Skip to main content

Digital Child Health (DCH)

Summary

Why and how we process your data in the Digital Child Health Programme and your rights.

Controller NHS Digital
How we use the information (processing activities) NHS Digital processes health and care event messages over the National Event Management Service (NEMS) to support the health and care activities in the Healthy Child Programme. These events are 'published' by the health and care organisations and are shared with other relevant providers of care who subscribe to NEMS. This processing supports the services delivering those aims and obligations set out under s7A NHS Act 2006, with regards to the Secretary of State’ public health responsibilities. This processing is to support the health and wellbeing of children and young people.
Does this contain sensitive (special category) data such as health information? Yes
Who are recipients of this data?

Health Care Professionals that participate or contribute to the Healthy Child Programme.  These include, but are not limited to, Child Health Information Services (CHIS), Local Authorities (Public Health), GPs, Providers of Health Visiting Services, School Nursing Services and Newborn Screening Services. This includes the digital child health record (DPCHR), which has been developed as an App for parents to access their child’s information which will replace the paper Redbook.  This App uses the NHS Identity services NHS Login to assure the identity of parents to create a record for their child and access their child’s information.

Is data transferred outside the UK? This data is not transferred out of the UK
How long the data is kept 20 years after no longer required for audit and monitoring data only.
Our lawful basis for holding this data Legal obligation
Your rights
  • Tick Be informed
  • Tick Get access to it
  • Tick Rectify or change it
  • Cross Erase or remove it
  • Tick Restrict or stop processing it
  • Cross Move, copy or transfer it
  • Cross Object to it being processed or used
  • Cross Know if a decision was made by a computer rather than a person
How can you withdraw your consent?

Consent is not the basis for processing.

Is the data subject to decisions made solely by computers? (automated decision making) No.
Where does this data come from? Health and care providers administering the Healthy Child Programme. This includes, Child Health Information Services (CHIS), Local Authorities (Public Health), GPs, Providers of Health Visiting Services, School Nursing Services and Newborn Screening Services. NHS Digital publishes 4 events, birth, death, change of GP and change of address to support the delivery of these services in fulfilling their obligations under s7A NHS Act 2006
The legal basis for collecting this data

GDPR:
Article 6(1)(c) - Legal Obligation (Digital Interoperability Platform Direction)
Article 9(2)(h) - Management of health or social care systems and services
DPA 2018:
Schedule 1, Part 1, paragraph 2 - Health or social care purpose

 

Where NHS Digital uses this data

internal

National Events Management Service

The National Events Management Service (NEMS) utilises the NHS Spine to enable the sharing of a patient’s healthcare information in near real-time across different care settings.