.

The PAO is also responsible for advising the responsible minister on:

• an appropriate framework of objectives and targets for NHS Digital in the light of the department’s wider strategic aims and priorities
• an appropriate budget for NHS Digital in the light of the sponsor department’s overall public expenditure priorities
• how well NHS Digital is achieving its strategic objectives and whether it is delivering value for money
• via the sponsorship team, the exercise of the ministers’ statutory responsibilities concerning NHS Digital as outlined above

The PAO via the sponsorship team is also responsible for ensuring arrangements are in place in order to:

• monitor NHS Digital’s activities and performance
• address significant problems in NHS Digital, making such interventions as are judged necessary
• periodically carry out an assessment of the risks both to the department and NHS Digital’s objectives and activities in line with the wider departmental risk assessment process
• inform NHS Digital of relevant government policy in a timely manner
• bring ministerial or departmental concerns about the activities of NHS Digital to the full board and, as appropriate to the departmental board requiring explanations and assurances that appropriate action has been taken

The role of the sponsorship team

The Digital Oversight team is the sponsorship team for NHS Digital. The responsible senior civil servant is the Director of Data Policy. The Director of Data Policy is the main source of advice to the responsible minister on the discharge of his or her responsibilities in respect of NHS Digital. They also support the PAO on his or her responsibilities toward NHS Digital.

Officials of the Digital Oversight team will liaise regularly with NHS Digital officials to review performance against plans, achievement against targets and expenditure. The team will also take the opportunity to explain wider policy developments that might have an impact on NHS Digital. 

Any functions of DHSC may be exercised via departmental officials within the sponsorship team, in line with their departmental role and responsibilities. NHS Digital will also liaise directly with policy teams in DHSC as necessary on specific programmes of work. The sponsorship team are available to advise on and facilitate contacts.

The sponsorship team will:

• provide support to NHS Digital during its transition to NHSE, especially liaising with other partners and ensuring that the process brings digital and technology to the heart of NHSE develop the Remit Letter, and Framework Agreement to set direction for NHS Digital
• own the accountability arrangements for NHS Digital, acting as secretariat for sponsorship meetings, and providing assurance to ministers on the remit letter and framework agreement
• oversee the issuing of directions to NHS Digital by DHSC (NHSE may also issue directions, and the team will liaise with them and NHS Digital to manage the flow of directions)
• champion NHS Digital
• provide advice to NHS Digital on government and departmental matters where requested
• represent sponsorship of NHS Digital in the cross-departmental ALB sponsorship community, and provide the conduit for any cross-departmental or cross-government actions or information-gathering exercises aimed at all ALBs
• support NHS Digital in liaising with DHSC and in particular help to facilitate resolution of issues
• managing escalation to Secretary of State to resolve any potential conflict between DHSC and NHS Digital

To deliver its functions efficiently and effectively, and to support alignment across the whole system, NHS Digital will work closely with its DHSC sponsors.

NHS Digital’s accountability to DHSC is discharged formally through:

• quarterly sponsorship update meetings with officials, followed by sponsorship meetings between the CEO and the senior departmental sponsor
• financial and other reporting to DHSC
• routine reporting to DHSC on ad hoc cross-ALB and governmental issues
• supporting DHSC public and parliamentary accountability
• the Technology Transformation Portfolio (TTP) governance arrangements

Cross-government clearance

The Digital Oversight team on behalf of DHSC will represent NHS Digital in seeking the cross-government clearance required for major new policy decisions of the type set out in the Guide to Cabinet Office and Cabinet Committees.

Although such cases are likely to be few, the Secretary of State for Health and Social Care will be responsible for obtaining clearance and NHS Digital will adhere to any conditions applied through the clearance process. There will also be cases where the Secretary of State must consult Cabinet colleagues before giving the government’s view, even if collective agreement is not required. In such cases, NHS Digital will supply ministers with any information needed in a timely fashion.

As part of the government’s digital and technology assurance, NHS Digital is expected to work with the Government Digital Service (GDS) as required to ensure all products and services meet the Digital Service Standard.

Resolution of disputes between NHS Digital and DHSC

Any disputes between the department and NHS Digital will be resolved in as timely a manner as possible. The department and NHS Digital will seek to resolve any disputes through an informal process in the first instance. If this is not possible, a formal process overseen by the senior sponsor will be used to resolve the issue.

Failing this, the senior sponsor will ask the Second Permanent Secretary to oversee the dispute. They may then choose to ask the Permanent Secretary to nominate a non-executive member of the department’s board to review the dispute, mediate with both sides and reach an outcome, in consultation with the Secretary of State.

Freedom of information requests

Where a request for information is received by either party under the Freedom of Information Act 2000, or UKGDPR and Data Protection Act 2018, the party receiving the request will consult with the other party prior to any disclosure of information that may to any significant extent affect the other party’s interests.

Reporting on legal risk and litigation

The ALB shall provide a quarterly update to the sponsor on the existence of any active litigation and any threatened or reasonably anticipated litigation. The parties acknowledge the importance of ensuring that legal risks are communicated appropriately to the sponsor in a timely manner.

