National Data Guardian for Health and Social Care

Last updated

The National Data Guardian for Health and Social Care is an independent, non-regulatory, advice giving body in England sponsored by the Department of Health and Social Care. Dame Fiona Caldicott had held the position on a non-statutory basis since its inception in November 2014. [1] She was appointed the first statutory National Data Guardian in March 2019 [2] following the introduction of the Health and Social Care (National Data Guardian) Act 2018, and remained in post until her death in February 2021. [3] Dr Nicola Byrne was appointed to the role in March 2021 by the Secretary of State for Health and Social Care. [4]

Contents

Role

The National Data Guardian provides guidance to the UK Government and the health and adult social care system on data confidentiality, security and patient data choice. Its role is to advise and challenge the health and social care system to help ensure that citizens’ confidential information is safeguarded securely and used properly to support direct care and achieve better outcomes from health and care services.

As a non-regulatory body, the National Data Guardian does not issue or enforce sanctions; it works with existing regulators such as the Information Commissioner’s Office and the Care Quality Commission where this is required.

Health and Social Care (National Data Guardian) Act 2018

A Private Members' Bill to place the National Data Guardian role on a statutory footing was introduced to Parliament in 2017. The Health and Social Care (National Data Guardian) Bill 2017-19 was sponsored by Member of Parliament Peter Bone.

A consultation on the roles and functions of the National Data Guardian [5] was held in 2015 in preparation for the Bill's drafting.

The Bill received Royal Assent on 20 December 2018 and is now an Act of Parliament. [6] The Health and Social Care (National Data Guardian) Act 2018 gives the National Data Guardian role formal, advice-giving powers on matters related to the processing of health and adult social care data in England. [7]

Formal reviews

In September 2015, the Secretary of State for Health Jeremy Hunt asked the National Data Guardian and the Care Quality Commission conduct a formal review into data security and use, delivering as its outcomes: recommendations for new data security standards for health and care; a method for testing compliance against the standards; and a new consent or opt-out model for data sharing in relation to patient confidential data.

The National Data Guardian's [8] Review of Data Security, Consent and Opt-outs was published in July 2016. It made 20 recommendations, including the introduction of 10 national data security standards for health and care and a new tool for measuring performance against them.

The Care Quality Commission published its report Safe Data Safe Care in tandem. [9]

The Government's 2017 response, 'Your Data: Better Security, Better Choice, Better Care, [10] accepted the recommendations and reported on plans to deliver against them, including the development of a new national data opt-out system for patients, which was launched by NHS Digital in May 2018. [11] [12]

The review also led to the closure of the care.data programme by NHS England [13]

Prior reviews by Dame Fiona Caldicott

The Review of Data Security, Consent and Opt-outs was the first formal report delivered by Dame Fiona Caldicott in her role as National Data Guardian. It is referred to as Caldicott 3, as it is her third formal report to Government on the protection and use of patient information. The first, her Report on the Review of Patient-identifiable Information is known as the Caldicott Report and was published in 1997. The second report [14] known as Caldicott 2 was published in 2013.

Related Research Articles

Department of Health and Social Care United Kingdom ministerial government department

The Department of Health and Social Care (DHSC) is the U.K. government department responsible for government policy on health and adult social care matters in England, along with a few elements of the same matters which are not otherwise devolved to the Scottish Government, Welsh Government or Northern Ireland Executive. It oversees the English National Health Service (NHS). The department is led by the Secretary of State for Health and Social Care with three Ministers of State and three Parliamentary Under-Secretaries of State.

Medical privacy or health privacy is the practice of maintaining the security and confidentiality of patient records. It involves both the conversational discretion of health care providers and the security of medical records. The terms can also refer to the physical privacy of patients from other patients and providers while in a medical facility, and to modesty in medical settings. Modern concerns include the degree of disclosure to insurance companies, employers, and other third parties. The advent of electronic medical records (EMR) and patient care management systems (PCMS) have raised new concerns about privacy, balanced with efforts to reduce duplication of services and medical errors.

Medical record

The terms medical record, health record, and medical chart are used somewhat interchangeably to describe the systematic documentation of a single patient's medical history and care across time within one particular health care provider's jurisdiction. A medical record includes a variety of types of "notes" entered over time by healthcare professionals, recording observations and administration of drugs and therapies, orders for the administration of drugs and therapies, test results, x-rays, reports, etc. The maintenance of complete and accurate medical records is a requirement of health care providers and is generally enforced as a licensing or certification prerequisite.

