We have detected that you are using Internet Explorer to visit this website. Internet Explorer is now being phased out by Microsoft. As a result, NHS Digital no longer supports any version of Internet Explorer for our web-based products, as it involves considerable extra effort and expense, which cannot be justified from public funds. Some features on this site will not work. You should use a modern browser such as Edge, Chrome, Firefox, or Safari. If you have difficulty installing or accessing a different browser, contact your IT support team.
National Fraud Initiative (NFI): GDPR information
Summary
Why and how we process personal data for our participation in the National Fraud Initiative and your rights.
| Controller | NHS Digital |
| How we use the information (processing activities) | NHS Digital participates in the National Fraud Initiative. In line with the its framework agreement with the Department of Health and Social Care (DHSC) is required to implement policies and practices to safeguard against fraud and theft and under the Health and Social Care Act 2012 - General Powers is participating on a voluntary basis under the Local Audit and Accountability Act 2014 (LAAA). A data matching exercise conducted by the Cabinet office will be provided with payroll data, trade creditor information and trade creditor payment history and will conduct a data matching exercise to support fraud prevention controls. Any data matches found will be investigated by NHS Digital. No assumption is made whether matches indicate fraud, error or any other explanation prior to investigation. Further details on the National Fraud Initiative can be found on the Cabinet Office website. |
| Does this contain sensitive (special category) data such as health information? | No |
| Who are recipients of this data? | |
| Is data transferred outside the UK? | This data is not transferred out of the UK |
| How long the data is kept | One year minimum after satisfactory conclusion of any investigations. |
| Our lawful basis for holding this data | Public task |
| Your rights |
|
| How can you withdraw your consent? |
Consent not the basis for processing. |
| Is the data subject to decisions made solely by computers? (automated decision making) | No |
| Where does this data come from? | NHS Shared Business Services (SBS) |
| The legal basis for collecting this data | Public Task and Health and Social Care Act (2012) – General Powers. |
