National Data Guardian 2023-2024 report

Question 1

1.   Introduction by Dr Nicola Byrne

Accepted Answer

Dr Nicola Byrne, National Data Guardian for Health and Social Care

As I present my third annual report, I am looking forward to the journey ahead, following my reappointment for another three-year term. This year, we have revisited and sharpened our strategic objectives, ensuring our efforts remain focused on supporting the demonstrably trustworthy use of data to improve care, enhance research and support service planning. We hope that they clearly convey our commitment to helping the system address its data challenges and create meaningful improvements for patients and the public, whilst ensuring trust in the confidentiality of the health and care system is maintained.

While resetting our objectives, my team and I have been reflecting on the significant changes we’ve navigated over the past few years, and those still on the horizon. With each shift comes opportunity. Now a new government is at the helm, ministers are approaching the topic of data with a fresh urgency, their thinking shaped by Lord Darzi’s hard-hitting independent report on the state of the NHS in England and Professor Sudlow’s review into the UK health data landscape.

Even ahead of finalising its 10-year plan, the government has made some big commitments to data and digital initiatives, positioning the NHS for a transformative shift from analogue systems towards a digital future centred more on preventative care, shifting the focus from hospital to the community. In this introduction, I’d like to reflect on some of the new government’s data policy announcements and spotlight key initiatives that my team, my panel members and I have prioritised this year.

Getting the basics right: improving the availability of information for direct care

While I am strongly in favour of data-driven innovation in healthcare, it’s equally important to get the basics right. Improving information sharing to support direct care has long been a strategic objective for the NDG. Last year I joined with the Information Commissioner, John Edwards, and the Chief Medical Officer for England, Professor Sir Chris Whitty to deliver a joint message encouraging health and care staff to have the confidence to share information in support of people’s care and treatment.

Patients are often let down when they arrive for care and their clinician lacks information about important diagnoses or treatments received in other settings. For the NHS to realise the full potential of digital transformation, it must first ensure seamless and consistent access to the necessary patient data in each care setting. A strong foundation of effective information sharing is essential for improving patient outcomes and will provide a solid base for more advanced initiatives to build upon.

To achieve this, we must address all of the barriers that impede data sharing for direct care. In 2020 we sought to identify these barriers and various themes emerged, such as the anxieties around breaching confidentiality and data protection law, but also technical limitations that can only be addressed nationally or regionally, such as poor infrastructure and a lack of system integration. Only by continuing to confront these challenges head-on can we ensure that care is consistently more informed, cohesive and effective – paving the way for more advanced initiatives.

Therefore, I strongly support the government’s commitment to addressing some of these long-standing barriers, particularly its plan to develop a single patient record. This will mark significant progress in patient care, ensuring that health and care staff across settings can access to the specific information they need to treat individuals, from a single source of truth. Further to this, I am also encouraged by the government’s efforts to make information sharing across healthcare providers more technically feasible. The Data (Use and Access) Bill promises to drive interoperability by requiring technology suppliers to meet updated technical standards. This will enable systems to connect and communicate more effectively across the NHS, laying the groundwork for the seamless information sharing people expect from our healthcare providers. These changes take us closer to a point where patients will no longer be burdened with the need to repeatedly recall and recount their medical histories to different providers along their care journey, and where their clinicians always have the latest information to hand to inform and guide decisions about an individual’s care.

NHS England managing GP data for consented cohort research studies

The Department of Health and Social Care (DHSC) has announced that NHS England, not GP surgeries, will now take responsibility for the sharing of GP data with researchers on behalf of patients who have consented to participate in research studies. To date, GPs have sometimes found it challenging to fulfil these requests given time constraints and concerns around the decision-making responsibility involved, meaning that a patient’s wishes weren’t always met. Centralising this responsibility will streamline access to data for research and reduce the burden on GPs. However, ensuring that patient consent is truly informed when they sign-up to join a databank or study remains paramount; the process for obtaining consent must be ethical and fully transparent, so that people are clear how their data will be used and by whom. To support this objective, I have agreed to join NHS England’s new consent assurance group, where I will provide guidance on setting and maintaining high standards in consent processes and documentation.

NHS Federated Data Platform

This year, we have continued to support those implementing the NHS Federated Data Platform. I view this as a key infrastructure project that will unlock valuable insights from existing health data, enhancing the NHS’s capacity to plan and deliver patient care more effectively.

Early on, however, public concerns emerged around which company would provide the platform’s software, including whether the chosen provider might gain access that could allow them to exploit NHS data for their own purposes. Without clear clarification of these and other concerns, there was a real risk that large numbers of people might heed calls from campaigners to register a national data opt-out (NDOO). Similarly, ICS systems might be wary of its adoption.

It is important to note, however, that the NDOO does not apply to the current suite of products available in the FDP. As such, registering an NDOO would not have prevented individuals’ information from being processed by the platform, whose primary function to date is to improve patient direct care. However, a significant rise in NDOO rates would have inadvertently undermined the integrity of whole population data, which is vital for NHS service planning and medical research. This data is a unique national asset that provides substantial benefits to patients and the public, and it must be protected from harm. While I fully support patient choice, opt-outs driven by a lack of accurate information or unaddressed concerns must be avoided to safeguard the essential role of whole population data in improving healthcare outcomes for all of us.

To address this, we advised NHS England to enhance its public and system-wide communication efforts, focusing on building trust in the project by providing clear assurances about the procurement process, the contractual and data safeguards in place to prevent exploitation, and the platform’s potential benefits. I am pleased to report the NHS England took this advice, from myself and others, seriously, and acted accordingly. In 2023-24, my team and I continued to provide independent oversight of this programme by participating in three separate assurance groups. Our aim has been to ensure sound information governance, trustworthy data use, and transparent public communications. Thanks to strengthened public and professional engagement efforts, we believe NHS England successfully mitigated the risk of a large rise in NDOO rates following Palantir’s selection as the supplier. Now that the platform is being rolled out across the NHS estate, we will be welcoming and listening closely to feedback from those using it. We look forward to revisiting its impact again in next year’s report, once it has had more time to become established.

Large-scale public engagement on health and care data

We’ve been pleased to work closely with NHS England and DHSC as they design and implement a large-scale public engagement programme to provide evidence-based insights from the public to inform future data policy, ensuring it aligns with public expectations and values. This exercise is engaging the public on key issues such as governance around secure data environments, the creation of value from NHS data, the newly proposed single patient record and opt-out choices.

As chair of the independent advisory group for this work, I have valued the opportunity to support the dedicated team leading it, including attending some of the public deliberations, which have offered insightful perspectives from a crucially very diverse range of participants. My office has also contributed to shaping the materials for these discussions to ensure that they foster thoughtful and constructive discussion. This work concludes next year, and I look forward to seeing the final outcomes to consider the implications for future policy.

We have also continued to progress our own public attitudes research project. Ensuring that the public is not surprised by how their health and care data is used has always been a core focus of the NDG’s work. However, many remain unaware of routine data uses beyond direct care, which creates a knowledge gap about public expectations for the use of confidential patient information (CPI). This gap makes it challenging to assess whether certain uses would be unexpected or concern people. Our project aims to examines whether ‘reasonable expectations’ can be created for secondary use of health data. The focus of the project is on two uses: the Bowel Cancer Screening Quality Assurance Service and population health management. We are investigating whether these specific uses of CPI can be supported by targeted communications materials that create public expectation around them. Drawing on insights from the individuals whose data is being used, we aim to determine if, after reviewing specific information on these secondary uses, there is an expectation of privacy around the data involved. The project has a qualitative and quantitative phase and will conclude in 2025.

Mitigating threats to our data-driven ambitions

Achieving our data-driven goals for the NHS means tackling several critical challenges. While research carried out by NHS England suggests that 83% of people trust the NHS to keep their data secure, trust nevertheless remains extremely fragile and must be treated delicately. We cannot presume a public mandate for, or acceptance of, new data uses – no matter how well-intentioned or seemingly uncontroversial they may appear to those making decisions about them. Alongside this, we face persistent, unpredictable external threats that demand our strongest efforts to counteract. For instance, this year, one instance of misinformation on social media appears to have caused a sharp rise in NDOO rates. This highlights the importance of always prioritising transparency and proactive engagement to address legitimate concerns and misconceptions, as well as countering false narratives engineered to disrupt or harm.

In addition, cyber-attacks pose serious risks to frontline care, with the potential to endanger patient confidentiality and disrupt safe care delivery. Having again this year witnessed the impact of a cyber-attack on systems in the Trust where I work clinically, I have seen firsthand the clinical disruption that unfolds when crucial digital infrastructure (in this instance for blood tests) is not available, compromising our ability to provide safe care and ensure all patient information is accessible to clinicians.

This has emphasised for me that alongside all efforts to prevent the success of cyber-attacks, strengthening our clinical and operational resilience to them when they do occur, is crucial. All health and care organisations must work to ensure that they can continue functioning even in the event of an outage affecting any one of the clinical or operational digital systems that underpin the care they provide. While there is much work to be done in this area, we were pleased to contribute this year by collaborating with the NHS Data Security and Protection Toolkit team to support their adoption of the National Cyber Security Centre’s Cyber Assessment Framework. The CAF provides organisations with an updated method for assessing how effectively they are managing cyber risks, ultimately bolstering resilience across the NHS to better safeguard privacy and services.

This year has been a period of substantial progress and adaption, and as the data and digital landscape continues to evolve, my team and I are prepared for another intensive year ahead. Our commitment to ensuring that data serves the public good remains unwavering, and we look forward to continuing this work with a focus on transparency, ethical data use, and patient-centred outcomes. We hope this report reflects our dedication to these values and the positive impact we have made over the last year.

Question 2

2.  About this report

Accepted Answer

The Health and Social Care (National Data Guardian) Act 2018 requires that the National Data Guardian (NDG) submit an annual report detailing the advice provided and guidance issued in the previous fiscal year, along with upcoming priorities. This report fulfils these requirements, highlighting the NDG’s work from 1 April 2023 to 31 March 2024, and includes some key activities from the drafting period. It outlines the progress in priority areas set by Dr. Nicola Byrne, the National Data Guardian, in last year’s report, as well as the unforeseen and reactive work that occupies much of her and her team’s time.

