National Data Guardian for Health and Social Care

Last updated

The National Data Guardian for Health and Social Care is an independent, non-regulatory, advice giving body in England sponsored by the Department of Health and Social Care. Dame Fiona Caldicott had held the position on a non-statutory basis since its inception in November 2014. [1] She was appointed the first statutory National Data Guardian in March 2019 [2] following the introduction of the Health and Social Care (National Data Guardian) Act 2018, and remained in post until her death in February 2021. [3] Dr Nicola Byrne was appointed to the role in March 2021 by the Secretary of State for Health and Social Care. [4]

Contents

National Data Guardian for Health and Social Care NationalDataGuardian.png
National Data Guardian for Health and Social Care

Role

The National Data Guardian provides guidance to the UK Government and the health and adult social care system on data confidentiality, security and patient data choice. Its role is to advise and challenge the health and social care system to help ensure that citizens’ confidential information is safeguarded securely and used properly to support direct care and achieve better outcomes from health and care services.

As a non-regulatory body, the National Data Guardian does not issue or enforce sanctions; it works with existing regulators such as the Information Commissioner’s Office and the Care Quality Commission where this is required.

Health and Social Care (National Data Guardian) Act 2018

A Private Members' Bill to place the National Data Guardian role on a statutory footing was introduced to Parliament in 2017. The Health and Social Care (National Data Guardian) Bill 2017-19 was sponsored by Member of Parliament Peter Bone.

A consultation on the roles and functions of the National Data Guardian [5] was held in 2015 in preparation for the Bill's drafting.

The Bill received Royal Assent on 20 December 2018 and is now an Act of Parliament. [6] The Health and Social Care (National Data Guardian) Act 2018 gives the National Data Guardian role formal, advice-giving powers on matters related to the processing of health and adult social care data in England. [7]

Formal reviews

In September 2015, the Secretary of State for Health Jeremy Hunt asked the National Data Guardian and the Care Quality Commission conduct a formal review into data security and use, delivering as its outcomes: recommendations for new data security standards for health and care; a method for testing compliance against the standards; and a new consent or opt-out model for data sharing in relation to patient confidential data.

The National Data Guardian's [8] Review of Data Security, Consent and Opt-outs was published in July 2016. It made 20 recommendations, including the introduction of 10 national data security standards for health and care and a new tool for measuring performance against them.

The Care Quality Commission published its report Safe Data Safe Care in tandem. [9]

The Government's 2017 response, 'Your Data: Better Security, Better Choice, Better Care, [10] accepted the recommendations and reported on plans to deliver against them, including the development of a new national data opt-out system for patients, which was launched by NHS Digital in May 2018. [11] [12]

The review also led to the closure of the care.data programme by NHS England [13]

Prior reviews by Dame Fiona Caldicott

The Review of Data Security, Consent and Opt-outs was the first formal report delivered by Dame Fiona Caldicott in her role as National Data Guardian. It is referred to as Caldicott 3, as it is her third formal report to Government on the protection and use of patient information. The first, her Report on the Review of Patient-identifiable Information is known as the Caldicott Report and was published in 1997. The second report [14] known as Caldicott 2 was published in 2013.

Related Research Articles

<span class="mw-page-title-main">Department of Health and Social Care</span> Ministerial department of the UK Government

The Department of Health and Social Care (DHSC) is a ministerial department of the Government of the United Kingdom. It is responsible for government policy on health and adult social care matters in England, along with a few elements of the same matters which are not otherwise devolved to the Scottish Government, Welsh Government or Northern Ireland Executive. It oversees the English National Health Service (NHS). The department is led by the Secretary of State for Health and Social Care with three ministers of state and three parliamentary under-secretaries of state.

Medical privacy, or health privacy, is the practice of maintaining the security and confidentiality of patient records. It involves both the conversational discretion of health care providers and the security of medical records. The terms can also refer to the physical privacy of patients from other patients and providers while in a medical facility, and to modesty in medical settings. Modern concerns include the degree of disclosure to insurance companies, employers, and other third parties. The advent of electronic medical records (EMR) and patient care management systems (PCMS) have raised new concerns about privacy, balanced with efforts to reduce duplication of services and medical errors.

