NHSX is now part of the NHS Transformation Directorate

Moving our content to its new home will take time. All information on this site remains valid and will continue to be maintained until further notice.

Information governance guidance

New elearning - Information sharing For frontline and admin health and care staff, this module is designed to empower staff to share information for individual care

Take the 'information sharing' module

Available now - our free elearning provides practical tips and real life scenarios to enhance your understanding of the principles for sharing information securely for individual care, research and planning.
View all Integrated care Sharing with other sectors Communications tools Consent Individual rights Sharing preferences COVID-19 Sharing with colleagues Research Enabling remote working Template Confidentiality Personal health records Comms with patients or service users Social care Common law UK GDPR and data protection

Joining up and supporting care

Panel Guidance

Information Governance Framework: Shared Care Records

The Information Governance Framework for Integrated Health and Care: Part 1 - Shared Care Records has been developed to provide a structured approach to ensure Shared Care Records meet their legal obligations.

Integrated care Sharing with other sectors Sharing with colleagues Personal health records Social care
External Guidance

Using cyber technology: top tips for pharmacy teams

This factsheet provides pharmacy teams with top tips on the communication tools to use to support the care of patients and service users, particularly during the pandemic.

Comms with patients or service users Communications tools
Panel Guidance

Use and share information with confidence

This guidance will support you to use and share information with confidence when caring for patients and service users.

Sharing preferences Sharing with colleagues Confidentiality Social care Common law UK GDPR and data protection
Panel Guidance

Using video conferencing and consultation tools

This guidance sets out how video conferencing and consultation tools can be used safely and securely.

Communications tools COVID-19 Enabling remote working Comms with patients or service users
Panel Guidance

Information sharing in Multidisciplinary Teams (MDTs)

A MDT is a group of health and care staff from different organisations and professions that together make decisions regarding the treatment of individual patients and service users. There are some IG considerations when working as part of an MDT.

Integrated care Sharing preferences Sharing with colleagues Template Social care
Panel Guidance

Sharing information with the voluntary sector

This guidance provides information to health and care organisations on how information about patients and service users can be shared safely with the voluntary sector

Integrated care Sharing with other sectors Consent Sharing preferences Social care Common law
Panel Guidance

Use of mobile devices by patients in hospitals

This guidance provides advice for patients using mobile devices such as phones, tablets and cameras in acute hospitals.

Communications tools Individual rights COVID-19 Comms with patients or service users
Panel Guidance

Video conferencing with colleagues

This advice sets out the IG considerations when staff are using video conferencing tools to communicate with other members of staff during the COVID-19 pandemic.

Communications tools COVID-19 Sharing with colleagues Enabling remote working
Panel Guidance

COVID-19 information for volunteers

This guidance provides information governance (IG) advice to support organisations who are working with volunteers during the COVID-19 period. It also provides some advice which can be provided to the volunteers.

Communications tools Individual rights COVID-19 Enabling remote working Confidentiality Comms with patients or service users
Panel Guidance

COVID-19 IG advice

This guidance provides advice on working in different ways during the COVID-19 outbreak.

Communications tools COVID-19 Sharing with colleagues Enabling remote working Comms with patients or service users UK GDPR and data protection
Template

Template: COVID-19 privacy notice

An example supplementary privacy notice which can be used by organisations to inform patients and service users about the ways information is being used as a result of COVID-19

Template UK GDPR and data protection Comms with patients or service users COVID-19
Panel Guidance

COVID-19 IG advice for social care

This guidance provides advice for the social care sector on working in different ways during the COVID-19 outbreak.

Sharing with other sectors Communications tools COVID-19 Sharing with colleagues Enabling remote working Comms with patients or service users Social care
Panel Guidance

Virtual wards

Virtual wards support people, who would otherwise be in hospital, to receive the care and treatment they need in their own home or usual place of residence. Virtual wards are suitable for a range of conditions that can be safely and effectively monitored at home including respiratory conditions, heart failure and COVID-19.

Integrated care Sharing with other sectors COVID-19 Enabling remote working Template Confidentiality Comms with patients or service users UK GDPR and data protection

Managing information

Panel Guidance

Records management guidance for the transition of CCGs to ICBs

Guidance for CCGs on records management as they transition to ICBs

Integrated care Personal health records Social care
Panel Guidance

Personal data breaches

This guidance will help health and care organisations deal with personal data breaches, for example, losing personal information. It provides advice on what a personal data breach is and the steps that need to be taken if a breach occurs.