Throughout the reporting period, the NDG was supported by a small team of staff (the Office of the National Data Guardian) and an independent advisory group known as the NDG panel. Biographies of panel members, the panel’s terms of reference, and minutes from panel meetings are available on the NDG’s website.

Question 3

3.   What the NDG does and how

Accepted Answer

3.1 Vision

To improve the quality and sustainability of health and care through the safe, appropriate, and ethical use of people’s health and social care information.

3.2 Mission

To provide leadership, expertise and insight on the use of health and social care data, advocating for policies, practices and principles that build and maintain trust in data use and the confidentiality of our health and social care services.

The NDG works towards this mission by:

providing advice to the government and the health and social care system
resourcing and guiding the work of the UK Caldicott Guardian Council
commissioning and conducting innovative research to strengthen the evidence base on public attitudes towards health and care data, including in collaboration with others

3.3 Strategic objectives and work priorities for 2023-24

Three, new long-term strategic objectives support the NDG’s mission:

3.3.1 Improving health and care staff and patient access to healthcare information

To work well, healthcare teams, social care providers and care coordinators must have timely access to healthcare information. However, for many reasons, this information is not always routinely available when needed. Supporting and empowering staff to share information confidently and appropriately is therefore crucial, including across organisational boundaries, where it ensures continuity of care and prevents missed opportunities for providing the right interventions, at the right time, in the right place.

Additionally, there is a growing demand from the public for access to their medical records and online health services, allowing them to take a more active role in managing their health.

Furthermore, the frequency and complexity of cyber-events are rising, in health and social care as elsewhere. These events can have serious consequences: for privacy when data is compromised, as well as clinically when critical information and digital systems are down for extended periods, leaving healthcare care teams without access to essential clinical tools and patient information. The system must actively work to reduce both the likelihood of these incidents and their impact on people’s safety.

Through working to explore and address the above, I am committed to ensuring that health and care teams and the individuals they care for have secure and appropriate access to the information and systems they need to effectively manage people’s treatment and care.

I have set the following work priorities under this objective:

I will work with national organisations and healthcare leaders to:

provide advice and guidance to the system that encourages the better use of health and care data to improve the quality and sustainability of people’s care and treatment and addresses barriers to information sharing
explore ways in which we can ensure that organisations have sufficient support to build and maintain their cyber-security and improve organisational resilience to better cope with cyber-events when they do happen

3.3.2 Encouraging the ethical and legal use of data for public benefit through research, planning and innovation, in line with people’s expectations

Using health and care data for reasons other than direct delivery of care is essential. It allows us to identify where there are problems with the quality of care, to learn from where things are going well, and to unlock insights that can lead to new or improved treatments and sustainable services that benefit everyone. I will uphold the principle that data should be used ethically as well as legally when doing so. This means promoting a culture of transparency, fairness, equity, and accountability amongst those who use data to plan our services, including monitoring their quality and sustainability, or to conduct research that benefits the public.

As the NHS continues to introduce important new technologies to provide better data access, as well as the policies, processes, and ways of working that support them, it’s important to ensure that these advances happen in a way that people can accept and trust. Those making system-level decisions about health and care data must always recognise and respect the human element behind that data: that it is private information entrusted in times of sickness and vulnerability. I will urge decision-makers to place the views of patients and service users at the centre of their deliberations, so they never forget where data comes from and why people are concerned about how it is used and by whom.

I have set the following work priorities under this objective:

I will continue to offer advice and guidance to the government and health and social care system to help build public trust in secondary uses of data. The goal is to attain and maintain public support for uses of data in planning, research and innovation by making sure that data use is demonstrably trustworthy. My key focus areas will include:
contributing to new data policy and scrutinising proposed policy changes
reviewing information governance arrangements for data programmes
promoting the importance of transparency around data use, including around risks, safeguards and public benefits
fostering open and honest communications and engagement about data use
ensuring patient and public involvement in the formation of new data policy and in data policy decision-making
I will continue to run our significant research project aimed at exploring if clear expectations can be set for the use of confidential patient data beyond care delivery. This project will examine two NHS planning activities: population health management and the quality assurance of bowel cancer screening services. In collaboration with NHS partners and research specialists, Thinks Insight & Strategy, the NDG will engage with the public to identify the actions needed to set these expectations. Alongside its advisory responsibilities, this project will be the NDG’s primary focus for the fiscal year 2023-24, with findings expected in early 2025.

3.3.3 Supporting health and care organisations to uphold the Caldicott Principles and make well-informed decisions about data

I am committed to improving health and care organisations’ abilities to handle and share information securely, confidently, and in compliance with the National Data Guardian’s Caldicott Principles: eight good practice guidelines introduced to ensure people’s information is kept confidential and used appropriately. From the frontline to the boardroom, I will strive to cultivate a culture of awareness and understanding of the safe, appropriate and ethical use of data, and why this matters to patients and the public.

Everyone working in health and care, at all levels, needs to feel supported and well-informed when it comes to making decisions about people’s health and care information. In many instances, leadership around these activities falls to Caldicott Guardians. By resourcing and actively participating in the work of the UK Caldicott Guardian Council, I will increase the availability of information and support to help those upholding the Caldicott Principles.

I have set the following work priorities under this objective:

I will sponsor and actively participate in the work of the UK Caldicott Guardian Council, to ensure that Caldicott Guardians have the support and resources they require to provide effective leadership to their organisations regarding the handling and use of confidential patient information in line with the Caldicott Principles
I will look for opportunities to support staff awareness and understanding of information governance good practice at all levels, to ensure that patient confidentiality is maintained whilst ensuring data is used appropriately for both patient care and public benefit.

Question 4

4.  Public attitudes research: testing whether ‘reasonable expectations’ can be created around secondary uses of health data

Accepted Answer

Throughout 2023-24, significant progress was made on the ONDG’s research project, Creating Reasonable Expectations, with work continuing at a steady and productive pace. The team remained focused on meeting key milestones, advancing the project through multiple critical phases.

The importance of ensuring that the public is not surprised by how their health and care data is used has long been a central theme in the work of, and advice given by, the NDG. However, it is also acknowledged that many are not aware of some of the routine uses of health and care data for purposes beyond care. This creates a knowledge gap when it comes to understanding what people ‘reasonably expect’ regarding the use of their confidential patient information (CPI). As a result, it becomes challenging to determine whether a specific use of data would come as a surprise to them.

Given the significance of this issue for the NDG, the “Creating Reasonable Expectations” public engagement project was launched in 2022-23 to study the matter in greater depth, with a planned conclusion in early 2025.

This proof-of-concept project aims to investigate whether ‘reasonable expectations’ can be established for specific secondary uses of CPI through the use of targeted communication materials. Supported by insights and evidence from individuals whose data is used, the project’s primary goal is to be able to state that as a result of viewing materials about a specific secondary data use, there is subsequently no expectation of privacy around it. This will be tested in the context of two specific secondary use programmes and their data uses: Bowel Cancer Screening Quality Assurance Services (SQAS) and Population Health Management (PHM).

To support us in the delivery of the project research phases, we procured a research supplier, Thinks Insights & Strategy. We also established a project working group of expert academic members and lay members, and a project oversight group with key stakeholders from health and social care bodies and lay members.

The project will be delivered in three main phases:

co-design of SQAS and PHM communication materials
a qualitative phase with members of the public to test and develop the materials (virtual deliberative workshops and in-person focus groups)
a quantitative phase with members of the public to further test the materials (survey)

Project outputs will include:

Communication materials: by testing communication materials relating to live uses of NHS health and care data in the project, SQAS and PHM will identify whether they can produce materials that create expectations that people find acceptable.
Reports on research findings: a report on the qualitative and quantitative research, discussing the project’s analysis and findings.
Sector policy advice: we will draw on the report’s findings to influence and look to develop general policy advice for the sector regarding reasonable expectations and the criteria which are crucial in establishing the acceptability of data uses that people have been led to expect. With our academic partners, we will investigate the general principles in the form of an academic paper, exploring how they provide a foundation for other programmes to develop materials that create expectations.

Since 1 April 2023, we have carefully co-designed the SQAS and PHM communication materials with the partner programmes, working group and NHS England information governance colleagues. These materials will be tested with the public during the project’s qualitative and quantitative phases. The co-design phase involved several in-person and virtual development sessions with the project team, facilitated by Thinks Insight and Strategy.

Question 5

5.  Supporting the development of data policy and guidance

Accepted Answer

5.1 Supporting conversations about data: NHS England’s public engagement programme

In September 2023, NHS England and the Department of Health and Social Care announced they would launch a large-scale public engagement programme in 2024 tackling digital and data transformation in the NHS. The dialogue aims to understand public perspectives on key aspects of data and digital policy and programmes. It was grouped initially into three main themes, to be explored by three different cohorts of the general public.

Principles of data use and access
The opt-out landscape
Future facing issues

The scope was amended after the 2024 election for cohort 2 to focus on linking primary and secondary care data, and for cohort 3 to focus on the opt-out landscape.

These deliberations will support the development and delivery of programmes, including the Federated Data Platform (FDP) programme and the NHS Research Secure Data Environment Network. The NDG supported this announcement, saying:

I welcome the progress towards the public engagement commitments as promised in the Data Saves Lives Strategy. It is vital to listen and engage with the public when considering policy changes or technical improvements that will impact on how health and care data is used. I look forward to being able to further advise and support this public dialogue work.

Subsequently, Dr Byrne accepted an invitation to chair the independent steering group overseeing this programme, and to participate as an expert witness in the first public engagement session. The NDG has been pleased to see that the team leading the project is focused on keeping the scope of the dialogues clear to elicit usable insight and is receptive to feedback from the group.