NHS Scotland Publicly-funded healthcare system in Scotland

NHS Scotland, sometimes styled NHSScotland, is the publicly funded healthcare system in Scotland, and one of the four systems which make up the National Health Service in the United Kingdom. It operates fourteen territorial NHS boards across Scotland, seven special non-geographic health boards and NHS Health Scotland.

Health and Social Care (HSC) is the publicly funded healthcare system in Northern Ireland. Although having been created separately to the National Health Service it is nonetheless considered a part of the overall national health service in the United Kingdom. The Northern Ireland Executive through its Department of Health is responsible for its funding, while the Public Health Agency is the executive agency responsible for the provision of public health and social care services across Northern Ireland. It is free of charge to all citizens of Northern Ireland and the rest of the United Kingdom.

Fiona Caldicott British psychiatrist

Dame Fiona Caldicott, was a British psychiatrist and psychotherapist who also served as Principal of Somerville College, Oxford She was the National Data Guardian for Health and Social Care in England until her death.

Community health councils were established in 1974 to provide a voice for patients and the public in the National Health Service (NHS) in England and Wales.

The Patient Information Advisory Group (PIAG) was established in the United Kingdom under section 61 of the Health and Social Care Act 2001 and the Patient Information Advisory Group (Establishment) Regulations 2001 to provide advice on issues of national significance involving the use of patient information and to oversee arrangements created under section 60 of the Act. Its membership was drawn from patient groups, health care professionals and regulatory bodies. Following the implementation of the Health and Social Care Act 2008, PIAG was abolished and its responsibilities transferred to a new body, the National Information Governance Board for Health and Social Care, with effect from January 2009.

The Caldicott Committee's December 1997 Report on the Review of Patient-Identifiable Information, usually referred to as the Caldicott Report, identified weaknesses in the way parts of NHS handled confidential patient data. The report made several recommendations, one of which was the appointment of Caldicott guardians, members of staff with a responsibility to ensure patient data is kept secure:

Recommendation 3: A senior person should be nominated in each NHS organisation, including the Department of Health and associated agencies, to act as a "guardian". The "guardian" should normally be a senior health professional or be closely supported by such a person. The NHS IM&T Security Manual requires each organisation to designate a senior medical officer to oversee all procedures affecting access to person-identifiable health data. This role and that of the "guardian" may be combined, providing there is no conflict of interest. The Department of Health should take the development of this role forward in partnership with interested parties.

The Caldicott Committee's Report on the Review of Patient-Identifiable Information, usually referred to as the Caldicott Report was a review commissioned in 1997 by the Chief Medical Officer of England due to increasing worries concerning the use of patient information in the National Health Service (NHS) in England and Wales and the need to avoid the undermining of confidentiality because of the development of information technology in the NHS, and its ability to propagate information concerning patients in a rapid and extensive way.

National Health Service (England) Publicly-funded healthcare system in England

The National Health Service (NHS) is the publicly funded healthcare system in England, and one of the four National Health Service systems in the United Kingdom. It is the second largest single-payer healthcare system in the world after the Brazilian Sistema Único de Saúde. Primarily funded by the government from general taxation, and overseen by the Department of Health and Social Care, the NHS provides healthcare to all legal English residents and residents from other regions of the UK, with most services free at the point of use. Some services, such as emergency treatment and treatment of infectious diseases, are free for most people, including visitors.

SystmOne is a centrally hosted clinical computer system developed by Horsforth-based The Phoenix Partnership (TPP). It is used by healthcare professionals in the UK predominantly in primary care. The system is being deployed as one of the accredited systems in the government's programme of modernising IT in the NHS.

National Health Service Publicly-funded healthcare systems in the United Kingdom

The National Health Service (NHS) is the umbrella term for the publicly funded healthcare systems of the United Kingdom (UK). Since 1948 they have been funded out of general taxation. There are three systems which make up the "NHS". Health and Social Care in Northern Ireland was created separately and although it does not use the name "NHS" it is still often to referred to as such, particularly in reference to the overall health system in the UK. The four systems were established in 1948 as part of major social reforms following the Second World War. The founding principles were that services should be comprehensive, universal and free at the point of delivery—a health service based on clinical need, not ability to pay. Each service provides a comprehensive range of health services, free at the point of use for people ordinarily resident in the United Kingdom apart from dental treatment and optical care. In England, NHS patients have to pay prescription charges; some, such as those aged over 60 and certain state benefit recipients, are exempt.

