Many members of the public have contacted the Office of the National Data Guardian (NDG) through the Not With My NHS Data campaign to raise their concerns about external contractors having access to identifiable patient information in the NHS Federated Data Platform (NHS FDP) and its associated National Data Integration Tenant (NDIT).
Public trust is essential to the use of health and care data, and it is right that people ask questions about how their information is used. Whilst we welcome this engagement, we are not able to engage with each enquiry individually due to the volume of correspondence received. We hope, however, that this statement provides a clear response to the main concerns we understand people are raising.
The National Data Guardian’s role
To explain our role, the National Data Guardian is an independent statutory office holder, established to provide advice and challenge to the health and care system in England on how health and adult social care data is used. We want to ensure that all data use is safe and appropriate, so that health and care professionals and the public can trust how data is being handled and used. We are not a regulator and do not have investigatory or enforcement powers.
You can find more about what we do on our website.
Our involvement with the NHS FDP programme
Since the early stages of the NHS FDP programme, we have provided ongoing advice to the Department of Health and Social Care (DHSC) and NHS England (NHSE).
Ahead of the platform’s procurement, the NDG, Dr Nicola Byrne, wrote a blog clearly setting out the key considerations she regards as fundamental to securing public trust.
Our subsequent involvement has primarily been through participation in three independent advisory groups, where our advice is always underpinned by the Caldicott Principles, including the need to ensure data access is on a strict need-to-know basis, and that patients must be kept appropriately informed about how their data is used.
The minutes of these meetings are published by NHSE here
It has been our experience that points of concern or challenge that we have raised with the programme have been taken seriously, and we have found a clear commitment amongst individuals within NHS England to using data responsibly, with the aim of both improving patient care and strengthening the sustainability of the NHS.
Concerns about external contractors having access to identifiable patient information
In providing advice on the programme’s information governance, we, alongside the Information Commissioner’s Office, reviewed the programme’s Data Protection Impact Assessment (DPIA). A DPIA sets out how data will be used, who can access it, and the safeguards in place to protect it. It is also used to identify and assess privacy risks and ensure appropriate controls are in place, particularly where sensitive data is involved.
The DPIA we reviewed stated that access to identifiable patient information would be limited to NHS staff with a legitimate need. However, since then, recent media reporting, and subsequent confirmation from the programme team, indicate that some external contractor staff also have access to identifiable patient information within the National Data Integration Tenant (NDIT) environment. We were not aware of this. We have therefore written to the programme to seek clarification on this inconsistency.
We need to be confident that the positions presented to us are accurate, consistent, and clearly reflected in public-facing transparency materials. We have also emphasised the need for timely engagement with the NDG whenever significant programme decisions change in ways that may affect public trust, as in this case.
Consent, Opt-out and the NHS Federated Data Platform Programme
In the context of this issue, we have also received questions about patient consent and opting out of the NHS FDP. We hope the following helps clarify the current position.
In the NHS, there are different ways patient information is used, and not all of them involve asking for explicit consent each time. For example, if your GP refers you to a hospital, you would not expect the clinician reviewing your case to ask your permission before looking at your medical record. Your agreement is understood as part of seeking care. In the same way, information is often used across the NHS to ensure services for patients are run safely and effectively. The NHS FDP aims to support the running of services by bringing together the information NHS staff need. Information on its specific uses is available here.
Whilst a national data opt-out exists, it does not apply to all types of data use; it only applies to data used for secondary purposes, such as research and planning. This means people cannot use it to opt out of data being used to support their own care. As the NHS FDP is currently used solely to support care delivery, the national data opt-out does not apply to data within the programme at this time.
Next steps
- We will await assurance from NHS England that the inconsistency identified has been clearly explained and that any necessary changes to transparency documentation and public communications have been made
- We will continue to scrutinise, advise and challenge the NHS FDP programme through the relevant independent advisory groups
- We will update this page once NHS England has responded to our request for further information
We are grateful to everyone who has written to us. Addressing these concerns is essential, as public and professional trust is fundamental to delivering the ambition of better joined-up data to improve care and deliver value for the NHS.