In respect of each substantial piece of litigation involving the ALB, the parties will agree a litigation protocol which will include specific provisions to ensure appropriate and timely reporting on the status of the litigation and the protection of legally privileged information transmitted to the sponsor to facilitate this. Until such time as a protocol is agreed, the parties will ensure that:

• material developments in the litigation are communicated to the sponsor in an appropriate and timely manner
• legally privileged documents and information are clearly marked as such
• individual employees handling the legally privileged documents are familiar with principles to which they must adhere to protect legal privilege
• circulation of privileged information within government occurs only as necessary

Governance and structure

Governance and accountability

NHS Digital shall operate corporate governance arrangements that, so far as practicable and in the light of the other provisions of this framework document or as otherwise may be mutually agreed, accord with good corporate governance practice and applicable regulatory requirements and expectations.

In particular (but without limitation), NHS Digital should:

• comply with the principles and provisions of the ‘Corporate governance in central government departments code of good practice’ (as amended and updated from time to time) to the extent appropriate and in line with their statutory duties or specify and explain any non-compliance in its annual report
• comply with ‘Managing Public Money’
• have regard to the relevant functional standards as appropriate and in particular those concerning finance, commercial and counter fraud
• take into account, the codes of good practice and guidance set out in Appendix B of this framework agreement, as they apply to arms’ length bodies

In line with ‘Managing Public Money’ Annex 3.1, NHS Digital shall provide an account of corporate governance in its annual governance statement including the board’s assessment of its compliance with the code with explanations of any material departures. To the extent that the company does intend to materially depart from the code, the sponsor should be notified in advance and their agreement sought to this approach.

The chief executive

Appointment

The chief Executive of NHS Digital is appointed by the board under Schedule 18, paragraph 1 of the Health and Social Care Act 2012 with the approval of the Secretary of State. This appointment is subject to the Public Appointments Order in Council and as such must comply with the Governance Code for Public Appointments.

Responsibilities of NHS Digital’s chief executive as accounting officer

The chief executive as accounting officer is personally responsible for:

• safeguarding the public funds for which he or she has charge
• ensuring propriety, regularity, value for money and feasibility in the handling of those public funds
• the day-to-day operations and management of NHS Digital

In addition, he or she should ensure that NHS Digital is run based on the standards, in terms of governance, decision-making and financial management that are set out in box 3.1 of Managing Public Money. These responsibilities include the below and those that are set in the accounting officer appointment letter issued by the principal accounting officer of the sponsor department.

Responsibilities for accounting to parliament

The accountabilities include:

• signing the accounts and ensuring that proper records are kept relating to the accounts and that the accounts are properly prepared and presented in accordance with any directions issued by the Secretary of State
• preparing and signing a governance statement covering corporate governance, risk management and oversight of any local responsibilities, for inclusion in the annual report and accounts
• ensuring that effective procedures for handling complaints about NHS Digital are established and made widely known within NHS Digital
• acting in accordance with the terms of Managing Public Money and other instructions and guidance issued from time to time by the department, the Treasury and the Cabinet Office
• ensuring that as part of the above compliance they are familiar with and act in accordance with:
  • any governing legislation
  • this framework agreement
  • any delegation letter issued to NHS Digital
  • any elements of any settlement letter issued to DHSC that is relevant to the operation of NHS Digital
  • any separate settlement letter that is issued to NHS Digital from DHSC
• they have appropriate internal mechanisms for the monitoring, governance and external reporting regarding compliance with any conditions arising from the above documents
• giving evidence, normally with the PAO, when summoned before the PAC on NHS Digital’s stewardship of public funds

Parliamentary accountability

DHSC and its ALBs share responsibility for accounting to the public and to Parliament for policies, decisions and activities across the health and social care sector. Accountability to Parliament will often be demonstrated through Parliamentary questions, MPs’ and peers’ letters and appearances before Parliamentary committees. Accountability to the public may be through the publication of information on NHS Digital’s website, as well as through responses to letters from the public and responses to requests under the Freedom of Information (FOI) Act.

The CEO of NHS Digital will support DHSC in accounting to the public and Parliament, through the provision of data and information in an effective and timely way. NHS Digital will also follow departmental standards in providing its own direct response to public and Parliament, in line with its statutory duties. Annex C provides a public and Parliamentary accountability protocol that sets out how DHSC and NHS Digital will work together to secure the confidence of the public and Parliament, and to maintain the service levels that MPs and the public have come to expect.