<span class="mw-page-title-main">NHS Scotland</span> Publicly-funded healthcare system in Scotland

NHS Scotland, sometimes styled NHSScotland, is the publicly–funded healthcare system in Scotland and one of the four systems that make up the National Health Service in the United Kingdom. It operates 14 territorial NHS boards across Scotland, supported by seven special non-geographic health boards, and Public Health Scotland.

Health and Social Care is the publicly funded healthcare system in Northern Ireland. Although having been created separately to the National Health Service (NHS), it is nonetheless considered a part of the overall national health service in the United Kingdom. The Northern Ireland Executive through its Department of Health is responsible for its funding, while the Public Health Agency is the executive agency responsible for the provision of public health and social care services across Northern Ireland. It is free of charge to all citizens of Northern Ireland and the rest of the United Kingdom.

<span class="mw-page-title-main">Fiona Caldicott</span> British psychiatrist (1941–2021)

Dame Fiona Caldicott, was a British psychiatrist and psychotherapist who also served as Principal of Somerville College, Oxford. She was the National Data Guardian for Health and Social Care in England until her death.

Community health councils were established in 1974 to provide a voice for patients and the public in the National Health Service (NHS) in England and Wales.

<span class="mw-page-title-main">Healthcare in the United Kingdom</span> Overview of healthcare in the United Kingdom

Healthcare in the United Kingdom is a devolved matter, with England, Northern Ireland, Scotland and Wales each having their own systems of publicly funded healthcare, funded by and accountable to separate governments and parliaments, together with smaller private sector and voluntary provision. As a result of each country having different policies and priorities, a variety of differences have developed between these systems since devolution.

The Patient Information Advisory Group (PIAG) was established in the United Kingdom under section 61 of the Health and Social Care Act 2001 and the Patient Information Advisory Group (Establishment) Regulations 2001 to provide advice on issues of national significance involving the use of patient information and to oversee arrangements created under section 60 of the Act. Its membership was drawn from patient groups, health care professionals and regulatory bodies. Following the implementation of the Health and Social Care Act 2008, PIAG was abolished and its responsibilities transferred to a new body, the National Information Governance Board for Health and Social Care, with effect from January 2009.

The Caldicott Committee's December 1997 Report on the Review of Patient-Identifiable Information, usually referred to as the Caldicott Report, identified weaknesses in the way parts of NHS handled confidential patient data. The report made several recommendations, one of which was the appointment of Caldicott guardians, members of staff with a responsibility to ensure that patient data are kept secure:

Recommendation 3: A senior person should be nominated in each NHS organisation, including the Department of Health and associated agencies, to act as a "guardian". The "guardian" should normally be a senior health professional or be closely supported by such a person. The NHS IM&T Security Manual requires each organisation to designate a senior medical officer to oversee all procedures affecting access to person-identifiable health data. This role and that of the "guardian" may be combined, providing there is no conflict of interest. The Department of Health should take the development of this role forward in partnership with interested parties.

The Caldicott Committee's Report on the Review of Patient-Identifiable Information, usually referred to as the Caldicott Report was a review commissioned in 1997 by the Chief Medical Officer of England due to increasing worries concerning the use of patient information in the National Health Service (NHS) in England and Wales and the need to avoid the undermining of confidentiality because of the development of information technology in the NHS, and its ability to propagate information concerning patients in a rapid and extensive way.

<span class="mw-page-title-main">National Health Service (England)</span> Publicly-funded healthcare system in England

The National Health Service (NHS) is the publicly funded healthcare system in England, and one of the four National Health Service systems in the United Kingdom. It is the second largest single-payer healthcare system in the world after the Brazilian Sistema Único de Saúde. Primarily funded by the government from general taxation, and overseen by the Department of Health and Social Care, the NHS provides healthcare to all legal English residents and residents from other regions of the UK, with most services free at the point of use for most people. The NHS also conducts research through the National Institute for Health and Care Research (NIHR).