Through this group, the ONDG has been reviewing and contributing to the materials used with the public in deliberation sessions, including discussion guides for the workshops. To support further scrutiny, a NDG panel member also actively participates in this group. The group has also offered topic-specific advice on other policies and initiatives in the data strategy, which will be touched on later in this report.

The engagement programme will run until 2025, and the NDG will continue to provide advice through the steering group. For updates, please visit NHS England Transformation Directorate’s website.

5.2 Application of the national data opt-out

National patient experience surveys

In the past, the Department of Health and Social Care (DHSC) had sought the NDG’s views on whether granting a blanket national data opt-out (NDOO) exemption for all future national patient experience surveys would be appropriate. The NDG advised instead that each new survey should be assessed individually. This approach ensures careful consideration of the survey’s clinical purpose, who is administering it, how patients may perceive communications from them, and the contents of related patient materials, such as information letters and posters.

In June 2023, the DHSC shared with the National Data Guardian a proposal to exempt a new national patient experience survey, the National Diabetes Experience survey, from the NDOO. The survey aims to measure people living with diabetes’ perceptions, expectations, and experiences of diabetes care and understand variations and inequalities in experiences of care. DHSC sought the NDG’s support before seeking a ministerial decision about exempting the survey from having to apply the NDOO.

In principle, the NDG supports not applying the NDOO to surveys that ask people about their own care experiences. It is considered important that everyone has the opportunity to comment on their own care, as this allows people to influence and improve the care they and others receive in the future.

The NDG acknowledged the evidence demonstrating how applying the NDOO would have a negative impact on the statistical results of the national surveys.

The NDG also took into consideration that evidence suggested that people with an NDOO rarely objected to receiving a survey.

The NHS Insight and Feedback team shared draft materials for the National Diabetes Experience survey with the ONDG for review. The materials included the invitation letter, communications materials, and information about its development, supported by a timeline. The team also provided evidence of significant research and engagement with people living with diabetes to inform the design of the questionnaire and materials. The office team met with the NHS Insight and Feedback team on 9 June 2023 to suggest several changes to the National Diabetes Survey dissent poster and invitation letter. The goal was to provide more clarity and uphold the commitment to transparency.

Given the above, the office team issued a letter to DHSC on 23 June 2023, in support of the proposal to exempt the National Diabetes Survey from the application of the NDOO.

In July 2023, the NHS Insight and Feedback team sought and received support for a further survey, the Integrated Care Experience Survey. In addition, the team met with the NDG panel to have a broader discussion about the national patient experience surveys and the significance of NDOO exemption to their work. Following this, the ONDG and NHS Insight and Feedback team have since met to discuss creating a framework for engaging the NDG in the process of designing new national patient experience surveys. This would allow those creating the survey to understand at an early stage whether the NDG supports the application for a ministerial decision on NDOO exemption.

5.3 Supporting opt-out reform

The Department of Health and Social Care (DHSC) committed in its June 2022 policy, Data saves lives: reshaping health and social care with data, to:

Work with the public, the expert advisory group, the National Data Guardian and other stakeholders to ensure that we have a simple opt-out system in place that provides clarity and choice, giving patients confidence, and ensuring data continues to support the functioning of the health and care system.

The national data opt-out allows a patient to choose if they do not want their confidential patient information to be used beyond their care and treatment for research and planning.

However, there are a number of opt-outs in the healthcare landscape, and these are complex to navigate. There are project and activity-specific opt-outs, local shared care record opt-outs, and direct care opt-outs. This complex collection of opt-outs has developed piecemeal, rather than systematically, in response to objections to various data collection programmes and initiatives. As a result, the opt-out process can be confusing for people to understand and implement. Given this, the NDG supports a review of opt-outs to improve clarity and effectiveness.

The NHS invested much time and careful consideration into researching, designing, and implementing the national data opt-out. It was initially introduced in 2018 to provide a simple way for individuals to opt out of having their confidential patient information used for healthcare research and planning. Although it is now operational across health and care, it has encountered some issues and criticisms. For example, some believe it would be beneficial to offer more granular options, allowing people to choose more specifically what aspects of data use they wish to opt out of.

5.3.1 Feeding into government plans for opt-out reform

The NDG is supportive of the Department of Health and Social Care’s (DHSC) proposals to reform the system of opt-outs in the health and care data landscape. In January 2024, the National Data Guardian wrote to the DHSC joint data policy team, providing early thoughts to guide any thinking about the reform at a high level, this advice included:

reform may not lead to a simpler opt-out, but the aim should be to provide a more authentic choice, with greater transparency around any instances where exemptions have been granted and where people’s opt-out choices do not apply. It should also be easy for the public to understand and enact
accurately define the problem that opt-out reform seeks to address, including setting out the historical context within which the myriad current opt-outs are situated. It was suggested that a deep exploration of both the history of opt-out and the findings from previous public engagement would unearth insights and evidence to help refine any plans for engaging with the public about opt-out reform
be clear on the scope: which opt-outs are under consideration, and which aren’t
ensure that any process for reforming opt-outs prioritises transparency
start thinking early about how best to communicate with people who have an existing opt-out that might be impacted by any changes made. We reminded DHSC that when type 2 opt-outs were replaced with national data opt-outs, all those with an existing type 2 objection were sent a letter, which might be something to consider in future.

5.3.2 Engaging the public about opt-out reform

In March 2024, colleagues from the DHSC attended an NDG panel meeting to provide an update on their current opt-out reform plans. The discussion mainly focused on public engagement. The DHSC staff confirmed their plan to use a large-scale public engagement exercise to engage the public on the subject.

They noted that whilst the programme of deliberations covered a wider range of topics than just opt-out, it would be the sole focus for one group of the public (cohort 3). Some panel members expressed concern that the objectives of the public engagement exercise should not be too broad, and should be clearly defined, otherwise it may be difficult to gather actionable feedback from participants that is good enough to help shape a new opt-out policy. They suggested narrowing the scope and presenting clearly defined options for opt-out reform to the public for discussion rather than leaving it more open-ended. The DHSC team acknowledged these points, and said it was eager not to lead the discussion towards a particular outcome. They mentioned that this feedback was valuable input to consider ahead of the design phase of the public engagement work and expressed keenness to engage further as the work progressed.

Following this, the NDG continues to work closely with teams at DHSC and NHS England as they design, plan and deliver the public engagement initiative.

Reforming opt-out systems is a complex and challenging task. The health data and IT landscape is constantly evolving, making it even more difficult. Any proposed solution must be ‘future-proofed’ so that it remains fit for purpose now and in the future and does not hinder any innovations and advancements yet unforeseen. We appreciate that DHSC is committed to asking the public what they want from an opt-out and using their views to inform the policy. Whilst no single approach will please everyone this is nevertheless vital work, and the NDG is committed to offering assistance and guidance whenever needed.

5.4 Reforming the Health Service (Control of Patient Information) Regulations 2002

The Health Service (Control of Patient Information) (COPI) Regulations 2002 make provision for the processing of patient information including confidential patient information in specific circumstances. The regulations cover processing in relation to:

communicable diseases and other risks to public health
medical research purposes (where approved by the Health Research Authority)
other medical purposes (where approved by the Secretary of State for Health and Social Care

In its 2022 data strategy, Data Saves Lives: Reshaping Health and Social Care with Data, the government committed to amending The Health Service (Control of Patient Information) Regulations 2002 to better facilitate timely and proportionate data sharing.

In September/October 2023, the NDG team provided advice to the DHSC data policy team to guide its early thoughts on COPI reforms. The key points we raised were:

provide a consistent and convincing case for reform that is evidence-based and provides a thorough evaluation of the current system
proposals should be based on a comprehensive evaluation of all the elements contributing to a trustworthy governance process when handling confidential patient information. This means that the regulations should continue to have the checks and balances that public attitudes research consistently tell us are vital safeguards for public trust and acceptance when confidential data is used without people’s consent. It will be important to be specific when describing the proposed regulations/use cases to ensure they are clear and not too broad that they are open to inconsistent interpretation
if new regulations are created, it is important to be clear about opt-outs and their application. As there are plans to reform opt-out happening at the same time as COPI reform, the two must be closely aligned to ensure coherence between them

We welcomed being involved during the early stages of DHSC’s plans. We look forward to continued involvement as and when thoughts around reform progress.

5.5 Supporting the establishment of Secure Data Environments

In the 2022 Data Saves Lives strategy, a key commitment was to transition the NHS from a model of “data sharing” to a model of “data access as default” for the analysis of health and care data (including social care) for secondary purposes. This approach was supported by the 2022 Goldacre Review, and this change would be achieved through the creation of Secure Data Environments (SDEs). The NDG supports continued commitment to this ambition under the new administration.

SDEs are data storage and access platforms, which uphold the highest standards of privacy and security of NHS health and social care data when used for research and analysis. They give approved users access to relevant health data without the raw data ever leaving the environment. There are currently 12 SDEs which work together to form the NHS Research SDE Network: the NHS England SDE and 11 Regional SDEs.

The organisation providing the SDE can control many factors, including:

who can be a user
the data that users can access
what users can do in the environment
the findings of analysis that users can remove

The Department of Health and Social Care and NHS England have published several documents outlining the aims, policies and guidelines for SDEs. These include the SDE policy guidelines, data access policy updates, and a simple ‘explainer’ of the rationale behind SDEs. The ONDG has been actively involved in discussions with DHSC officials leading on data access policy about its guidelines and policies and has provided feedback on its publications. The team continues to support this work by reviewing documents and plans, such as the timeline for the transition to data access, the SDE accreditation framework and the SDE user and organisation validation process.

5.6 Continuation of the OpenSAFELY Service as a COVID-19 Public Health Information System

The NHS England OpenSAFELY COVID-19 service is a secure, transparent, open-source software platform for the analysis of electronic health records data. It was created under the COPI notice to provide access to de-identified (pseudonymised) personal data to support approved users (academics, analysts, and data scientists) to undertake approved projects for:

COVID-19 research
COVID-19 clinical audit
COVID-19 service evaluation
COVID-19 health surveillance

In June 2023, the Secretary of State directed NHS England to continue operating the Service as a COVID-19 public health information system under the COVID-19 Public Health Directions 2020. NHS England consulted with the NDG and several other organisations about the direction, as required under section 258 of the Health and Social Care Act 2012.

