How NHS and care data is protected

There are strict rules around how data can, and cannot be used to protect privacy, security and confidentiality.

NHS and care organisations are committed to keeping patient information safe. They do not sell data. Data is never shared for insurance or marketing purposes.

Only organisations which who have a legal basis and legitimate need to use data for health, care or planning purposes are given access to it.

People can choose whether their confidential patient information is used for research and planning through the national data opt out.

Safeguards in place to protect patient data

The public can be reassured that their data is used lawfully, with respect, held securely and that the right safeguards will be in place. These protections reflect the strict parameters for the use of data and security standards set out by the National Data Guardian for Health and Care.

There are several safeguards in place, encompassing legislation, security standards and toolkits, independent advisory bodies and a national data opt-out. These ensure that data is used across the health and social care system in a safe, secure and legal way.

These protections have been strengthened by the implementation of the General Data Protection Regulation. This regulation, amongst other things, requires all organisations in the health and social care system to be clear and transparent to individuals about how their data is used and by whom.

Who can access health and care data and for what purposes

Any organisation that wants access to data must have a clear legal basis to do so for health and care purposes (never for insurance or marketing). Only the minimum amount of data needed to meet the specific purpose will be made available.

When providing external partners (for example researchers and industry) access to data through data partnerships that benefit patients and the NHS, all NHS organisations (and other health data controllers), must meet high standards around transparency and accountability. These are clearly set out in our five principles governing data-sharing arrangements entered into by NHS organisations, published in July 2019. These principles are also in line with the Data Ethics Framework.

In particular:

  • any use of anonymous NHS data not in the public domain must have an explicit aim to improve the health, welfare or care of patients in the NHS, or how the NHS operates - where possible, the terms of any arrangements should include quantifiable and explicit benefits for patients which will be realised as part of the arrangement
  • NHS data is an important resource the boards of NHS organisations should consider themselves ultimately responsible for ensuring that any arrangements entered into by their organisation are fair - this includes recognising and safeguarding the value of the data that is shared and the resources which are generated as a result of the arrangement

How to decide how your data will be used beyond individual care, by whom and for what purpose

There are two separate opt outs for patients available:

  1. A Type 1 Opt-out. Where exercised, this means identifiable patient data will not be shared by GP Practices with NHS Digital (or anyone else) for purposes beyond the patient’s own care
  2. The national data opt-out, which was introduced in 2018 with a full public communications campaign involving NHS Digital, NHS England, the National Data Guardian and the Information Commissioner’s Office. When exercised, this means that identifiable patient data will not be shared by NHS Digital for purposes beyond a patient’s own care, subject to certain exceptions set out in national policy.

There are some exceptions for disclosure. The national data opt-out does not apply to disclosure of confidential patient information if it is being used to protect public health for example to prevent the spread of communicable diseases. Find out more about the national data opt-out.