All providers of NHS care are required by law to have effective arrangements in place to govern the use of information. These requirements are set out in the Information Governance Standards Framework. Primary care providers are the data controllers for the personal and confidential data that they hold. They
therefore have a legal responsibility to comply with the information governance requirements associated with this designation.
In order to ensure to meet their obligations in relation to information governance, NHS England considers that primary care providers must have access to the range of core support services set out in this guidance.