We have detected that you are using Internet Explorer to visit this website. Internet Explorer is now being phased out by Microsoft. As a result, NHS Digital no longer supports any version of Internet Explorer for our web-based products, as it involves considerable extra effort and expense, which cannot be justified from public funds. Some features on this site will not work. You should use a modern browser such as Edge, Chrome, Firefox, or Safari. If you have difficulty installing or accessing a different browser, contact your IT support team.
Cardiovascular Disease Prevention audit (CVDPREVENT audit)
Why and how we process your data in the Cardiovascular Disease Prevention Audit (CVDPREVENT audit) and your rights.
|Controller||NHS Digital (in relation to processing the personal data) and NHS England (in relation to determining the purpose for processing the data through the issuing of a direction to NHS Digital).|
|How we use the information (processing activities)||
The Cardiovascular Disease Prevention Audit (CVDPREVENT Audit) supports the implementation of the NHS Long Term Plan which identifies cardiovascular disease (CVD) as a clinical priority. CVD is the single biggest condition where lives can be saved by the NHS over the next 10 years, currently causing a quarter of all deaths in the UK and is the largest cause of premature deaths in deprived areas. The audit will initially make use of historical General Practice information and then every three months, extracts will be taken from the data held by General Practice's via the General Practice Extraction Service (GPES). The extracts will include diagnostic codes, recording of risk factors such as smoking and alcohol, physical measurements such as blood pressure and body mass index, blood tests such as kidney function and cholesterol, as well as drug treatment and lifestyle interventions. The data will support professionally led quality improvements, allowing local systems to clearly identify gaps, inequalities and opportunities for improvement in the diagnosis and management of the high risk conditions for CVD. Using aggregated data It will show Primary care Networks (PCNs) and Clinical Commissioning Groups (CCG) where to focus there energies to prevent heart attacks and strokes at scale in their populations and to reduce health inequalities, NHS services and for research via NHS Digital Data Access Request Service (DARS).
|Does this contain sensitive (special category) data such as health information?||Yes|
|Who are recipients of this data?||
Primary Care Networks (PCNs), Clinical Commissioning Groups (CCG), Data recipients are recorded in the Register of Approved Data Releases for DARS disseminations.
|Is data transferred outside the UK?||Not for the purposes of processing it by NHS Digital. It may be transferred outside of the UK if this approved by NHS Digital through the DARS process for any particular dissemination.|
|How long the data is kept||20 years minimum from the date of the extract from the General practice system.|
|Our lawful basis for holding this data||Legal obligation|
|How can you withdraw your consent?||
Consent is not the basis for processing, Patients can request a type 1 objection via their General Practice to restrict use of their data.
|Is the data subject to decisions made solely by computers? (automated decision making)||No|
|Where does this data come from?||General Practice (GP) medical records via General Practice Extraction Service (GPES).|
|The legal basis for collecting this data||
GDPR: Article 6(1)(c) Legal Obligation (Cardiovascular Disease Prevention Audit Direction 2020), Article 9(2)(g) Substantial public interests, supplemented by DPA 2018 schedule 1, part 2, statutory etc and government purposes.