Responsibilities to DHSC

Responsibilities to DHSC include:

• establishing, in agreement with the department, NHS Digital’s corporate and business plans in the light of the department’s wider strategic aims and agreed priorities
• informing the department of progress in helping to achieve the department’s policy objectives and in demonstrating how resources are being used to achieve those objectives
• ensuring that timely forecasts and monitoring information on performance and finance are provided to the department; that the department is notified promptly if over or under spends are likely and that corrective action is taken; and that any significant problems whether financial or otherwise, and whether detected by internal audit or by other means, are notified to the department in a timely fashion. This includes reporting of work NHS Digital are undertaking outside of the TTP which may have a financial impact

This section sets out the basic principles guiding co-operation and collaborative working between DHSC and ALBs, across all aspects of communication and marketing activities, to deliver impactful and cost-effective communications in the context of our shared accountability to Parliament and the public. The principles include regular collaboration and information sharing between the DHSC and ALB communications teams to ensure communications are aligned and to amplify their impact.

All arm’s length bodies have committed to undertaking this collaboration and information in a timely manner of content being shared with the public, media or other stakeholders to ensure that as a system, we are communicating with the public, workforce and our stakeholders in a coordinated manner so as not to confuse or undermine another part of the system.

To achieve this, the DHSC and ALB communications teams will have regular check in points, including for the heads of communications and media and marketing teams, to agree communication plans. In particular, ALBs and DHSC will give each other sufficient advance notice of public facing communications to allow for necessary clearances with the relevant teams as set out in the Communications and Marketing Guidance annex of the ALB Schedule of Delegations.

Responsibilities to the board

The chief executive is responsible for:

• advising the board on the discharge of NHS Digital’s responsibilities as set out in this document, in the founding legislation and in any other relevant instructions and guidance that may be issued from time to time
• advising the board on NHS Digital’s performance compared with its aims and objectives, including the objectives in its remit from DHSC
• ensuring that financial considerations are taken fully into account by the board at all stages in reaching and executing its decisions, and that financial appraisal techniques are followed

Managing conflicts

The chief executive should have a collaborative relationship with and follow the advice and direction of the board, except in very exceptional circumstances with a clear cut and transparent rationale for not doing so.

If the board, or its chairperson, is contemplating a course of action involving a transaction which the chief executive considers would infringe the requirements of propriety or regularity or does not represent prudent or economical administration, efficiency or effectiveness, is of questionable feasibility, or is unethical the chief executive in their role as AO should reject that course of action and ensure that the board has a full opportunity to discuss the rationale for that rejection.

Such conflicts should be brought to the attention of the principal accounting officer and the responsible minister as soon as possible.

Furthermore, and if agreed with the responsible minister, the accounting officer must write a letter of justification to the chair of the NHS Digital Board setting out the rationale for not following the advice and recommendation of the board and copy that letter to the Treasury Officer of Accounts.

If the responsible minister agrees with the proposed course of action of the board it may be appropriate for the minister to the direct the accounting officer in the manner as set out in Manging Public Money paragraph 3.6.6 onwards.

The board

Composition of the board

NHS Digital will have a board in line with good standards of corporate governance and as set out in its establishing statute and guidance set out in Annex B. The role of the board shall be to run the NHS Digital, and to deliver the objectives, in accordance with the purposes as set out above, their statutory, regulatory, common law duties and their responsibilities under this framework document. Detailed responsibilities of the board shall be set out in the board terms of reference. Remuneration of the board will be disclosed in line with the guidance in the Government Financial Reporting manual (FReM).

The board is required to hold a minimum of 4 meetings a year in public, having regard to the Public Bodies (Admission to Meetings) Act 1960. The National Director and Director of Data Policy will attend the board in an ex officio capacity or may send a delegate.

The board will consist of a chairperson, together with the chief executive and no more than 4 other executive members that have a balance of skills and experience appropriate to directing NHS Digital’s business. This will include as an executive and voting board member an appropriately qualified finance director as described in Annex 4.1 of Managing Public Money. The board should include at least 6 independent non-executive members (including the chair) to ensure that executive members are supported and constructively challenged in their role.

Appointments to the board

The chairperson is appointed by the Secretary of State under Schedule 18, paragraph 1 of the Health and Social Care Act 2012. This appointment is subject to the Public Appointments Order in Council and as such must comply with the Governance Code on Public Appointments.

At least 5 other non-executive Members are appointed by the Secretary of State, under Schedule 18, paragraph 1 of the Health and Social Care Act 2012 This appointment is subject to the Public Appointments Order in Council, and as such must comply with the Governance Code on Public Appointments.

All such appointments should have regard to the principle that appointments should reflect the diversity of the society in which we live and appointments should be made taking account of the need to appoint boards which include a balance of skills and backgrounds.

Board committees

While the board may make use of committees to assist its consideration of appointments, succession, audit, risk and remuneration it retains responsibility for, and endorses, final decisions in all of these areas. The chair should ensure that sufficient time is allowed at the board for committees to report on the nature and content of discussion, on recommendations, and on actions to be taken.

Where there is disagreement between the relevant committee and the board, adequate time should be made available for discussion of the issue with a view to resolving the disagreement. Where any such disagreement cannot be resolved, the committee concerned should have the right to report the issue to the sponsor team, principal accounting officer and responsible minister. They may also seek to ensure the disagreement or concern is reflected as part of the report on its activities in the annual report.