The NDG reviewed the Direction and the data provision notice (DPN), which was issued to GP practices on 2 June 2023. We provided several recommendations regarding the clarity of the programme’s scope, which the team incorporated before the DPN was issued.

5.7 The use of GP data for secondary purposes

5.7.1 General practice data and OpenSAFELY

In January 2024, staff from NHS England (NHSE) attended the NDG’s panel to update members on the new OpenSAFELY (OS) arrangement following a commercial agreement between NHSE and OS, which covered the transfer of the OS COVID-19 service into NHSE.

NHSE currently has two separate secure data environments for external users of data:

The NHS England Secure Data Environment (SDE) service developed by the former NHS Digital, providing access to data held in NHSE systems
OpenSAFELY, providing access to GP data and linked datasets for COVID-19 purposes

NHSE explained that its long-term ambition is to move to a model where:

standard data access methods are available for all NHSE-controlled datasets, including OS-like access, record-level access in secure environments, and the provision of extracts (where policy and permissions allow)
users are granted access in the ‘safest’ fashion that meets their needs. With the appropriate approvals, users can ‘step up’ or ‘step down’ between different access modes as needed during the lifecycle of a project
the level of governance and review is proportionate to risk across all dimensions of the five safes, including the environment in which data is accessed and the mode of access. The uses of data are transparent to the public
movement of data is minimised by federating queries and only bringing together the data required for a specific analysis

NHSE stated its immediate focus was ensuring that both services were operating effectively in the areas they currently serve. Specifically for OS, the priority was first to reopen it for new COVID-19 analyses and then look to expand beyond that.

The NDG appreciated hearing about these plans early and recognises that this is still in the testing phase, with work remaining to determine which wider use cases the OS arrangement would be suitable for. During this early thinking the NDG asked NHSE to consider:

how the system will implement and operationalise the training and upskilling of analysts
how joint data controllership would work
whether ministerial directions would be updated
whether existing governance and assurance requirements would be reviewed to ensure that trust, transparency and patient engagement are built into their approach

5.7.2 General Practice Data for Planning and Research programme and NHS England’s evolving plans for GP data

NHSE staff also attended the NDG’s Panel in January 2024 to provide an update on the NHS’s overall strategic plans for GP data. This follows the indefinite pause of the General Practice Data for Planning and Research (GPDPR) programme three years ago.

They talked about the difficulties that the current ageing system, the General Practice Extraction Service (GPES), is facing and the increasing pressure it is under. The number of requests is rising, and they are becoming more complex. Because of this, GPES is having difficulty meeting these new requests, and the system would require significant redevelopment to meet the different direct care uses being asked of it.

They presented the lessons learned since the GPDPR programme was paused and explained how this knowledge had prompted them to explore alternative strategic models to meet the requirements for GP data, both for direct care and secondary uses.

As thinking about the new strategic approaches was still at an early stage, the team agreed to provide more updates to the NDG once they had made more progress.

In November 2023, the Information Commissioner’s office launched a consultation on its new draft guidance, Transparency in health and social care. The guidance is aimed at helping health and social care organisations understand what the ICO expects of them regarding transparency around their data processing and provides suggestions on how they might approach transparency activities.

Transparency is a fundamental principle of the National Data Guardian’s work, and we think this guidance could offer great value to the system by providing practical, definitive advice where a gap exists. Therefore, we responded to the consultation by providing extensive feedback and suggesting improvements. The ICO was receptive to our suggestions and gave feedback that our comments were helpful. The guidance was published on 15 April 2024.

In October 2023, the Office of the National Data Guardian reviewed and supported new British Medical Association guidance on Confidentiality and crimes related to abortion.

This guidance provides advice to doctors who may be uncertain about their obligations to respect confidentiality when they know, or suspect, that a patient has unlawfully attempted to end their pregnancy outside the terms of UK abortion legislation. It provides clarification on the law and professional obligations of confidentiality regarding disclosures of confidential information to the police and what factors to consider when deciding whether a disclosure to the police is justifiable in accordance with GMC guidance.

It should be noted that there is no obligation or duty on doctors to report suspected or actual crimes associated with abortion to the police.

5.10 Supporting privacy on period and fertility apps

In September 2023, the Information Commissioner’s Office (ICO) launched a review of how 11 period and fertility apps handle users’ personal information. This review was prompted by research revealing that half of the women surveyed had concerns about data security, and over half had noticed an increase in baby or fertility-related advertisements since using these apps, with 17% finding this especially distressing.

Ahead of the review’s launch, ICO representatives engaged with the Office of the National Data Guardian, receiving both advice and strong support. The NDG actively encouraged people through social media to share their experiences of these apps, to help the ICO gain a clearer understanding of the potential issues and harms users might have faced.

The ICO completed its review in July 2024, saying, ‘We looked into period and fertility apps to make sure they were looking after your sensitive information correctly. The good news is that we didn’t find any evidence of harm or wrongdoing. What it did do was to make us realise that we don’t take our own privacy seriously enough. We’re all too ready to download an app and just click ‘agree’ to their privacy notice without reading it.’

The ICO created a series of videos to help spread the word about privacy notices on apps about how to make a simple check before signing away information. The National Data Guardian supported this effort by promoting the videos through social media to increase public awareness.

5.11 Developing better IG guidance: Health and Care IG Panel working group

As part of the Health and Care Information Governance Panel (HCIGP) Working Group, the Office of the National Data Guardian has contributed to shaping national guidance available on the NHS Transformation Directorate Information Governance portal.

The portal provides clear, consistent guidance to help staff use information appropriately in supporting care, with sections for patients, frontline staff, and information governance professionals. The Working Group reviews and refines draft guidance produced by its members before it’s approved for publication. This year, it has produced guidance on:

5.12 Home Office consultation on the mandatory reporting of child sexual abuse

In November 2023, the Office of the NDG responded to the Home Office’s consultation on the mandatory reporting of child sexual abuse. The consultation requested views on proposals for delivering a mandatory reporting duty. The consultation proposed that those subject to the duty must make a report (of child sexual abuse) when, while undertaking a regulated activity or one of the specified roles, they receive a disclosure of child sexual abuse from a child or perpetrator or personally witness a child being sexually abused.

Child social care is outside the remit of the National Data Guardian. However, the proposals set out in the consultation could influence people’s trust in the confidential nature of health services, which is within the NDG’s remit. As such, our response focused on that aspect and the exemption to the proposal. The proposal provided one exemption for the reporting of child sexual abuse: a report will not need to be made under the duty if those involved in a sexual relationship are between 13 and 16 years old, the relationship between them is consensual, and there is no risk of harm present.

We were concerned that, as written, it would oblige healthcare staff to report young people in consensual relationships when one of them fell outside of the 13-16 age boundary. For example, a couple in a consensual relationship at the age of 13 and 16 would not need to be reported, but if they remained together for two years, to the ages of 15 and 18, it would need to be reported.

We suggested that the Home Office must look more closely at reflecting the Independent Inquiry into Child Sexual Abuse (IICSA) recommendation and exemption, which set out more flexible boundaries for applying the age rule for when reports need not be made, by introducing the criteria of no more than three years’ age difference.

We understand the absolute need to share appropriate and necessary information to safeguard children and acknowledge the harm that can be caused when information is not shared in a timely manner. However, our view was that the proposed exemption for consensual peer relationships needed to be amended to protect young people’s relationship with health and care services. Young people may already be concerned about whether they can confide in health and care services without their confidential information subsequently being passed on to their parents or schools. We were concerned that there was a real risk of exacerbating those worries among young people. We must avoid a situation where, despite the exemption, it becomes a commonplace misunderstanding among young people that the authorities or other agencies may be informed about underage consensual sexual relationships, as this could deter vulnerable young people from seeking help or healthcare when they need it the most.

The consultation closed on 30 November 2023. The Home Office published its response on 8 May 2024. It acknowledged this concern and that it will be further considered in the drafting of the legislation.

5.13 National Fraud Initiative consultation

The National Fraud Initiative (NFI) is an exercise that matches electronic data within and between public and private sector bodies to prevent and detect fraud.

Data matching involves comparing sets of data, such as a body’s payroll or benefits records, against other records held by the same or another body to see how far they match. The data is usually personal information. Data matching can be used to identify inconsistencies or previously unknown information that may indicate fraud, prevent and detect crime, assist in the apprehension and prosecution of offenders, identify errors and inaccuracies, or help recover debt owed to public bodies.

The Cabinet Office is responsible for carrying out the data matching exercises. In November 2023, it launched a consultation on the use of a legislative reform order it was proposing to use to recommence the sharing of adult social care data for fraud data matching activities. Historically, the NFI and local authorities had the ability to access adult social care data. However, this ability was inadvertently removed in 2016 when the NHS Act 2006 was amended to re-classify adult social care data as ‘patient data’.

The NDG responded to these proposals on 4 December 2023, with comments focused on maintaining public trust in the health and care system’s confidentiality.

5.14 Unifying Health Data in the UK: the Sudlow review of health data flows

In June 2023, the NDG was consulted by Professor Cathie Sudlow as part of her independent review ‘Unifying Health Data in the UK’, which the UK Government had commissioned her to carry out to map and assess the flows of health-relevant data across the four nations of the UK. It sought to evaluate how data can be better managed to improve public health while maintaining privacy and trust. The review was published in November 2024.

5.15 Prehospital emergency medicine feedback: reflective practice as integral to safe care

Pre-hospital emergency clinicians (such as ambulance and air staff) who provide initial treatment to patients before they are transferred to hospital care may never have the opportunity to follow up with their patients afterwards to understand the impact of their care. Consequently, they may be unaware of the effects of their decisions and actions. Enabling healthcare professionals to understand the impact of their clinical actions is an essential part of providing safe and high-quality patient care.

