Question to the Department of Health and Social Care:

To ask the Secretary of State for Health and Social Care, with reference to NHS Digital’s plans for personal medical histories to be shared with academic and commercial third parties, what steps his Department is taking to ensure there is greater transparency on (a) which aspects of patient data will be made available, (b) which third-party organisations will have access to patient data, (c) how the use of patient data is limited, (d) what patients’ rights and the mechanisms to opt-out are and (e) the safeguards in place to protect confidential patient data.

NHS Digital has set out which structured and coded data will be collected on its website. Data shared by NHS Digital is subject to robust rules on privacy, security and confidentiality. Access will only be granted to the minimum amount of data necessary to achieve the relevant health and social care purpose. All requests to access patient data from this collection will be assessed by NHS Digital’s Data Access Request Service, to ensure organisations have a legal basis to use the data and that it will be used safely, securely and appropriately. These requests for access will also be subject to scrutiny and oversight by the Independent Group Advising on the Release of Data.

NHS Digital publishes the details of the data they allow access to on their data release register, with audits of those organisations who have been granted access. NHS Digital also provides information to patients about their ability to opt-out of their data being used for purposes beyond their own care, such as through the National Data Opt-Out.