A Summary Care Record (SCR) is an electronic patient record, a summary of National Health Service patient data held on a central database covering England, part of the NHS National Programme for IT. The purpose of the database is to make patient data readily available anywhere that the patient seeks treatment, for example if they are staying away from their home town or if they are unable to give information for themselves. Despite opposition from some quarters, by September 2010, 424 GP practices across at least 36 primary care trusts had uploaded 2.7 million Summary Care Records. On 10 October 2010, the Health Secretary announced that the coalition government would continue with the introduction, but that the records would 'hold only the essential medical information needed in an emergency – that is medication, allergen and [drug] reactions'. By March 2013, more than 24 million SCRs had been created across England.

Tim Kelsey

Tim Kelsey is CEO of Pacific Knowledge Systems (PKS), an international pioneer in health data analytics based in Sydney, Australia. PKS is an Australian Healthcare company (ASX:PKS) that works around the world to better capture, manage and leverage human expertise to improve performance and health outcomes. He started in the role in December 2020.

The National Information Governance Board for Health and Social Care (NIGB) advised the United Kingdom government on information governance between 2008 and 2013.

The Professional Standards Authority for Health and Social Care (PSA) oversees the nine statutory bodies that regulate health professionals in the United Kingdom and social care in England. Where occupations are not subject to statutory regulation, it sets standards for those organisations that hold voluntary registers and accredits those that meet them.

care.data was a programme announced by the then Health and Social Care Information Centre in the Spring of 2013. It aimed to extract data from GP surgeries into a central database through the General Practice Extraction Service (GPES). Members of the English population who were registered with GP practices were informed that data on their health would be uploaded to HSCIC unless they exercised their rights to object by informing their GP.

Direct care is the care of an identified patient by an identified clinical professional, used throughout the National Health Service in the United Kingdom.

Health Data Insight (HDI) CiC is a social enterprise, that researches and data mines NHS England figures to find population health and epidemiological or demographic insights for effective NHS treatments by public health informatics, headquartered in the east of Cambridge.

References

  1. "Caldicott becomes data guardian | Digital Health". Digital Health. 2014-11-14. Retrieved 2018-09-11.
  2. "Dame Fiona Caldicott appointed as the first statutory National Data Guardian for Health and Social Care". GOV.UK. Retrieved 2021-04-15.
  3. "Dame Fiona Caldicott tribute". GOV.UK. Retrieved 2021-04-15.
  4. "Dr Nicola Byrne to be the National Data Guardian for Health and Social Care". GOV.UK. Retrieved 2021-04-15.
  5. "The role of the National Data Guardian for health and social care". Gov.uk. Retrieved 20 November 2018.CS1 maint: discouraged parameter (link)
  6. "Health and Social Care (National Data Guardian) Act 2018 — UK Parliament". services.parliament.uk. Retrieved 2019-07-16.
  7. "Health and Social Care (National Data Guardian) Bill - Hansard". Hansard.parliament.uk. Retrieved 2018-09-11.
  8. "Review of data security, consent and opt-outs". Gov.uk. Retrieved 20 November 2018.CS1 maint: discouraged parameter (link)
  9. "Safe data, safe care - Care Quality Commission". Cqc.org.uk. Retrieved 20 November 2018.CS1 maint: discouraged parameter (link)
  10. "New health data security standards and consent/opt-out model". Gov.uk. Retrieved 20 November 2018.CS1 maint: discouraged parameter (link)
  11. "NHS to launch national data opt-out tool". ComputerWeekly.com. Retrieved 2018-09-11.
  12. "National data opt-out programme comes into force". Digital Health. 2018-05-25. Retrieved 2018-09-11.
  13. "NHS England to close care.data programme following Caldicott Review". Nationalhealthexecutive.com. Retrieved 2018-09-11.
  14. "Caldicott review: information governance in the health and care system". Gov.uk. Retrieved 20 November 2018.CS1 maint: discouraged parameter (link)
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.