In the East of England, the Prehospital Emergency Medicine (PHEM) Feedback project is a partnership between hospitals and prehospital care teams. This project allows hospital clinicians to give feedback to pre-hospital clinicians, helping them reflect on and understand the impact of the care they provided. Currently, this project has Section 251 support from the Health Research Authority’s Confidentiality Advisory Group, which means it is legally able to access confidential patient information (CPI) about episodes of care in order to provide feedback to the pre-hospital clinician.

Following extensive discussions with the PHEM team, the ONDG began a programme of work to explore whether it was suitable to permit access to CPI for the mentioned purposes under the legal basis of implied consent for direct care.

The ONDG has drafted a position paper that considers when regulated health and social care professionals may be able to justify access to CPI for reflective practice. Whilst developing this position, the NDG has consulted with the Health Care Professionals Council, Social Work England, the Nursing and Midwifery Council, and the General Medical Council.

The position takes into account that reflective practice is a requirement of each regulator and emphasises the importance of reflective practice in ensuring the provision of safe, high-quality care. It also outlines the limitations and safeguards required when someone wants to access CPI to reflect on their practice (these limitations and safeguards are guided by the Caldicott principles).

In support of this work, the ONDG conducted polling of 2558 adults in the UK aged over 16, using a sample weighted to represent the adult population of the UK. Participants were asked if they believed that during reflective practice, healthcare professionals should be given access to information about how their care impacted patients so they could assess what worked well and what they may need to improve in the future. Of the people polled, 97% agreed that healthcare professionals should have access to this information (choices were: strongly agree, agree, somewhat agree) while 3% disagreed (choices were: strongly disagree, disagree, somewhat disagree).

5.16 Supporting the NHS number as a consistent unique child identifier

During the passing of the Health and Care Act 2022 through Parliament, an amendment regarding information sharing in child safeguarding was added in the final stages of the legislative process. This amendment required the Secretary of State for Education to provide a report on government policy for improving multi-agency information sharing related to children’s health, social care, and the safeguarding or promotion of their welfare. This also involved examining the role of a consistent child identifier for use across agencies and services responsible for a child’s care and safeguarding.

As part of the Government’s work to publish this report, the Department of Health and Social Care (DHSC) contacted the National Data Guardian (NDG) in May 2023 to seek a view on the feasibility of using the NHS number as a consistent identifier, to support better, more joined-up child safeguarding.

The NDG acknowledged that although policy in relation to children’s social care information wasn’t within the role’s scope, they fully supported any efforts to enhance the sharing of relevant information between agencies in order to safeguard children. Tragic incidents involving the death of at-risk children occur too frequently, and subsequent reviews consistently highlight the problem of insufficient information sharing. The NDG agreed that implementing a consistent child identifier would facilitate better, more timely sharing of information when it is necessary and proportionate to ensure the welfare and safety of children.

The NHS number is already essential for delivering coordinated care. The NDG agreed that extending its use as a consistent identifier for children across different agencies is a practical solution. The importance of having effective safeguards and processes in place to protect privacy was emphasised, alongside noting that some people may have privacy concerns about extending the use of the NHS number. However, the NDG emphasised that safeguarding children from harm should always be the priority.

The Department for Education published a policy paper, Improving multi-agency information sharing, in July 2023.

5.17 Supporting public engagement to inform policy on AI data stewardship

In 2023-24, the Office of the National Data Guardian continued to support the NHS Artificial Intelligence Lab with its multi-stage project to research and implement new approaches to data stewardship for artificial intelligence (AI) with the help and involvement of the public.

Data stewardship describes practices relating to the collection, management and use of data, including deciding who gets to access data for research and development purposes. Current approaches to data stewardship often lack adequate and appropriate participation from the public, which is particularly problematic when it comes to health data use in AI, given the ethical risks that AI systems pose. The public must have a voice in these conversations, as public scrutiny can increase transparency and positively influence the design and accountability of complex AI systems.

The ONDG has been involved in this programme of work since 2022, when we joined the oversight group for a public dialogue programme commissioned by the NHS AI Lab’s AI Ethics Initiative. The dialogue sought to understand the risks and benefits of specific data stewardship approaches from a public perspective, including expectations of how the public should be engaged in decisions about data access for AI purposes in health and care. The findings were published in November 2022 and were used to inform the specification for a piece of research put out for tender in February 2023. The purpose of this follow-up project was to design data stewardship models based on the public dialogue insights.

The successful contracted research supplier for this follow-up project, AtkinsRéalis, was requested to ‘design and assess the feasibility and merit of data stewardship models that could increase visibility over health data, transparency over its use, and empowerment of patients and the public in decisions about granting access to it for AI purposes.’

The ONDG continued to show its support by being part of the steering group for this discovery project. The role of the steering group was to provide expert feedback and recommendations on project outputs and deliverables and identify potential risks, issues, and challenges that may impact the project’s success. The project conducted quantitative and qualitative research to engage users, including patients and the public, to incorporate their opinions into the design of the data stewardship models. Three data stewardship models were considered and tested: delegated, collective and individual decision-making.

This discovery project concluded with the production of a set of recommendations and considerations for piloting the three proposed models of data stewardship. The final report is expected to be published later this year.

5.18 Supporting better AI regulation in health and care

In June 2023, the Office for Artificial Intelligence (which is now the AI Policy Directorate in the Department for Science, Innovation and Technology) invited the NDG to participate in a workshop as part of its consultation for the white paper A pro-innovation approach to AI regulation.

The white paper expressed the government’s ambition to:

Put in place a new framework to bring clarity and coherence to the AI regulatory landscape. This regime is designed to make responsible innovation easier. It will strengthen the UK’s position as a global leader in AI, harness AI’s ability to drive growth and prosperity, and increase public trust in its use and application.

The paper introduced initial proposals for creating a regulatory framework that supports innovation. It outlined five overarching principles for existing UK regulators to interpret and apply within their areas of responsibility. Additionally, the paper suggested the establishment of a new central function to ensure consistency in the regulatory framework and address any gaps in regulation.

An NDG panel member with expertise in AI attended to represent the NDG’s interests and contributed to a discussion alongside the NHS AI and Digital Regulations Service (a multi-regulator collaboration for AI in health and social care) and others. The government published its response to the consultation on 6 February 2024 and an AI implementation roadmap.

5.19 Supporting the NHS Continuing Healthcare team

In March 2024, the NHS Continuing Healthcare (CHC) team within the Adult Social Care directorate at the Department for Health and Social Care contacted the NDG. They explained that they were working with NHS England colleagues on the development of a template consent form for information sharing with family, friends and representatives in the context of CHC. They requested the ONDG team’s assistance in reviewing the draft template before its publication. The ONDG team agreed to this request and performed a thorough review, offering feedback and suggestions for improvement.

5.20 Helping the police respect patient confidentiality when requesting third-party information

In response to a direction from the Information Commissioner’s Office and the Attorney General’s Guidelines on Disclosure 2022, the National Police Chief’s Council (NPCC) collaborated with the Home Office to develop a new interim NPCC Third-Party Material Request Form and guidance to support it.

The form is intended to make clear to recipients what is being asked for and why, and what authority the police have to request it. It provides important information, such as why it is necessary and proportionate to seek personal material and whether the individual should be informed.

Organisations were also notified that starting from 4 October 2023, to satisfy data protection law, they should no longer rely on gaining an individual’s consent as the legal basis for providing information to the police. Instead, requests would be made under the Criminal Procedure and Investigations Act (CPIA) 1996 as a ‘reasonable line of enquiry’.

However, this approach neglected to consider the common law duty of confidentiality and the special nature of confidential patient information. For health and care organisations, fulfilling the duty of confidence is equally important as complying with data protection laws. This means that although consent might no longer be the legal basis for data protection compliance, it is still typically required to lift the obligation of confidentiality (unless there is an overriding public interest reason for the disclosure).

The NDG, British Medical Association, and NHS England worked with the NPCC to redraft the form and its accompanying documents (FAQs, letters, and a support pack). This revision ensured that the form recognised the duty of confidentiality and was suitable for requesting confidential patient information. The new form is helpful as it requires police officers to provide essential information to help health and care organisations determine whether there is a sound legal basis to disclose the information, which in the past has been difficult. For this reason, we support the use of NPCC third-party material request forms when issuing confidential patient information requests. They have now been provided to local police forces, who are advised to use them when pursuing reasonable lines of enquiry. The NPCC does not mandate the use of these forms, but we encourage staff to ask the police about the NPCC’s third-party request form when asked to provide confidential patient information.

Question 6

6.  Advice to the system

Accepted Answer

6.1 Advising the NHS Federated Data Platform programme

The NHS Federated Data platform (FDP) is software that will sit across existing systems, making it possible to connect them, so that staff can access the information they already hold in a single, secure place. This could be the number of beds in a hospital, the size of waiting lists for elective care services, or the availability of medical supplies. This aims to help the NHS to better coordinate, plan and deliver care.

Every hospital trust and ICB (on behalf of the ICS) will have their own separate instance of the software for which they are the data controller.

Initially, the platform will focus on using data to support five specific use cases that aim to improve how the NHS organises and delivers care; these are:

Elective recovery (managing the number of people on waiting lists)
Vaccination and immunisation
Population health management (planning NHS services)
Care coordination (joining up care)
Supply chain management

In 2023-24, the National Data Guardian urged NHS England to provide more clarity about its plans for the NHS Federated Data Platform and to do more to inform the public about them.

6.1.1 Advocating for transparency and good communications

The FDP has the potential to improve how data is used, both at local and national levels, to drive better care with more effective use of resources. If designed and delivered correctly, this new system could have a transformative impact on the NHS and help support its sustainability longer-term.

The NHS ran an independent procurement exercise to procure a federated data platform. However, throughout the procurement process, concerns about who would be awarded the contract to supply the system began to overshadow any conversations about the benefits the FDP might deliver. There was not enough information available to the public to explain how the FDP would operate or that acknowledged and responded to the questions and concerns people had been raising about the programme, particularly regarding procurement decisions. Ensuring transparency in decision making – both in terms of who is involved and how choices are made – is crucial for building and maintaining public trust.