Individual rights Template Confidentiality Personal health records Comms with patients or service users Social care UK GDPR and data protection
Panel Guidance

Records Management Code of Practice

The Records Management Code of Practice 2021 sets out how records relating to health and care should be managed.

Integrated care Individual rights Personal health records Social care
Panel Guidance

Sharing information with the police

This guidance is about disclosure of information by health and care organisations to the police.

Sharing with other sectors Communications tools Individual rights Confidentiality Social care Common law UK GDPR and data protection
Panel Guidance

What is and isn’t direct marketing?

The ICO has produced wider guidance on direct marketing for the public sector. This guidance, produced by the panel, specifically considers the rules on direct marketing in the context of health and care communications.

Communications tools Individual rights Sharing preferences Research Comms with patients or service users UK GDPR and data protection
Panel Guidance

Understanding Health Data Access (UHDA)

A suite of short films and resources explaining the rules that govern how health and social care data is shared beyond the treatment of individuals.

Sharing with other sectors Research Confidentiality
Panel Guidance

Flu vaccines and the COVID-19 response

This guidance describes how data is being used to help ensure that those who are entitled to a flu vaccine receive one. This is very important during the pandemic. This guidance covers data relating to both health and care staff and patients.

Individual rights COVID-19 Confidentiality Personal health records Common law UK GDPR and data protection
Panel Guidance

Digital staff passport

A summary of the information governance steps which need to be taken to set up Digital Staff Passports

COVID-19 Sharing with colleagues Confidentiality
Template

Data sharing agreement template

A data sharing agreement template and accompanying guide which can be used by local organisations.

Template Social care Integrated care Sharing with other sectors UK GDPR and data protection Consent Individual rights Confidentiality
Panel Guidance

Bring your own device (BYOD) guidance

BYOD is a service offered by organisations to their employees to enable them to use their own devices for work, such as mobile phones, laptops and tablets. This guidance focuses on the IG considerations.

Communications tools Enabling remote working UK GDPR and data protection
Panel Guidance

Using mobile messaging

This guidance will support the safe and secure use of mobile messaging software in health and care settings.

Communications tools Confidentiality Social care
Panel Guidance

Subject Access Requests

This guidance will help you understand what a Subject Access Request is and how they are responded to.

Individual rights Confidentiality Comms with patients or service users UK GDPR and data protection
Panel Guidance

Consent and confidential patient information

This guidance is about consent and what it means when sharing Confidential Patient Information.

Integrated care Sharing with other sectors Consent Individual rights Sharing with colleagues Comms with patients or service users Common law UK GDPR and data protection
Panel Guidance

Email and text message communications

This guidance is about how you can safely use email and text messages to communicate with patients and service users.

Communications tools Individual rights Sharing preferences Confidentiality Comms with patients or service users
Template

Template for email and text message communications

This is a template policy which can be adapted for when using text and emails to communicate with patients/service users.

Communications tools Sharing preferences Comms with patients or service users Template
Panel Guidance

Access to NHS staff COVID-19 test results

This guidance provides advice on employers accessing the COVID-19 test results of NHS staff.

Individual rights COVID-19 Sharing with colleagues Confidentiality Personal health records
Panel Guidance

Access to care home staff COVID-19 test results

This guidance is to assist care home managers when dealing with information relating to staff testing for COVID-19.

Individual rights COVID-19 Sharing with colleagues Confidentiality Personal health records Social care
External Guidance

Caldicott principles

Eight principles to ensure people's information is kept confidential and used appropriately.

Personal health records Confidentiality Sharing with colleagues Individual rights
Panel Guidance

Amending patient and service user records

This guidance provides advice on patients and service users requesting changes to their health and care records. It also covers how staff should amend records.

Integrated care Individual rights Personal health records Social care Common law

Research

External Guidance

UK GDPR guidance for researchers and study coordinators

This operational guidance has been produced by the Health Research Authority for researchers and study coordinators on the implications of the UK GDPR for the delivery of research in the UK.

UK GDPR and data protection
External Guidance

Guidance for CAG Applicants

Detailed guidance from the Health Research Authority on submitting an application to Confidentiality Advisory Group (CAG) for both research and non-research purposes.

Consent Research
External Guidance

Information governance in local quality improvement

This guide by Healthcare Quality Improvement Partnership (HQIP), describes how information governance (IG) laws and principles apply to the use of personal data in multi-agency healthcare quality improvement studies.

Research UK GDPR and data protection