The chair should ensure board committees are properly structured with appropriate terms of reference. The terms of each committee should set out its responsibilities and the authority delegated to it by the board. The chair should ensure that committee membership is periodically refreshed and that individual independent non-executive directors are not overburdened when deciding the chairs and membership of committees.

Duties of the board

The board should ensure that effective arrangements are in place to provide assurance on risk management, governance and internal control.

The board should make a strategic choice about the style, shape and quality of risk management and should lead the assessment and management of opportunity and risk. The board should ensure that effective arrangements are in place to provide assurance over the design and operation of risk management, governance, and internal control in line with the Management of risk – Principles and Concepts - the Orange Book.

The board must set up an Audit and Risk Assurance Committee chaired by an independent and appropriately qualified non-executive member to provide independent advice and ensure that the department’s Audit and Risk Assurance Committee are provided with routine assurances with escalation of any significant limitations or concerns. The board is expected to assure itself of the adequacy and effectiveness of the risk management framework and the operation of internal control.

The board is specifically responsible for:

• establishing and taking forward the strategic aims and objectives of NHS Digital consistent with its overall strategic direction and within the policy and resources framework determined by the Secretary of State
• ensuring that it is kept informed of any changes which are likely to impact on the strategic direction of the NHS Digital Board or on the attainability of its targets, and determining the steps needed to deal with such changes and where appropriate bringing such matters to the attention of the responsible minister or principal accounting officer through the accounting officer
• ensuring that any statutory or administrative requirements for the use of public funds are complied with; that the board operates within the limits of its statutory authority and any delegated authority agreed with the sponsor department, and in accordance with any other conditions relating to the use of public funds; and that, in reaching decisions, the Board takes into account guidance issued by the sponsor department
• ensuring that as part of the above compliance they are familiar with:
  • this framework agreement
  • any delegation letter issued to NHS Digital
  • any elements of any settlement letter issued to DHSC that is relevant to the operation of NHS Digital; and
  • any separate settlement letter that is issued to NHS Digital from DHSC
  • that they have appropriate internal mechanisms for the monitoring, governance and external reporting regarding any conditions arising from the above documents and ensure that the chief executive and NHS Digital as a whole acts in accordance with their obligations under the above documents
• ensuring it receives and reviews regular financial and management information concerning the management of NHS Digital; is informed in a timely manner about any concerns about the activities of NHS Digital; and provides positive assurance to the department that appropriate action has been taken on such concerns, for example, through the Government Internal Audit
• demonstrating high standards of corporate governance at all times, including by using the independent audit committee to help the board to address key financial and other risks
• appointing with the Secretary of State’s approval a chief executive and, in consultation with the department, set performance objectives and remuneration terms linked to these objectives for the chief executive which give due weight to the proper management and use and utilization of public resources
• putting in place mechanisms for independent appraisal and annual evaluation of the performance of the chairperson by the independent non-executives, taking into account the views of relevant stakeholders. The outcome of that evaluation should be passed to the responsible minister

The chair’s role and responsibilities

The chair is responsible for acting in the best interests of NHS Digital and its objectives; delivering the outcomes expected by DHSC, ministers and ultimately citizens of the UK. Such responsibility should be exercised in the light of their duties and responsibilities as set out in the chairperson’s contract of employment, the statutory authority governing NHS Digital, this document and the documents and guidance referred to within this document.

Communications between the NHS Digital board and the responsible minister should normally be through the chair.

The chair Is bound by the Code of Conduct for Board Members of Public Bodies, which covers conduct in the role and includes the Nolan Principles of Public Life.

In addition, the chair is responsible for:

• ensuring including by monitoring and engaging with appropriate governance arrangements that NHS Digital affairs are conducted with probity
• ensuring that policies and actions support the Secretary of State’s wider strategic policies and where appropriate, these policies and actions should be clearly communicated and disseminated throughout NHS Digital

In addition, the chair has the following leadership responsibilities:

• formulating the board’s strategy
• ensuring that the board, in reaching decisions, takes proper account of guidance provided by ministers or DHSC
• promoting the efficient and effective use of staff and other resources
• delivering high standards of regularity and propriety
• representing the views of the board to the general public

The chair also has an obligation to ensure that:

• the work of the board and its members are reviewed and are working effectively including ongoing assessment of the performance of non-executive board members with a formal annual evaluation and more in-depth assessments of the performance of individual non-executive board members when being considered for reappointment
• that in conducting assessments that the view of relevant stakeholders including employees and the sponsorship team are sought and considered
• that the board has a balance of skills appropriate to directing NHS Digital business, and that all directors including the chair and chief executive continually update their skills, knowledge and familiarity with NHS Digital to fulfil their role both on the board and committees. This will include but not be limited to skills and training in relation to financial management and reporting requirements, risk management and the requirements of board membership within the public sector
• board members are fully briefed on terms of appointment, duties, rights and responsibilities
• he or she, together with the other board members, receives appropriate training, where necessary, on financial management and reporting requirements and on any differences that may exist between private and public sector practice
• the responsible minister is advised of NHS Digital’s needs when board vacancies arise
• there are Terms of Reference for the Board, and a Corporate Governance Manual setting out the role and responsibilities of the Board consistent with the recommendations of the Government Code of Good Practice for Corporate Governance
• there is a code of practice for board members in place, consistent with the Cabinet Office Code of Conduct for Board Members of Public Bodies

