Coronavirus (COVID-19) has led to increased demand on general practices, including an increasing number of requests to provide patient data to inform planning and support vital research on the cause, effects, treatments and outcomes for patients of the virus.
NHS Digital was asked to provide support to general practice to help reduce the burden of data requests and allow clinicians to focus more on delivering care. Learn more about the information on the extract and its uses.
1. While the data sits within GP System Supplier (GPSS) boundary the GP is data controller
The collection has a clear legal basis defined via a COPI Notice and COVID-19 public health Directions 2020.
The data set has been developed with stakeholders focusing on the current pandemic need. Practices would be provided with consistent and exemplary fair processing information for all data collected by NHS Digital.
Data is only taken from the Practice where a Data Provision Notice has been accepted. Not all patients are included in the extract. Only specific Coded and Structured data will be extracted by the General Practice Extraction Service (GPES) and sent to NHS Digital.
The patient data is transferred from the GP System Supplier to the NHS Digital Data Processing Service (DPS) using the Message Exchange for Social Care and Health (MESH) service for secure large file transfers.
2. Upon data landing, NHS Digital (NHSD) and the Department of Health and Social Care (DHSC) become joint data controller
Data is passed through a secure ‘data pipeline’ where it is ingested, validated and has derivations applied before being stored separately to other data assets.
Upon landing the DPS takes the extract file from the landing zone file store and applies validation and Data Quality (DQ) checks. The DPS then calls the De-Identification Service to tokenise identifiers to the DPS internal pseudonyms ahead of storage.
3. Processed data is then held securely in an encrypted and pseudonymised form, in isolation from other data sets and NHS Digital staff
All data held is protected by system level security policies. Data sets are stored as objects in AWS S3 Buckets with controlled access via Identity and Access Management (IAM) mechanisms. Files are not publicly readable and data is encrypted at rest in S3 using AES-256.
4. Applications to request data must include clear purpose(s) and legal basis to help ensure appropriate data level access and use independent external IGARD - (Independent Group Advising on the Release of Data) and internal Data Access Request Service (DARS) assessments, to ensure:
- the data file will only contain data that has been authorised via a Data Sharing Agreement (DSA) which has been approved through the Data Access Request Service (DARS)
- the file will be sent to the recipient using a secure mechanism such as MESH
- each recipient will receive data with a different set of pseudonyms (based on the DSA)
All applications to access data must be initiated through the NSHX Single Point of Contact for triage before entering into the standard DARS and IGARD process. The NHS Digital Senior Information Risk Owner (SIRO) will have final approval before any data is released. A DSA and contract must be in place between NHS Digital and the recipient ahead of formal release.
5. Upon approving the application, data can be linked and/or re-identified ahead of dissemination where required
Upon being granted approval the data can be linked to other data sets and any further processing including linkage is only undertaken upon DARS approval. Data does not need to be re-identified to be linked to other data sets. Where re-identification is approved to meet a specific purpose it is strictly controlled, monitored and fully auditable and contains many steps and security levels to execute.
6. NHS Digital’s responsibility for the data does not stop at the dissemination and audit. Sanctions are imposed for any organisation deemed to have breached the Data Sharing Agreement (DSA). These include:
Once all approvals have been obtained and the data prepared it can then be accessed by the requesting organisation within the Data Access Environment (DAE). DAE is a single access environment for NHS Digital and external users to access this data which supports a number of presentation tools. By default, users cannot download the results of queries from DAE. However, there are cases, typically involving cohort management, where this is necessary in which case the user is granted specific permission to download data