Skip to main content

How we created the Shielded Patient List

Mark Reynolds, Interim Chief Technology Officer at NHS Digital, explains the architecture behind the NHS Shielded Patient List, which is helping to protect the most vulnerable members of society during the coronavirus pandemic.

Photo of a little girl touching hands with her grandparents through a window.

On 21 March 2020 it was announced that people at highest risk of complications from coronavirus (COVID-19) would need to shield themselves from society. We needed a way to quickly identify and inform this group of people so they could take immediate action to help protect themselves.

We created the NHS Shielded Patient List to provide a record of these people identified from GP and hospital (HES) data.

The service initially went live on 20 March 2020 and grew in scope in response to the COVID-19 pandemic, allowing those identified to be at risk to receive care support, food parcels and preferential access to online delivery from the supermarkets.

The architecture behind the list

During the first few weeks of the project people across government were becoming confused by the different flows of information and their frequency. Our Enterprise Architecture team documented the flows which helped to explain how GPs, NHS Digital, clinical commissioning groups (CCGs), government and others are related to each other.

At its heart, the Shielded Patient list consumes data from a range of sources, creates lists using a set of business rules and then makes the file available for dissemination. The diagram below illustrates this in more detail. 

Diagram of the technical architecture behind the Shielded Patient List showing data flows and dissemination

The diagram shows how the Shielded Patient List combines the Data Management Environment (DME) and Data Processing Service (DPS) data and uses data flow and extraction technologies (for example, Messaging Exchange Health and Social Care (MESH) and the General Practice Extraction Service (GPES)) to obtain clinical data. 

The clinical data is taken from a patient’s GP record and demographic information (including name, date of birth and address) is taken from the Master Patient Service  (also known as the Master Person Service) on the left-hand side. The data is used with a set of rules to determine which patients are at highest risk. 

The “product” is the actual Shielded Patient List service (top yellow boxes) and the list is sent to other organisations such as Public Health England via the Secure Electronic File Transfer and other mechanisms shown on the right (the Shielded Patient List viewer and the Shielding Note Service).

The black box indicates the external Gov.UK Notify service which was used to contact those at risk to inform them that they were on the list and needed to shield.

The end to end process

A more detailed end to end process is shown below, to be read from left to right – essentially showing the collection of the data  from hospital trusts and GP practices that is processed through the algorithm. The Shielded Patient List is then generated and disseminated to the organisations which use that information via the services (Secure Electronic File Transfer and Gov.UK Notify, in blue) on the right.

Diagram of the end to end process showing the collection of the data  from hospital trusts and GP practices that is processed through the algorithm

Data collection

Data for shielding is collected via several routes:

Alongside these new flows, the Shielded Patient List also uses data sets already held by NHS Digital, for example the Maternity Services Data Set.

Data processing

The Shielded Patient List is updated weekly in the Data Management Environment as follows:

  1. Data is loaded from source data sets on a daily, weekly and monthly basis. For example, information on deceased patients is processed daily, primary care data weekly and hospital data monthly.
  2. The system identifies patients whose data matches one of the algorithm rules that adds patients to the Shielded Patient List. These are recorded in a database table. Rules can combine a condition, timescale and/or medication. For example:

3. Additions and deduction requests from GPs and hospital doctors are recorded.

4. The individual rules are combined to identify who should be on the list with rules dealing with changes in conditions, requests for additions and deductions, code deletion and so forth.

5. The final list is checked to remove deceased patients – there is a human check on data quality and then is approved for release.


Data is disseminated via the Secure Electronic File Transfer service to the Government Digital Service, the National Commissioning Data Repository and other endpoints. It is also returned to the GP and prison health IT suppliers who use it to add codes to patient records to indicate they are on the list.

The data is made available to the Shielding Note Service. This is a web service that allows patients to request evidence of shielding status for statutory sick pay purposes. The Shielding Note Service went live in September 2020.

Initially the data was shared with NHS England and the NHS BSA to send letters and text messages respectively to patients. During September 2020, the team transitioned to using Gov Notify to contact patients via emails as well as sending a letter.

Anonymous data also flows to the Data Dashboard application in NHS Digital where it is used in dashboards including those published publicly.

The significance

The Shielded Patient List demonstrated that clinical records can be used for tailored cohort selection. Patients are added to the list based upon information in their records and a rich set of rules. This contrasts with, for example, cancer screening, where age and gender are the main determinants. It has required the team to really understand the data and characteristics around how it is recorded.

The incredible pace at which the shielding scheme needed to be deployed showed the importance of having flexible, national scale applications that can be brought together for a specific purpose. The programme was only successful because systems like the General Practice Extraction Service and Strategic Data Collections Service were already in place. Going forward, we're continuing to maintain the Shielded Patient List service for both local and national lockdowns.

Related subjects

  • This document describes the methodology that has been used to identify patients who meet the high risk criteria for contracting coronavirus (COVID-19), due to their inclusion in one or more of the identified disease groups
  • NHS Digital has published the Shielded Patient List (SPL), which is enabling partner organisations across government to support and protect those who need shielding at this time.
  • The coronavirus (COVID-19) shielded patient list is enabling partner organisations across government to support and protect those who need shielding at this time. This data shows open data about the Shielded Patient List, and how it has been used.

Share this page

Mark Reynolds

Mark Reynolds is Chief Technology Officer at NHS Digital.

Latest blogs

Photo of Andrew Blundell sitting at his desk at home.
By Andrew Blundell. 10 December 2020
Andrew Blundell, Head of Software Engineering in NHS Digital’s Product Development directorate, explains why we must split apart large systems into smaller, loosely coupled components to cope with a wild and unpredictable world – and how the NHS Digital software engineering quality framework helps us.
Photo of the author, Ash Raines, at his workstation at home.
By Ash Raines. 3 December 2020
Earlier this year, we talked to our strategic partners across the public and private sectors about how we can evolve our Spine platform to meet the needs of a future health and care system. Ash Raines, Head of Delivery for the Platforms Directorate, shares the key themes and insights we’ve learned.
Image of two puzzle pieces fitting together
By Tony Heap. 21 October 2020
Tony Heap, Lead Product Owner for API Management at NHS Digital, explains how our new API Platform will create more opportunities to improve digital health and care services
Last edited: 17 November 2020 12:04 pm