Individual board members’ responsibilities

Individual board members should:

• comply at all times with the Code of Conduct for Board Members of Public Bodies (for non-executives), and NHS Digital’s own Code of Conduct for executive staff, which covers conduct in the role and includes the
  • Nolan Principles of Public Life as well the rules relating to the use of public funds and to conflicts of interest
• demonstrate adherence to the 12 principles of Governance for all Public Body Non-Executive Directors as appropriate
• not misuse information gained in the course of their public service for personal gain or for political profit, nor seek to use the opportunity of public service to promote their private interests or those of connected persons or organisations
• comply with the board’s rules on the acceptance of gifts and hospitality, and of business appointments
• act in good faith and in the best interests of NHS Digital
• ensure they are familiar with any applicable guidance on the role of public sector non-executive directors and boards that may be issued from time to time by the Cabinet Office, HM Treasury or wider government

Management and financial responsibilities and controls

Delegated authorities

NHS Digital’s delegated authorities are set out in the delegation letter. This delegation letter may be updated and superseded by later versions which may be issued by the sponsor department in agreement with HM Treasury. Anything relating to Managing Public Money would always need HMT consent. NHS Digital shall follow the principles, rules, guidance and advice in Managing Public Money, referring any issues to the Finance Business Partner in DHSC.

In line with Managing Public Money Annex 2.2 these delegations will be reviewed on an annual basis.

NHS Digital shall obtain the department’s and where appropriate HM Treasury’s prior written approval before:

• entering into any undertaking to incur any expenditure that falls outside the delegations or which is not provided for in NHS Digital’s annual budget as approved by the department
• incurring expenditure for any purpose that is or might be considered novel or contentious, or which has or could have significant future cost implications; making any significant change in the scale of operation or funding of any initiative or particular scheme previously approved by the department
• making any change of policy or practice which has wider financial implications that might prove repercussive or which might significantly affect the future level of resources required
• carrying out policies that go against the principles, rules, guidance and advice in Managing Public Money

Spending authority

Once the budget has been approved by the sponsor department, and subject to any restrictions imposed by DHSC or NHSE, NHS Digital shall have authority to incur expenditure approved in the budget without further reference to the sponsor department, on the following conditions:

• NHS Digital shall comply with the delegations set out in the delegation letter. These delegations shall not be altered without the prior agreement of the sponsor department and as agreed by HM Treasury and Cabinet Office as appropriate
• NHS Digital shall comply with Managing Public Money regarding novel, contentious or repercussive proposals
• inclusion of any planned and approved expenditure in the budget shall not remove the need to seek formal departmental approval where any proposed expenditure is outside the delegated limits or is for new schemes not previously agreed
• NHS Digital shall provide the sponsor department with such information about its operations, performance, individual projects or other expenditure as the sponsor department may reasonably require

Banking and managing cash

NHS Digital must maximise the use of publicly procured banking services (accounts with central government commercial banks managed centrally by Government Banking).

NHS Digital should only hold money outside Government Banking Service accounts where a good business case can be made for doing so and HM Treasury consent is required for each account to be established. Only commercial banks which are members of relevant UK clearing bodies may be considered for this purpose.

Commercial Accounts where approved should be operated in line with the principles as set out in Managing Public Money.

The accounting officer is responsible for ensuring ALB has a Banking Policy as set out in Managing Public Money and ensuring that policy is complied with.

Procurement

NHS Digital shall ensure that its procurement policies are aligned with and comply with any relevant UK or other international procurement rules and in particular the Public Contracts Regulations 2015.

NHS Digital shall establish its procurement policies and document these in a Procurement Policy and Procedures Manual.

In procurement cases where NHS Digital is likely to exceed its delegated authority limit, procurement strategy approval for the specific planned purchase must be sought from the department’s sponsor team.

Goods, services, and works should be acquired by competition. Proposals to let single-tender or restricted contracts shall be limited and exceptional, and a quarterly report explaining those exceptions should be sent to the department.

Procurement by NHS Digital of works, equipment, goods, and services shall be based on, a full option appraisal and value for money (VfM), for example, the optimum combination and whole life costs and quality (fitness for purpose).

NHS Digital shall:

a) engage fully with department and government-wide procurement initiatives that seek to achieve VfM from collaborative projects b) comply with all relevant Procurement Policy Notes issued by Cabinet Office c) co-operate fully with initiatives to improve the availability of procurement data to facilitate the achievement of VfM

NHS Digital shall comply with the government functional commercial standards and grants standards. These standards apply to the planning, delivery, and management of government commercial activity, including management of grants in all departments and ALBs regardless of commercial approach used and form part of a suite of functional standards that set expectations for management within government.