We consistently urged the Department of Health and Social Care and NHS England to improve efforts to provide clear information and dispel myths to gain public support for the FDP – learning lessons from previous programmes that did not do this and suffered as a result. The public needed to be reassured on the safeguards and benefits. Without these reassurances, there was a risk of another upward spike in the national data opt-out rate, which would have serious consequences for health research and planning.

In August 2023, we published a blog The NHS Federated Data Platform: the importance of building bridges with the public, to acknowledge the public’s concerns and advise NHS England on how it might address them.

NHS England listened to our concerns and those of other stakeholders, and in November 2023, it responded by launching an engagement portal where the public can read information about the FDP, submit questions, and sign up to participate in public engagement around the FDP. In addition, it also provided two important clarifications:

the FDP can only be used for the five specific use cases stated. Any future expansion of how the platform is used would require engaging and consulting with patients and the public.
only authorised users will be granted access to data for approved purposes. The supplier will not control the data in the platform, nor will they be permitted to access, use or share it for their own purposes.

On November 21, NHS England announced it had awarded the contract to deliver the federated data platform and associated services to a consortium led by Palantir Technologies, including Accenture, PWC, Carnall Farrar and NECS.

To provide clarity, reassure the public about the FDP and help combat any misinformation, the NDG co-authored a joint blog titled: Making better use of NHS data: where we’re at with The Federated Data Platform (FDP), with National Voices, the Association of Medical Research Charities, and Understanding Patient Data.

In the days following the announcement, around 20,000 registered a national data opt-out – a significant number, though much lower than expected, particularly when compared to the 1.3 million opt-outs triggered by the General Practice Data for Planning and Research project in 2021. While it is hard to quantify the impact of our advice, this more measured public response likely reflects NHS England’s engagement with the advice of the NDG and other stakeholders who stressed the importance of clear communication. Prioritising transparency is always the right approach, so it is encouraging to see NHS England preparing additional FDP-specific materials, such as an animation, to further enhance public understanding.

6.1.2 Encouraging and providing external scrutiny

In recognition of the need to maintain and improve public and patient involvement in health data initiatives more broadly, in September 2023, the GP Data Patient and Public Engagement and Communications Advisory Panel formally expanded its scope beyond the GPDPR programme to become the Health Data Patient and Public Engagement and Communications Advisory Panel. The Panel covered two major additional areas:

NHS Federated Data Platform
Key Data Saves Lives strategy initiatives

An NDG panel member was a rotational chair of this group until they left the NDG Panel in April 2024, at which point a member of the office replaced them as a standing member.

Before this, the Check and Challenge Group was established in November 2023, which provides strategic advice to NHS England’s Federated Data Platform on communications, engagement, and transparency. The NDG is also a standing member of this group.

In February 2024, the NDG spoke to the programme regarding the lack of formal documentation for independent, external scrutiny to demonstrate how the FDP complies with its information governance responsibilities and relevant legal frameworks. In order to satisfy the role’s responsibilities and duty to the public, the NDG wanted to consider the information governance arrangements for the FDP programme. Specifically, the NDG was seeking:

information about the data flow into the FDP and the point in the flow where the process of rendering data anonymous or pseudonymisation is applied
clear definitions for key terms such as anonymous, pseudonymisation, and de-identification, which conform to the ICO guidance on these terms
clarification on which use cases are being classed as direct care and the legal basis for any processing of confidential patient information that is not for direct care
if and where the national data opt-out and the right to object would be applied

In response, NHSE organised a series of focused sessions on FDP information governance with the NDG and the Information Commissioners’ Office, which began in February 2024.

Through these sessions, the NDG and Office of the NDG staff have reviewed:

the overarching IG framework
the memorandum of understanding between NHSE and local user organisations
national and local DPIA templates and some product-specific DPIAs
select FDP privacy notices.

The FDP programme incorporated the great majority of feedback from NDG, ICO, FDP Check Challenge Group, and the patient and public engagement group on the related IG documents, updating their documentation accordingly. These documents provide information about the IG structure and the responsibilities of national and local data controllers and processors. Through this review process, we are content that high-quality national and local DPIA templates have been produced. We hope that individual data controllers will adhere to these templates and the frameworks for processing personal data that they set up so that high standards can be set and maintained.

6.1.3 Ongoing support for the FDP programme

The national data opt-out does not apply to the current suite of products being made available in the NHS Federated Data Platform. However, work is still required to ensure clarity about how it might apply in the future.

We are also working with the FDP IG team to ensure that the DPIA templates include a requirement to review the existing templates in the future if new uses of the FDP arise that don’t fit into the current template structures.

Given the level of scrutiny the programme is under from the media and the interested public, it must maintain a transparent approach to its communications, both with key stakeholders and the public. The NDG will continue advising NHS England on the FDP during 2024-25 via the dedicated IG sessions and the oversight groups it has established to gain independent advice: the FDP Check and Challenge Advisory Group and the external Information Governance Advisory Group.

6.2 Data Security and Protection Toolkit: adopting the Cyber Assessment Framework

The Data Security and Protection Toolkit (DSPT) is an online self-assessment tool that all organisations must use if they have access to NHS patient data and systems. It provides assurance that they are practising good data security and handling personal information correctly. Every year, organisations must use the toolkit to measure their performance against the ten data security standards that were introduced in the National Data Guardian’s Review of data security, consent, and opt-outs back in 2016.

Following the release of the health and care cyber security strategy in March 2023, NHS England announced its plan to transition away from using the NDG’s data security standards as the DSPT’s primary assessment mechanism. Instead, it would adopt the National Cyber Security Centre’s Cyber Assessment Framework (CAF). This CAF, which is widely used in other sectors, offers a systematic and comprehensive approach to assessing how well an organisation is assessing and managing cyber risks to its essential functions.

The NHSE team proposed a phased shift from the NDG standards to the CAF as the main assessment mechanism for the DSPT starting in September 2024. The CAF standards are either more robust or at least as stringent as those currently set through the DSPT, thereby maintaining and strengthening the original objectives of the NDG standards. Furthermore, the team confirmed that any NDG standards not related to cyber security would be catered for. They were to be incorporated into a supplementary information governance layer within the CAF, which will include a custom section on ‘using and sharing information appropriately’. This ensures that data protection, confidentiality, and other information governance aspects addressed by the NDG standards remain addressed in the DSPT.

The NDG supported this proposal and invited the DSPT team to discuss their plans with the NDG panel in March 2024. They explained how transitioning to an outcomes-based model would be a more meaningful approach to measuring and managing risks, with the focus shifting towards encouraging good decision-making rather than simply checking off compliance requirements. They also recognised that CAF requirements would change less frequently, allowing organisations more stability to plan better, over a longer term, to meet their responsibilities.

The panel emphasised the importance of stakeholder communication and recommended that the NDG issue a joint public statement with colleagues from NHS England and DHSC. The statement would clarify the NDG’s support for adopting the new CAF-aligned information standard and emphasise that the protections provided by the ten data security standards would not be dropped but built into this new framework.

The NDG continues to advise the programme on the guidance to support organisations transition. NHSE will continue to provide the NDG with a yearly report on the DSPT and its implementation.

6.3 Data, Security and Protection Toolkit: staff training requirements

In April 2023, the NDG met with the Joint Cyber Unit and Information Governance Policy teams to discuss the revision of the Data Security and Protection Toolkit (DSPT) training requirements for ‘Category 1’ healthcare organisations for the 2023/24 period, which includes trusts, integrated care boards, arm’s length bodies, and other major organisations.

Previously, organisations were required to train and test the knowledge of 95% of their staff using national data security awareness e-learning or a local equivalent. However, achieving this has been challenging, with 29% of NHS Trusts unable to meet this requirement in 2021/22.

During the meeting, the team discussed a proposal for an alternative approach that emphasises giving organisations the flexibility to determine appropriate training for their staff. The approach would also make the training requirement more robust and more achievable for organisations to ensure effective staff awareness and training, focusing on the outcome rather than the delivery method. The NDG found the general direction of the proposal sensible.

Currently, all staff are required to receive the same minimum training, regardless of their roles. However, it would make more sense for organisations to set minimum training requirements for different staff roles and ensure that data security and protection awareness is embedded within their organisations. Guidance will be provided to support organisations in meeting these new requirements. Training will remain mandatory for the end-of-year external audits that Category 1 organisations are required to undertake annually.

On 27 September 2023, the National Data Guardian published a joint video with the Information Commissioner, John Edwards, and the Chief Medical Officer for England, Professor Sir Chris Whitty, to encourage health and care staff to share information effectively to support an individual’s safe and appropriate care. A written statement accompanied the video.

We know that some health and care workers are concerned about sharing patient and client information across organisations or disciplines for people’s care because of worries about information governance and breaching confidentiality. However, people’s care may be adversely affected when health and care staff do not have the right information at the right time to make decisions for their patients. Given this, the video asks staff to prioritise the availability of relevant information at the point of care so that individuals can receive safe and appropriate treatment.

Whilst it is right to be diligent about confidential data, this should never come at the expense of people’s care. Guidance about information sharing is available on the NHS England Information Governance portal, alongside a brief online training module. Anyone concerned or unsure about information sharing should contact their organisation’s Caldicott Guardian or data protection officer.

6.5 Advising the Department for Work and Pensions on its Caldicott Guardian function

In October 2023, the NDG was contacted by the Department for Work and Pensions (DWP) seeking assistance in determining whether the department required a Caldicott Guardian, considering that it sometimes processes confidential patient information (CPI) as part of its functional assessments.

A Caldicott Guardian is a senior person in an organisation responsible for protecting the confidentiality of people’s health and care information and ensuring it is used properly. The obligation of confidentiality comes into force when information is collected about an individual during the provision of health and care. The obligation to keep it confidential is ongoing, meaning it stays with the confidential patient information (CPI) even if it is shared with other organisations such as the DWP.

