Skip Navigation

This is our new website. Please tell us what you think.

Information security and standards

We offer guidance and support for standards that allow organisations to handle health and care data safely and securely.

How we look after information

We take our responsibility for looking after care information very seriously. We follow legal rules, guidance and practices known as Information Governance for our data collections and IT Infrastructure Systems.

Read more about how NHS Digital makes sure your information is safe.

Information Governance

NHS Digital offers guidance on looking after information. This guidance helps health and care organisations meet the standards required to handle information.

Information Governance Alliance (IGA)

The authoritative source of advice and guidance about the rules on using and sharing information in health and care.

Codes of practice for handling information in health and care

What health and care organisations must do to look after information properly, covering confidentiality, information security management and NHS records management.

Lists and registers

See links to our lists and registers of information, including registers of approved data releases.

IG Toolkit

IG standards and guidance for NHS and partner organisations.

See more

Information Standards

An information standard is defined in the Health and Social Care Act 2012 as: "a document containing standards that relate to the processing of information". Care organisations need to follow them, or have a good defence for why not.

Visit the current directory of standards and collections.

Terminology and Classifications

National standards for recording and categorising information to support care delivery, statistical analysis, research and the reimbursement of health and care providers.

NHS Data Model and Dictionary Service

The NHS Data Model and Dictionary develops, maintains and supports NHS data standards.

Information Standards and Collections

The development, assurance and approval of information standards, data collections and data extractions (ISCE).

Common User Interface (CUI)

The design of common methods to use healthcare IT systems relies on standards and guidance.

Your personal information choices

We collect information from the records health and social care providers keep about the care and treatment they give.

We can only provide access to identifiable information if it will be used to promote health or support improvements in the delivery of care services in England or the government decides it's an emergency or in the public interest.

If you do not want your information to be used for any purpose beyond providing your care you can choose to opt-out by informing your GP.

Find out more about your choices

Have a question? Call us on 0300 303 5678 or contact

Tell us what you think of the new website beta.

We use cookies to provide you with a better service. Carry on browsing if you're happy with this, or find out how to manage cookies. Find out more