Within the NHS, your local Clinical Commissioning Group (CCG) is responsible for planning, designing, buying and paying for certain NHS services. These services include planned and emergency hospital care, mental health, rehabilitation, and community services.
In order to carry out these functions, CCGs need to use information about patients. There are very strict rules surrounding the use of this data, and this page describes the current use of applications under the NHS Act 2006, which are called “Section 251 applications”. These are used to process certain types of information for specific purposes. For future information on this subject, please see our web pages on Invoice Validation and Risk Stratification.
Section 251 applications are approved by the Secretary of State for Health, who imposes very tight conditions on what information can be processed and by whom. On behalf of CCGs, NHS England has made three Section 251 applications, which have been approved by the Secretary of Health, and these are described below.
To learn more about how these applications may affect you in particular, please visit your local Clinical Commissioning Group’s fair processing page or leaflets which will describe which applications they are using and for what purpose.
About fair processing
The Data Protection Act requires organisations, including those in the NHS, to process personal data fairly and lawfully.
The methods by which these processes are governed and explained to patients are known as ‘fair processing’.
CCGs may use Commissioning Support Units (CSUs) to help them with their work. Whilst CSUs are hosted by NHS England, they are “arms-length” bodies who operate independently of NHS England. Patient data are not normally processed for commissioning purposes by NHS England; however, local commissioners use limited amounts of patient data to support patients for which they are responsible.
NHS England’s Fair Processing statement can be found here.
How personal confidential data are used
The main use of data is for the provision of direct care and care services. In these cases, data are collected from patients and shared between doctors and other regulated professionals to enable the provision of care. Relevant data are stored and processed in computer systems within care providers, such as general practices and provider trusts, (e.g., hospitals and community services), and with any organisations that have been contracted to process data on their behalf.
Fair processing requires that such sharing is made clear to the patient in the process of the provision of care and is understood by the patient.
CCGs do not routinely hold or have access to individual medical records. There may, however, be instances where information about a patient is held – for example if there has been a complaint or a specific request for help. The CCG may also hold information if it funds specialised treatment not covered in its contracts with suppliers. The CCG will only hold personal confidential data when it is needed to carry out its work.
The current Section 251 applications are used to support three main areas of work:
- Accredited Safe Havens (or “Stage 1 ASHs”)
- Risk stratification
- Invoice validation
An extension until 30 April 2016 has been granted for applications CAG 2-03(a)/2013, risk stratification (CAG 7-04(a)/2013) and invoice validation (CAG 7-07(a-c)/2013).
Please visit our ‘Data Services for Commissioners‘ page for more information.
Accredited Safe Havens
To fulfil their obligations towards patients, Clinical Commissioning Groups need to monitor access to services, waiting times and particular aspects of the care they commissioned. A small amount of patient data is required to fulfil this monitoring and commissioning purpose.
In order to allow CCGs to complete these tasks, ”arm’s length” bodies called Accredited Safe Havens (ASHs) have been set up with controls on what data and systems they can use. Only CCGs and CSUs that meet the required standard were allowed to apply for Stage 1 of the Accredited Safe Havens.
Accredited Safe Havens can only process personal confidential data for following purposes of:
- linking information from more than one source;
- validating the quality or completeness of-
- confidential patient information, or
- data derived from such information;
- avoiding the impairment of the quality of data derived from confidential patient information by incorrect linkage or the unintentional inclusion of the same information more than once;
- the audit, monitoring and analysing of the provision made by the health service for patient care and treatment.
The conditions of approval for ASHs have put in place a legal framework which ensures that data are only handled under tightly controlled circumstances. Accredited Safe Haven status is subject to ongoing scrutiny.
There may be times where one healthcare organisation will need to invoice another for treatment given to a patient. This can occur, for example, when a patient needs hospital treatment while away from home on holiday. The hospital at which they were seen may need to invoice the patient’s CCG for the treatment they received.
Before paying, the CCG will need to be sure that they are responsible for the patient and that the amount they are being billed for is correct. This process is known as invoice validation. For invoice validation to occur, a limited amount of information about the patient needs to be shared between the organisations concerned.
Risk stratification is a process that uses personal data from health care services to determine which people are at high risk of experiencing certain outcomes, such as unplanned hospital admissions.
Risk stratification tools can be useful in analysing the overall health of a population (known as ‘risk stratification for commissioning’) and for identifying which patients should be offered targeted preventative support to reduce those risks (known as ‘risk stratification for case finding.’).
These tools use a mix of limited historical information about patients (such as age, gender, diagnoses, and hospital attendance) as well as data collected in GP practices. Your GP will provide information about any risk stratification programmes they are planning to use. The GPs can use their data to identity which of their patients would benefit from a certain preventative service. Risk stratification is a helpful tool to support GPs in identifying patients at risk.
The CCG may use data that cannot be tracked back to individuals, to understand the local population needs and plan for future requirements. This is known as ‘risk stratification for commissioning’.
Patients have the right to have information about them processed fairly and lawfully, and to access any personal information held by the NHS. Patients also have the right to privacy, and expect the NHS to keep information confidential and secure. Patients have the right to request that their confidential information is not used for purposes other than their own care and treatment, and to have their objections considered. These rights are set out in the NHS Constitution.
Patients who do not want the NHS to use information from their GP can opt out by completing an opt-out form and returning it to their GP practice.
If a patient opts out, it will prevent their identifiable information being shared outside of your GP practice for purposes beyond their direct care (except in special circumstances allowed by law, such as when there is a public-health emergency).
It is entirely up to patients whether the NHS can use their information or not – and if a patient chooses to opt out this will not in any way affect the care or treatment they receive as a patient.
NHS England is required to protect the public funds it administers. It may share information provided to it with other bodies responsible for; auditing, or administering public funds, or where undertaking a public function, in order to prevent and detect fraud.
The Cabinet Office is responsible for carrying out data matching exercises.
Data matching involves comparing computer records held by one body against other computer records held by the same or another body to see how far they match. This is usually personal information. Computerised data matching allows potentially fraudulent claims and payments to be identified. Where a match is found it may indicate that there is an inconsistency which requires further investigation. No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out.
We participate in the Cabinet Office’s National Fraud Initiative: a data matching exercise to assist in the prevention and detection of fraud. We are required to provide particular sets of data to the Minister for the Cabinet Office for matching for each exercise.
The use of data by the Cabinet Office in a data matching exercise is carried out with statutory authority under Part 6 of the Local Audit and Accountability Act 2014. It does not require the consent of the individuals concerned under the Data Protection Act 1998.
Data matching by the Cabinet Office is subject to a Code of Practice.
Should you wish to know more information on this Fair Processing Notice please see the more detailed full text.
View further information on the Cabinet Office’s legal powers and the reasons why it matches particular information. For further information on data matching at this authority contact Stuart Francis at firstname.lastname@example.org.