Risk management

NHS Digital shall ensure that the risks that it faces are dealt with in an appropriate manner, in accordance with relevant aspects of best practice in corporate governance, and develop a risk management strategy, in accordance with the Treasury guidance Management of Risk: Principles and Concepts.

Risks to the wider system that arise from NHS Digital’s operations, identified by NHS Digital, the department or another body, will be flagged in the formal quarterly sponsorship meetings. Such risks may also be flagged by NHS Digital’s Board or ARC and escalated to the department’s ARC for consideration. It is the responsibility of NHS Digital and the Digital Oversight Team to keep each other informed of significant risks to, or arising from, the operations of NHS Digital within the wider system. Risks will be regularly reviewed in sponsorship arrangements.

Counter Fraud and Theft

NHS Digital should adopt and implement policies and practices to safeguard itself against fraud and theft, in line with guidance as issued by the Counter Fraud Function and in compliance with the procedures and considerations as set in in Managing Public Money Annex 4.9. It should also take all reasonable steps to appraise the financial standing of any firm or other body with which it intends to enter a contract.

NHS Digital should keep records of and prepare and forward to the department an annual report on fraud and theft suffered by NHS Digital and notify the sponsor department of any unusual or major incidents as soon as possible. ALB should also report identified loss from fraud, bribery, corruption and error, alongside associated recoveries and prevented losses, to the counter fraud centre of expertise in line with the agreed government definitions as set out in Counter Fraud Functional Standard.

Staff 

Broad responsibilities for staff

Within the arrangements approved by the responsible minister and HM Treasury, NHS Digital will have responsibility for the recruitment, retention and motivation of its staff. The broad responsibilities toward its staff are to ensure that:

• the rules for recruitment and management of staff create an inclusive culture in which diversity is fully valued
• appointment and advancement is based on merit: there is no discrimination on grounds of gender, marital status, sexual orientation, race, colour, ethnic or national origin, religion, disability, community background or age
• the level and structure of its staffing, including grading and staff numbers, are appropriate to its functions and the requirements of economy, efficiency and effectiveness
• the performance of its staff at all levels is satisfactorily appraised and NHS Digital’s performance measurement systems are reviewed from time to time
• its staff are encouraged to acquire the appropriate professional, management and other expertise necessary to achieve NHS Digital’s objectives
• proper consultation with staff takes place on key issues affecting them
• adequate grievance and disciplinary procedures are in place
• whistle-blowing procedures consistent with the Public Interest Disclosure Act are in place
• a code of conduct for staff is in place

Staff costs

Subject to its delegated authorities, NHS Digital shall ensure that the creation of any additional posts does not incur forward commitments that will exceed its ability to pay for them.

Pay and conditions of service

NHS Digital’s staff are subject to levels of remuneration and terms and conditions of service (including pensions) within the general pay structure approved by the sponsor department and the Treasury. NHS Digital has no delegated power to amend these terms and conditions.

If Civil Service terms and conditions of service apply to the rates of pay and non-pay allowances paid to the staff and to any other party entitled to payment in respect of travel expenses or other allowances, payment shall be made in accordance with the Civil Service Management Code and the annual Civil Service Pay Remit Guidance, except where prior approval has been given by the department to vary such rates.

NHS Digital will use the NHS Agenda for Change Terms and Conditions.

NHS Digital shall abide by public sector pay controls, including the relevant approvals process dependent on the organisations classification as detailed in the senior pay guidance and the public sector pay and terms guidance.

NHS Digital may operate a performance-related pay scheme that shall form part of the annual aggregate pay budget approved by the department or the general pay structure approved by the department and the Treasury whichever is applicable, where relevant with due regard to the DHSC ESM pay guidance.

The travel expenses of board members shall be tied to the rates allowed to senior staff of NHS Digital. Reasonable actual costs shall be reimbursed.

Pensions, redundancy and compensation

Compensation scheme rules and pension scheme rules should reflect legislative and HMT guidance requirements regarding exit payments.

In relation to pensions, the organisational pension scheme is currently the NHS Pensions scheme, which is administered by the NHS Business Services Authority and has rules set down in legislation.

Any proposal by the HFEA to move from the existing pension arrangements, or to pay any redundancy or compensation for loss of office, requires the prior approval of the department. Proposals on severance must comply with the rules in Chapter 4 of Managing Public Money.

Recruitment of senior staff

NHS Digital will notify the Digital Oversight team of any ESM recruitment prior to seeking approval from DHSC Remuneration Committee. Any applications to the Committee will be rejected if the sponsor has not agreed in advance.

