The national data opt-out was introduced for 'the health and social care system' on 25 May 2018. It gives people more control over how their confidential patient information is used. Find out more about confidential patient information on the NHS website.
NHS Trusts are required to be compliant with the national data opt-out policy by Wednesday 31 March 2021.
What is the national data opt-out?
It is a service that allows the public to register to opt-out of their confidential patient information being used for research and planning. The public can change their national data opt-out choice at any time.
What is confidential patient information?
Confidential patient information is when two types of information from your health records are joined together.
The two types of information are:
- something that can identify you
- something about your health care or treatment.
For example, this can include your name and what medicine you take.
Information that only identifies you, like your name and address, is not considered to be confidential patient information and may still be used. For example, to contact you about your care or change in appointments or to ask you if you want to opt back in for an individual research study.
Information about your health or care that is anonymised so that you can no longer be identified is not considered to be confidential patient information.
The choice you make does not apply when your information is used to help with your own treatment and care. Visit the NHS website for more information on when your choice does not apply.
Who needs to comply with national data opt-out policy?
The national data opt-out applies to data for patients where their care is provided in England by a publicly funded organisation, or the care has been arranged by a public body such as the NHS or a local authority. It does not apply to data related to private patients at private providers.
In summary, the national data opt-out applies to:
- all NHS organisations (including private patients treated within such organisations)
- all local authorities providing publicly funded care
- adult social care providers where the care provided is funded or arranged by a public body
- private or charitable healthcare providers providing NHS funded treatment or arranged care.
Which data disclosures do national data opt-outs apply to?
National data opt-outs apply to a disclosure when an organisation, such as a research body, confirms they have approval from the Confidentiality Advisory Group (CAG) for the disclosure of confidential patient information held by another organisation such as an NHS Trust (the data controller). Find out more about the Confidential Advisory Group on the NHS health research authority website.
The CAG approval is also known as a section 251 approval, and refers to section 251 of the National Health Service Act 2006 and its current regulations, the Health Service (Control of Patient Information) Regulations 2002. The NHS Act 2006 and the regulations allows the common law duty of confidentiality to be temporarily lifted, so that confidential patient information can be disclosed without the data controller being in breach of the common law duty of confidentiality.
What can you do prior to Wednesday 31 March 2021
You can register your opt out now even though NHS Trusts are not required to be compliant with the national data opt-out policy until Wednesday 31 March 2021. In the meantime, if you want to object to your information being used for any purpose other than your own direct care, you can raise your query by emailing email@example.com.
You should enclose or attach proof of identity (such as a photocopy of your passport or other government-issued identity document). Do not send original documents as they cannot be returned. You can change your mind at any time by contacting us in the same way. Your objection will only apply to the information that is held by Guy's and St Thomas' NHS Foundation Trust. If you want to object to other NHS organisations using your information for healthcare improvement purposes, you should contact that organisation.
How we'll use your information after you register a local objection
If you register an objection with us, we will avoid using your information for anything except care purposes, whenever possible, or we will take out specific details so that you cannot be identified. We will do this for all purposes other than your own direct care.
We are required by law to report certain information to other public authorities, including notifications of births, deaths and infectious diseases. In these and other situations when we believe there is an overwhelming public interest, such as in a public health emergency or to prevent very serious crime, we may share your information even though you have told us not to. We have a legal duty to treat your information confidentially, and would only share it if we were sure that it was necessary.