The NDG told the DWP that although the appointment of a Caldicott Guardian is not mandated, it is strongly recommended as good practice. Doing so helps support staff members who handle CPI by ensuring that they fulfil their responsibilities in handling CPI appropriately and in accordance with the duty of confidentiality. It is important that DWP follow the Caldicott Principles when processing CPI entrusted to them, and having a Caldicott Guardian will help DWP staff to understand their responsibilities with regard to CPI.

The NDG was pleased to hear that the DWP has agreed to host a Caldicott Guardian and the data protection officer and lead clinician for DWP are currently working through the governance for this.

Anyone asking similar questions about their own organisations may wish to consult the National Data Guardian’s formal guidance regarding the appointment of Caldicott Guardians and their associated roles and responsibilities for further information.

6.6 Improving GP guidance on data retention and deletion

A concerned member of the public contacted us regarding the potential for misinterpretation in the current guidance for GPs on data retention and deletion. They were worried that the guidance, as written, could lead to GPs keeping people’s information for longer than necessary.

After investigating, we agreed that the guidance needed to be revised to eliminate ambiguity or the potential for misinterpretation. To address this, we contacted NHS England’s IG Policy team, who reviewed the guidance and confirmed that more specific wording in the Records Management Code of Practice concerning ‘GP patient records: living patients’ was necessary. This change has now been implemented.

6.7 Advising GP Connect

The Technical Requirements Specification for Digital Interoperability Platform – Direct Care API Service allow GP Connect to be used for the purposes of direct care and medical examiners for the statutory purposes of reviewing deaths.

The specification cites the 2013 Information Governance Review definition of direct care, which sets out that it is:

A clinical, social or public health activity concerned with the prevention, investigation and treatment of illness and the alleviation of suffering of individuals. It includes supporting individuals’ ability to function and improve their participation in life and society. It includes the assurance of safe and high-quality care and treatment through local audit, the management of untoward or adverse incidents, person satisfaction including measurement of outcomes undertaken by one or more registered and regulated health or social care professionals and their team with whom the individual has a legitimate relationship for their care.

This definition was established by and continues to be owned by the NDG. As such, the NDG maintains a close relationship with the GP Connect programme, which routinely consults the NDG when asked to consider new uses for GP Connect. Over the past year, the programme contacted the NDG for input on multiple proposed uses, seeking to determine if these uses could be considered direct care. The specific cases and the NDG’s opinions are outlined below.

6.7.1 Patient-facing services enabled through GP Connect to allow patients to access their GP records and other services on the NHS App

The NDG continually advocates for patients to have access to their health and care records. In 2013, the Information Governance Review stated:

The aim for records access should be that people will be able freely to access their electronic records, such as electronic hospital records, community records and personal confidential data held by all organisations in health and social care’. The NDG continues to advocate for this position.

Patients routinely receive information about their care. They expect to receive information to help them understand and make choices about their care, as well as manage their conditions. Giving people access to their health and care records empowers them to participate in decisions about their own care. As such, the NDG believes that patients’ being able to view their records or information about themselves does fall within the definition of direct care, and that facilitating patient-facing services through GP Connect is direct care.

6.7.2 Use of GP Connect by private healthcare providers

When an individual seeks care from a private healthcare professional for the prevention, investigation, and treatment of illness, as well as the alleviation of suffering, this is described as ‘direct care’. In this context, healthcare professionals can lawfully view and share confidential patient information with other professionals for the purpose of that patient’s care using the legal basis of ‘implied consent for direct care’.

Implied consent is based on the principle that it is reasonable to expect patients will understand and accept that their information will be shared to facilitate their care. Therefore, healthcare professionals providing NHS care do not need to ask patients for consent before viewing their records or sharing their information with others for the purpose of facilitating their care and treatment. However, a different approach may be necessary when viewing and sharing patient information collected by private medical services.

In private practice, it is common to ask for the patient’s explicit permission to view or share their information. For example, patients may be requested to access their NHS medical records and bring them along when being seen by a private practitioner. However, enabling private clinicians to use GP Connect to access and share patient information would eliminate the need for patients to provide their own documents.

Distinctions in how patient information is viewed and shared for care in NHS versus privately provided services will impact patient expectations regarding privacy and consent.

Thus, while the NDG advised that GP Connect could be used to share and access information by private medical providers caring for a patient, it was recommended that if private providers use GP Connect, they should continue to obtain explicit consent from patients before accessing their NHS records or sharing new medical information about them with the NHS. This approach aligns with current practice and respects the expected separation between private and NHS care.

6.7.3 Use of GP Connect by the Ministry of Defence for pre-employment checks

GP Connect informed us that the Ministry of Defence (MOD) had requested access to GP Connect to obtain information from individual candidates’ GP records, with their explicit consent, to make timely pre-employment decisions about their fitness to serve. However, GP Connect is only intended for direct care purposes, and the National Data Guardian (NDG) advised that making pre-employment decisions about an individual’s fitness to serve does not fall under direct care. Therefore, as this purpose is incompatible with the intended use of GP Connect, the NDG did not support it.

6.7.4 Adding a patient-facing function to GP Connect to enable people to see who has accessed their health records

In July 2023, the GP Connect team attended the NDG’s panel meeting to run an exploratory session on the desirability of adding a patient-facing function to GP Connect that would allow individuals to track who has accessed their health records. The panel members discussed the advantages and disadvantages of adding this function to GP Connect.

Although the panel generally supported the idea, it acknowledged that its implementation would be complex. The panel agreed that public engagement would be essential before introducing this functionality to ascertain whether (and how) patients wanted access to this information. They suggested conducting a pilot project involving patients, members of the public, and professional groups before proceeding with any plans to incorporate such a feature.

Following subsequent discussions with the GP Connect team, it has been clarified that enacting this functionality would be both technically and legally complex for NHSE.

The NDG looks forward to ascertaining whether this functionality might be possible in the government’s plans for a single care record.

6.8 Bad actors: healthcare staff misusing their positions to access people’s medical records

All clinical staff are bound by contractual, legal, and professional obligations to uphold patient confidentiality. Most have the utmost respect for this duty, which is why it is so shocking when intentional breaches by staff, especially those motivated by bad intent, occur. In May 2023, a member of the public contacted us concerned about a breach of their confidentiality for malicious purposes by a clinician.

It is important to ensure that patients can trust health and care professionals with the confidential information gathered about them during their treatment. This trust can only be maintained if health and care organisations, professional regulators, the ICO, and potentially the police respond seriously and comprehensively to breaches of confidentiality by staff.

Discussions about this breach have raised a wider point that we feel is worth mentioning. Often, people question the integrity or safety of a specific IT system if a healthcare worker uses it to look at people’s confidential records for personal or malicious reasons. However, based on our observations, incidences of inappropriate access are less a result of IT systems’ failures and more down to human failings. While bad actors can and do significantly undermine public trust, misattributing these issues to system flaws rather than individual misconduct is misleading and counterproductive.

Digital healthcare systems provide immeasurable benefits to thousands of patients and healthcare professionals daily and are integral to delivering care. Primary care systems like GP Connect and Summary Care Record with Additional Information have become core tools for clinicians to support their patients’ care in emergency and urgent care scenarios. It is essential not to overlook this when anticipating the possible actions of a very minimal number of potential bad actors. Rather, the public need to be assured that deterrents and sanctions against improper use are meaningful and effective to deter such abuses occurring.

The Department of Health and Social Care’s (DHSC) data strategy, Data Saves Lives, includes a commitment to create a data pact, explaining its purpose as:

…to set out clearly, in simple terms and in one place, how the NHS and social care uses health and care data and what the public has the right to expect. It aims to provide clarity and certainty about what does – and does not – happen to health and care data and give the public confidence that the health and care system is a trustworthy custodian of data.

In 2022, DHSC provided us with an early initial draft of what a pact might look like. However, we felt that development of the pact should be a longer-term endeavour to ensure that it contained credible statements about data based on a good understanding of what the public would want to see in such an agreement. We advised that more deliberative public involvement and an extended delivery deadline were necessary.

Following this, DHSC contracted the Patients’ Association to conduct three focus groups to help explore questions that would be useful to develop a fuller draft of the pact. The outputs from this engagement were used to help DHSC produce an improved version of the document that could be taken out for more comprehensive public consultation as part of NHS England’s large-scale public engagement programme. We appreciated the inclusion of the pact as one of the topics for discussion this summer, as it is a product that must be informed by and reflect people’s views. The pact was shared with the office of the NDG before DHSC engaged the public through large-scale public engagement work, and we provided feedback.

We continued to voice our concerns about the timing of this piece of work. This continues to be a considerable period of change for health and care data policy, and we believe it would be better to wait until all policy positions are clear and there is greater stability and certainty. This would ensure that the pact’s contents are based on stable policy and known factors. The NHS also needs to be confident that it is already meeting the commitments it is making to the public in this pact and that it can continue to honour them in the future, given that decisions about major projects and policies could impact what is, or should be, in the pact.

In addition, NHS England had been consulting the public as part of its 10-year review of the NHS Constitution. This public-facing document outlines the principles, values, rights and pledges underpinning the NHS as a comprehensive health service. It empowers patients, staff and the public to know and exercise their rights. As this document is similar in spirit and intent to the data pact and covers data and information rights, we asked DHSC to consider the overlap between the two and whether this could confuse the public.

The NDG looks forward to hearing further public feedback on the data pact, specifically to gauge its usefulness and value as a public-facing product.

6.10 Supporting the acceleration of citizens’ access to their GP records in the NHS App

The NDG supports provision of digital access to health records for patients. By enabling easier access to personal health information, patients are empowered to take a more active role in managing their health and making informed healthcare decisions. This approach encourages a healthy, collaborative partnership between patients and healthcare providers. In October 2023, the Office of the National Data Guardian met with the NHS England programme team responsible for managing the necessary arrangements to bring this ambition to life.