Business Plans Financial Reporting and Management information

Corporate and business plans 

NHS Digital shall submit to the sponsor department for review and comment, before publication and by the end of the financial year 2022/2023, a draft of its corporate plan covering the Spending Review period. NHS Digital shall agree with the department the issues to be addressed in the plan and the timetable for its preparation. The plan shall reflect NHS Digital’s statutory and/or other duties and, within those duties, the priorities set from time to time by the responsible minister (including decisions taken on policy and resources in the light of wider public expenditure decisions). The plan shall demonstrate how NHS Digital contributes to the achievement of the department’s medium-term plan and priorities and aligned performance metrics and milestones.

The first year of the corporate plan, amplified as necessary, shall form the business plan. The business plan shall be updated to include key targets and milestones for the year immediately ahead and shall be linked to budgeting information so that resources allocated to achieve specific objectives can readily be identified by the department. Subject to any commercial considerations, a digest of the corporate and business plans should be published by NHS Digital on its website and separately be made available to staff.

The following key matters should be included in the plans:

• key objectives and associated key performance targets for the forward years, and the strategy for achieving those objectives
• key non-financial performance targets
• a review of performance in the preceding financial year, together with comparable outturns for the previous 2 to 5 years, and an estimate of performance in the current year
• alternative scenarios and an assessment of the risk factors that may significantly affect the execution of the plan but that cannot be accurately forecast
• other matters as agreed between the department and NHS Digital

Budgeting procedures 

Each year, in the light of decisions by the department on the updated draft corporate plan, the department will send to the ALB:

• a formal statement of the annual budgetary provision allocated by the department in the light of competing priorities across the department and of any forecast income approved by the department
• a statement of any planned change in policies affecting NHS Digital

NHS Digital will work with the NHSE Transformation Directorate and DHSC Finance Business Partners, in any in-year prioritisation process to refine and confirm the budget.

NHS Digital’s business planning will take account both of approved funding provision and any forecast receipts, and will include a budget of estimated payments and receipts together with a profile of expected expenditure and of draw-down of any departmental funding and/or other income over the year.

Financial accountability for specific programmes

The chief executive of NHS Digital as accounting officer is accountable to Parliament for the expenditure associated with NHS Digital as voted in the estimate, including:

• running and maintaining live services and legacy systems which provide critical infrastructure for health and social care
• delivery of those programmes in the TTP which NHS Digital is contracted to deliver
• delivery of programmes outside of the TTP commissioned by organisations other than DHSC

Grant-in-aid and any ring-fenced grants 

Any grant-in-aid provided by the department for the year in question will be voted in the department’s Supply Estimate and be subject to Parliamentary control.

The grant-in-aid will normally be paid in monthly instalments. NHS Digital will comply with the general principle, that there is no payment in advance of need. Cash balances accumulated during the course of the year from grant-in-aid or other Exchequer funds shall be kept to a minimum level consistent with the efficient operation of NHS Digital. Grant-in-aid not drawn down by the end of the financial year shall lapse. Subject to approval by parliament of the relevant estimates provision, where grant-in-aid is delayed to avoid excess cash balances at the year-end, the department will make available in the next financial year any such grant-in-aid that is required to meet any liabilities at the year end, such as creditors.

If the department provides NHS Digital separate grants for specific (ring-fenced) purposes, it would issue the grant as and when NHS Digital needed it on the basis of a written request. NHS Digital would provide evidence that the grant was used for the purposes authorised by the department. NHS Digital shall not have uncommitted grant funds in hand, nor carry grant funds over to another financial year.

Annual report and accounts 

The NHS Digital Board must publish an annual report of its activities together with its audited accounts after the end of each financial year. The accounts should be prepared in accordance with the relevant statutes and specific accounts direction issued by the department as well as the Treasury. NHS Digital shall provide the department its finalised (audited) accounts in order for the accounts to be consolidated within the DHSC. The accounts should be prepared in accordance with the relevant statutes and specific accounts direction issued by the department as well as the Treasury.

The annual report must:

• cover any corporate, subsidiary or joint ventures under its control
• comply with the Treasury’s Financial Reporting Manual (FReM) and in particular have regard to the illustrative statements for an NDPB (see Government Financial Reporting Manual)
• outline main activities and performance during the previous financial year and set out in summary form forward plans

Information on performance against key financial targets is included within the annual report and subject to the auditor’s consistency opinion. The report and accounts shall be laid in parliament and made available on the NHS Digital website, in accordance with the guidance in the FReM. A draft of the report should be submitted to the department 2 weeks before the proposed publication date. The accounts should be prepared in accordance with the relevant statutes and specific accounts direction issued by the department as well as the FReM.

Reporting performance to the department 

NHS Digital shall operate management, information and accounting systems that enable it to review in a timely and effective manner its financial and non-financial performance against the budgets and targets set out in the corporate and business plans.

NHS Digital shall inform the sponsor department of any changes that make achievement of objectives more or less difficult. It shall report financial and non-financial performance, including performance in helping to deliver ministers’ policies, and the achievement of key objectives regularly.

NHS Digital’s performance shall be formally reviewed by the department twice a year as part of sponsorship arrangements.

The Secretary of State for Health and Social Care will meet the chair once a year.

The principal accounting officer or their designated representative, will meet the chief executive officer at least once a year.