SystmOne is a centrally hosted clinical computer system developed by Horsforth-based The Phoenix Partnership (TPP). It is used by healthcare professionals in the UK predominantly in primary care. The system is being deployed as one of the accredited systems in the government's programme of modernising IT in the NHS.

A Summary Care Record (SCR) is an electronic patient record, a summary of National Health Service patient data held on a central database covering England, part of the NHS National Programme for IT. The purpose of the database is to make patient data readily available anywhere that the patient seeks treatment, for example if they are staying away from their home town or if they are unable to give information for themselves. Despite opposition from some quarters, by September 2010, 424 GP practices across at least 36 primary care trusts had uploaded 2.7 million Summary Care Records. On 10 October 2010, the Health Secretary announced that the coalition government would continue with the introduction, but that the records would 'hold only the essential medical information needed in an emergency – that is medication, allergen and [drug] reactions'. By March 2013, more than 24 million SCRs had been created across England.

The National Information Governance Board for Health and Social Care (NIGB) advised the United Kingdom government on information governance between 2008 and 2013.

care.data was a programme announced by the then Health and Social Care Information Centre in spring 2013. It aimed to extract data from GP surgeries into a central database through the General Practice Extraction Service (GPES). Members of the English population who were registered with GP practices were informed that data on their health would be uploaded to HSCIC unless they exercised their rights to object by informing their GP.

Direct care is the care of an identified patient by an identified clinical professional, used throughout the National Health Service in the United Kingdom.

The Freedom to Speak Up Review, also known as the Francis Report, was a review into whistleblowing in the NHS in England. It was announced on 24 June 2014 and it was chaired by Sir Robert Francis. The review was originally expected to report in November 2014 but took longer because of a huge volume of input material: 17,500 online responses and 600 postal responses.

Health Data Insight (HDI) CiC is a social enterprise, that researches and data mines NHS England figures to find population health and epidemiological or demographic insights for effective NHS treatments by public health informatics, headquartered in the east of Cambridge.

The National Guardian's Office is an independent, non-statutory body with the remit to lead culture change in the National Health Service in England.

The General Practice Data for Planning and Research system was set up by the British National Health Service as a replacement for the General Practice Extraction Service as a means of transmitting data intended for use beyond that of providing individual health care. This might include healthcare planning, or research.

References

  1. "Caldicott becomes data guardian | Digital Health". Digital Health. 14 November 2014. Retrieved 11 September 2018.
  2. "Dame Fiona Caldicott appointed as the first statutory National Data Guardian for Health and Social Care". GOV.UK. Retrieved 15 April 2021.
  3. "Dame Fiona Caldicott tribute". GOV.UK. Retrieved 15 April 2021.
  4. "Dr Nicola Byrne to be the National Data Guardian for Health and Social Care". GOV.UK. Retrieved 15 April 2021.
  5. "The role of the National Data Guardian for health and social care". Gov.uk. Retrieved 20 November 2018.
  6. "Health and Social Care (National Data Guardian) Act 2018 — UK Parliament". services.parliament.uk. Retrieved 16 July 2019.
  7. "Health and Social Care (National Data Guardian) Bill - Hansard". Hansard.parliament.uk. Retrieved 11 September 2018.
  8. "Review of data security, consent and opt-outs". Gov.uk. Retrieved 20 November 2018.
  9. "Safe data, safe care - Care Quality Commission". Cqc.org.uk. Retrieved 20 November 2018.
  10. "New health data security standards and consent/opt-out model". Gov.uk. Retrieved 20 November 2018.
  11. "NHS to launch national data opt-out tool". ComputerWeekly.com. Retrieved 11 September 2018.
  12. "National data opt-out programme comes into force". Digital Health. 25 May 2018. Retrieved 11 September 2018.
  13. "NHS England to close care.data programme following Caldicott Review". Nationalhealthexecutive.com. Retrieved 11 September 2018.
  14. "Caldicott review: information governance in the health and care system". Gov.uk. Retrieved 20 November 2018.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.