They provided updates on the implementation of prospective access to GP health records and presented the programme’s proposed communications plan for the remaining implementation. They explained that more than 24 million patients with online accounts had been granted prospective access to their medical records via app, with implementation having been completed by over 80% of GP practices (5234 practices). It was reassuring to hear that feedback had been positive, with no significant concerns raised by patients or staff and no reports of significant increases in workload. They did, however, recognise the importance of appropriate communications from the NHS to patients before test results are shared.

The ICO published a response on 17 January 2024 to GP practices that had submitted Data Protection Impact Assessments (DPIAs) to enable online prospective record access for their patients. The ICO confirmed that the intended processing does not infringe on data protection legislation, and letters were sent to GP practices to advise them of this decision.

The central NHS England support programme responsible for implementing these improvements formally closed 31 March 2024. This means from 1 April 2024, Integrated Care Boards (ICBs), who have delegated responsibility for managing GP services locally, have been supporting implementation. At the time of drafting this report (September 2024), 97% of GP practices (6033 practices) have now enabled prospective records access. ICBs will continue to focus support on the small number of remaining practices still to complete implementation.

6.11 Advising NHS England’s Advisory Group for Data

Following the transfer of the functions of NHS Digital to NHS England on 1 February 2023, NHS England established the Advisory Group for Data (AGD), which includes independent members who can individually and collectively provide NHS England with expert advice and assurance on internal and external access to data. This group replaces the previous NHS Digital Group Advising on the Release of Data (IGARD). Previous independent members of IGARD were appointed on a transitional basis following the merger of NHSD and NHSE on 1 February 2023 to form an interim group until the Terms of Reference (ToR) for AGD were put in place.

In 2022 and 2023, the ONDG participated in meetings with a working group led by NHS England that was tasked with drafting the terms of reference for the new Advisory Group for Data (AGD). A draft was created by the working group, which was further amended after the publication of the Department of Health and Social Care’s statutory guidance on how NHS England should exercise the statutory functions transferred to it from NHS Digital in May 2023. This statutory guidance, ‘NHS England’s protection of patient data’, set out that NHS England should consult with the National Data Guardian on the terms of reference.

After these changes, in June 2023, the NDG sent a letter to NHS England with suggestions for improvement. The intention was to ensure that the ToR appropriately reflected NHSE’s commitment to independent scrutiny and transparency of both process and decision-making. These elements are important for providing reassurance to the public about NHSE’s ability to manage access to their health and care data safely and appropriately.

NHS England has a specific duty to include in its annual report an assessment of how effectively it has discharged the functions that moved to it from NHS Digital through the merger. The assessment should, above all, provide an assessment of the organisation’s ability to protect confidential data and provide evidence to support that assessment. NHS England is required to seek independent advice to inform this report and consult with the National Data Guardian for their views. NHSE has sought the NDG’s views on its assessment, which will be reported on in the next annual report and accounts.

6.12 Supporting NHS England’s Outcomes and Registries programme

The NHS Outcomes and Registries Programme is a patient-centred, clinically led programme that aims to improve patient safety and outcomes by collecting, linking, and analysing data more effectively. In September 2023, the programme contacted the National Data Guardian for thoughts and advice on its work.

Outcome registries are data systems that collect data about the outcomes of people affected by a specific disease, condition, or exposure at a population level. These registries play a crucial role in improving patient safety and the quality of care. For instance, they contain information about individuals fitted with a specific medical implant, allowing them to be contacted if the implant is found to be faulty or underperforming. Additionally, the registries aid in better clinical decision-making by providing healthcare teams with data on how treatments and interventions are working for others, enabling them to make more informed decisions for their own patients.

The ONDG met with the programme team in October 2023 and subsequently asked them to attend an NDG Panel meeting. In November 2023, the Outcomes and Registries Programme presented to panel about its work, explaining that:

England is now the first country in the world to have established a national approach to Outcome Registry data collection in regulations, policy and practice that covers both the publicly (NHS) and privately funded healthcare sectors
the data collections are mandated by a Secretary of State Direction to deliver key recommendations made by Baroness Julia Cumberlege in her Independent Medicines and Medical Devices Safety Review and the Paterson Inquiry, as well as to develop a unified, strategic approach to the implementation of NHS Outcome Registries
the data will be used to support direct care, clinical practice, innovation, and research

The NDG and panel commended the programme’s ambition and appreciated the team’s explanation of how the approach can work in practice. They were reassured to hear that the programme team is thinking about the complexities of ensuring any future uses of the data align with what patients may have been told in the past about the registries. For instance, where specific uses were outlined when a patient consented for their data to be included in a registry. The NDG also commended its significant work involving the public and patients in considerations about personalised care and shared decision-making, as well as including patients in other practical areas of the programme’s development.

Question 7

7.  Supporting the system through board and panel membership

Accepted Answer

The NDG provides much of its advice and guidance through regular meetings and participation in different boards, panels, and groups. In the year 2023-24, the NDG or delegated representatives attended the following:

Question 8

8.  Financial statement

Accepted Answer

The National Data Guardian (NDG) is a non-incorporated office holder who does not employ staff, hold a budget, or produce accounts. The Department of Health and Social Care (DHSC) holds the budget and reports expenditure through the DHSC Annual Report and Accounts.

The budget meets the costs of:

The Office of the NDG, hosted by NHS England
the work of the NDG and the advisory panel
the work of the associated UK Caldicott Guardian Council
events, public engagement, and legal advice
the remuneration of the NDG

Except for the NDG’s remuneration (the NDG is paid as a public appointee), the NDG has the flexibility to determine the allocation of the available budget according to in-year priorities.

For 2023-24, the budget was £800,000.

NHS England provided £104,007.47 in additional funding to cover the cost of the NDG’s “Testing Reasonable Expectations” public engagement project for 2023-24.

Question 9

9.  NDG panel members

Accepted Answer

The following panel members supported the NDG during 2023-2024:

Dr Joanne Bailey
Dr Natalie Banner (joined 2023)
Sam Bergin Goncalves
John Carvel
Professor Ian Craddock
Dr Arjun Dhillon (UK Caldicott Guardian Council Chair)
Dr Edward Dove
Dame Moira Gibb
Dr Fiona Head
Mr Adrian Marchbank
Maisie McKenzie
Eileen Phillips
Rob Shaw
Jenny Westaway
Professor James Wilson

Read NDG panel member biographies.

Cookies on GOV.UK

Applies to England

1. Introduction by Dr Nicola Byrne

Getting the basics right: improving the availability of information for direct care

NHS England managing GP data for consented cohort research studies

NHS Federated Data Platform

Large-scale public engagement on health and care data

Mitigating threats to our data-driven ambitions

2. About this report

3. What the NDG does and how

3.1 Vision

3.2 Mission

3.3 Strategic objectives and work priorities for 2023-24

3.3.1 Improving health and care staff and patient access to healthcare information

3.3.2 Encouraging the ethical and legal use of data for public benefit through research, planning and innovation, in line with people’s expectations

3.3.3 Supporting health and care organisations to uphold the Caldicott Principles and make well-informed decisions about data

4. Public attitudes research: testing whether ‘reasonable expectations’ can be created around secondary uses of health data

5. Supporting the development of data policy and guidance

5.1 Supporting conversations about data: NHS England’s public engagement programme

5.2 Application of the national data opt-out

National patient experience surveys

5.3 Supporting opt-out reform

5.3.1 Feeding into government plans for opt-out reform

5.3.2 Engaging the public about opt-out reform

5.4 Reforming the Health Service (Control of Patient Information) Regulations 2002

5.5 Supporting the establishment of Secure Data Environments

5.6 Continuation of the OpenSAFELY Service as a COVID-19 Public Health Information System

5.7 The use of GP data for secondary purposes

5.7.1 General practice data and OpenSAFELY

5.7.2 General Practice Data for Planning and Research programme and NHS England’s evolving plans for GP data

5.8 Contributing to ICO guidance ‘Transparency in health and social care’

5.9 Supporting BMA guidance ‘Confidentiality and crimes related to abortion’

5.10 Supporting privacy on period and fertility apps

5.11 Developing better IG guidance: Health and Care IG Panel working group

5.12 Home Office consultation on the mandatory reporting of child sexual abuse

5.13 National Fraud Initiative consultation

5.14 Unifying Health Data in the UK: the Sudlow review of health data flows

5.15 Prehospital emergency medicine feedback: reflective practice as integral to safe care

5.16 Supporting the NHS number as a consistent unique child identifier

5.17 Supporting public engagement to inform policy on AI data stewardship

5.18 Supporting better AI regulation in health and care

5.19 Supporting the NHS Continuing Healthcare team

5.20 Helping the police respect patient confidentiality when requesting third-party information

6. Advice to the system

6.1 Advising the NHS Federated Data Platform programme

6.1.1 Advocating for transparency and good communications

6.1.2 Encouraging and providing external scrutiny

6.1.3 Ongoing support for the FDP programme

6.2 Data Security and Protection Toolkit: adopting the Cyber Assessment Framework

6.3 Data, Security and Protection Toolkit: staff training requirements

6.4 Encouraging data sharing for direct care: a video with the ICO and CMO for frontline staff

6.5 Advising the Department for Work and Pensions on its Caldicott Guardian function

6.6 Improving GP guidance on data retention and deletion

6.7 Advising GP Connect

6.7.1 Patient-facing services enabled through GP Connect to allow patients to access their GP records and other services on the NHS App

6.7.2 Use of GP Connect by private healthcare providers

6.7.3 Use of GP Connect by the Ministry of Defence for pre-employment checks

6.7.4 Adding a patient-facing function to GP Connect to enable people to see who has accessed their health records

6.8 Bad actors: healthcare staff misusing their positions to access people’s medical records

6.9 Department of Health and Social Care data pact

6.10 Supporting the acceleration of citizens’ access to their GP records in the NHS App

6.11 Advising NHS England’s Advisory Group for Data

6.12 Supporting NHS England’s Outcomes and Registries programme

7. Supporting the system through board and panel membership

8. Financial statement

9. NDG panel members

Is this page useful?

Help us improve GOV.UK

Help us improve GOV.UK