Right of access and information sharing 

The department has the right of access to all ALB records and personnel for any purpose including, for example, sponsorship audits and operational investigations.

NHS Digital shall provide the sponsor department with such information about its operations, performance, individual projects or other expenditure as the sponsor department may reasonably require.

The department and HM Treasury may request the sharing of data held by NHS Digital (excluding nationally held health and social care data) in such a manner as set out in central guidance except insofar as it is prohibited by law.

As a minimum, NHS Digital shall provide the department with information monthly that will enable the department satisfactorily to monitor:

• NHS Digital’s cash management
• its draw-down of grant-in-aid
• forecast outturn by resource headings
• other data required for the Online System for Central Accounting and Reporting (OSCAR)
• data as required in respect of its compliance with any Cabinet Office Controls pipelines or required in order to meet any condition as set out in any settlement letter

Audit

Internal audit

NHS Digital shall:

• establish and maintain arrangements for internal audit in accordance with the Treasury’s Public Sector Internal Audit Standards (PSIAS)
• set up an Audit and Risk committee of its board in accordance with the Code of Good Practice for Corporate Governance and the Audit and Risk Assurance Committee Handbook, or be represented on DHSC’s Audit Committee
• forward the audit strategy, periodic audit plans and annual audit report, including NHS Digital Head of Internal Audit opinion on risk management, control and governance as soon as possible to the sponsor department
• keep records of and prepare and forward to the department an annual report on fraud and theft suffered by NHS Digital and notify the sponsor department of any unusual or major incidents as soon as possible
• will share with the sponsor department information identified during the audit process and the audit report (together with any other outputs) at the end of the audit, in particular on issues impacting on the department’s responsibilities in relation to financial systems within NHS Digital

External audit 

The Comptroller and Auditor General (C&AG) audits NHS Digital’s annual accounts. They are laid before parliament by the DHSC, together with the annual report.

In the event that NHS Digital has set up and controls subsidiary companies, NHS Digital will ensure that the C&AG has the option to be appointed auditor of those company subsidiaries that it controls and/or whose accounts are consolidated within its own accounts. NHS Digital shall discuss with the sponsor department the procedures for appointing the C&AG as auditor of the companies.

The C&AG:

• will consult the department and NHS Digital on whom – the NAO or a commercial auditor – shall undertake the audit(s) on his behalf, though the final decision rests with the C&AG
• has a statutory right of access to relevant documents, including by virtue of section 25(8) of the Government Resources and Accounts Act 2000, held by another party in receipt of payments or grants from NHS Digital
• will share with the sponsor department information identified during the audit process and the audit report (together with any other outputs) at the end of the audit, in particular on issues impacting on the department’s responsibilities in relation to financial systems within NHS Digital
• will consider requests from departments and other relevant bodies to provide Regulatory Compliance Reports and other similar reports at the commencement of the audit. Consistent with the C&AG’s independent status, the provision of such reports is entirely at the C&AG’s discretion

The C&AG may carry out examinations into the economy, efficiency and effectiveness with which NHS Digital has used its resources in discharging its functions. For the purpose of these examinations the C&AG has statutory access to documents as provided for under section 8 of the National Audit Act 1983. In addition, NHS Digital shall provide, in conditions to grants and contracts, for the C&AG to exercise such access to documents held by grant recipients and contractors and sub-contractors as may be required for these examinations; and shall use its best endeavours to secure access for the C&AG to any other documents required by the C&AG which are held by other bodies.

Reviews and winding up arrangements

Review of NHS Digital’s status

In accordance with Cabinet Office guidance, NHS Digital shall be reviewed at appropriate dates as agreed with the department.

Arrangements in the event that NHS Digital is wound up

The sponsor department shall put in place arrangements to ensure the orderly winding up of NHS Digital. In particular it should ensure that the assets and liabilities of NHS Digital are passed to any successor organisation and accounted for properly. (In the event that there is no successor organisation, the assets and liabilities should revert to DHSC.) To this end, the department shall:

• ensure that procedures are in place in NHS Digital to gain independent assurance on key transactions, financial commitments, cash flows and other information needed to handle the wind-up effectively and to maintain the momentum of work inherited by any residuary body
• specify the basis for the valuation and accounting treatment of NHS Digital’s assets and liabilities
• ensure that arrangements are in place to prepare closing accounts and pass to the C&AG for external audit, and that, for non-crown bodies funds are in place to pay for such audits. It shall be for the C&AG to lay the final accounts in Parliament, together with his report on the accounts
• arrange for the most appropriate person to sign the closing accounts. In the event that another ALB takes on the role, responsibilities, assets and liabilities, the succeeding ALB AO should sign the closing accounts. In the event that the department inherits the role, responsibilities, assets and liabilities, the sponsor department’s AO should sign

NHS Digital shall provide the department with full details of all agreements where NHS Digital or its successors have a right to share in the financial gains of developers. It should also pass to the department details of any other forms of claw-back due to NHS Digital.