We have detected that you are using Internet Explorer to visit this website. Internet Explorer is now being phased out by Microsoft. As a result, NHS Digital no longer supports any version of Internet Explorer for our web-based products, as it involves considerable extra effort and expense, which cannot be justified from public funds. Some features on this site will not work. You should use a modern browser such as Edge, Chrome, Firefox, or Safari. If you have difficulty installing or accessing a different browser, contact your IT support team.
Health and care information
Information about you and your health is recorded when you receive health care or social care, to help with your care and treatment. This is what most people call your medical records. Each organisation you have contact with keeps its own records on you. Information includes:
- your name, date of birth, address and contact details
- your NHS number, which makes sure your records are linked to you and you alone
- details of health conditions and illnesses
- medicines and other treatments
- records of contact you've had with doctors and other health and care workers
Good care requires good information about you, so it's very important that this information is recorded. But it's also very personal - so you need to be confident that it's looked after securely and in line with the law.
Why we collect some information from your health and care records
We don't hold your full health and care records. Each health and care organisation you have contact with holds its own records on you. We collect and store some information from everyone's health and care records because of our role in health and care.
NHS Digital's role in the health and care service
NHS Digital has two main responsibilities. We:
- run and manage computer systems that link different parts of health and care together and improve individual care
- collect some specific health and care data to check how the health and care service is doing and to improve everyone's care
To carry out these duties, we need to collect, store, use and sometimes share information about you.
Find out more about the legal basis of our role in collecting data from the health service.
Improving your individual care
Some of your health information will be held in our systems to improve your care. For example:
- a central IT service called the NHS Spine links your records to your NHS number and makes sure this important information is never lost, wherever you are treated
- vital medical information including medicines you take and your allergies is recorded in your Summary Care Record, giving health professionals important and sometimes life-saving information when you are being treated away from your usual doctor's surgery
- your prescriptions can be sent direct to a pharmacy through our Electronic Prescription Service, saving you time and improving your care
- you can book an appointment on line at a time to suit you, using our e-Referrals Service
- you will be called for routine screenings, for example for cervical or bowel cancer, based on information we hold about you in our central systems
Improving care for everyone
We collect some confidential patient information so that it can be used to improve everyone's health and care.
The information we collect is used to:
- run the health service
- manage epidemics
- plan for the future
- research health conditions, diseases and treatments
Evidence from the confidential patient information of millions of people like you helps people who do these jobs make the best decisions for everyone. We always collect and store information about you securely and in line with the law.
Read more about what confidential patient information is used for on the Understanding patient data explainer page.
Read more about the benefits of sharing health information on the Understanding patient data case studies pages.
Use of information that could identify you
We use confidential patient information within NHS Digital, and sometimes share it with other organisations so that they can use it to improve everyone's health and care. Most of the time, the information we use and share could not identify you as an individual. Wherever possible, we make sure that any details that could identify individual people have been removed, before we use data. We call this 'anonymised data'.
Some of the time, however, we allow the use of data that could potentially identify you, because it needs to be linked to your unique individual patient record. We call this 'identifiable data'.
Information that could potentially identify you is only used if it is:
- used to improve health and care
- looked after properly and kept safe
- allowed by law
- absolutely necessary - where anonymised data would not do the same job
There are very strict rules about who can access confidential patient information, how it must be protected, and what it can be used for. When information is shared with other organisations, these organisations have to go through our Data Access Request Service to make sure they will store it safely and legally, and they have a good reason for using it that will benefit health and care. Information is never passed to marketing or insurance companies without consent. We publish all of our data releases on our data release register.
Where we collect and use information that could identify you, you can make certain choices, including whether to opt out of sharing your confidential patient information.
Explaining why we are legally allowed to collect health and care information.