PANORAMIC: Transparency notice
How, and why, we manage your data as part of the PANORAMIC national study.
Important information
The PANORAMIC trial is currently paused on the Population Health webviewer.
Our purposes
The National Institute for Health Research (NIHR) has funded the University of Oxford to carry out a first-of-its-kind clinical trial. They will be working with other UK universities to test new antiviral coronavirus (COVID-19) treatments with people who have COVID-19 and are at higher risk of complications. The treatments need to be given early in the illness to be most effective.
The PANORAMIC Trial is a national priority trial. They are recruiting volunteers, whether they have been vaccinated or not. It is open to people with ongoing symptoms of COVID-19 and a positive Polymerase Chain Reaction (PCR) test or Lateral Flow Test (LFT).
NHS England and the Department of Health and Social Care have directed NHS Digital to provide a system to find people who would be eligible for the Panoramic Trial. This will be via a secure GP web viewer on the NHS Digital platform (NHS Digital Web Viewer). A person’s GP Practice and associated GP hub (GPs) will be able to see a list of their patients who meet the criteria. They will contact the patient to discuss if they would like to take part in the trial.
The inclusion criteria are:
- aged 50 and over without comorbidity
- aged 18 to 49 with comorbidity as defined below in the clinical criteria
And:
- have a positive PCR or LFT
- are within 7 days of positive PCR or LFT test
The following groups of people will be excluded:
- people already identified as requiring immediate treatments for COVID-19 – people who are considered to be suitable for immediate treatment and are already having a clinical assessment to get the treatment for direct care purposes are excluded from the list being provided to GPs
- people who are deceased
If a person has provided their (or their carer’s) mobile or email contact information when they register their COVID-19 test and they test positive, they will be contacted by text/email to signpost them to the Trial. This messaging will begin mid-February 2022.
This notice should be read alongside our Coronavirus (COVID-19) response transparency notice.
The controller of your personal data
Under the UK General Data Protection Regulation 2016 (GDPR), NHS Digital is the controller of your personal data where we are directed or requested to process personal data for COVID-19 purposes.
We are also a joint controller with the person who has directed or requested us to do this work. In this case this is NHS England who are directing NHS Digital to carry out processing for COVID-19 purposes.
Where we share data, NHS Digital is the sole controller for the sharing of your personal data.
How we obtain your personal data
We identify patients to include in the COVID-19 Medications Service by using data we already hold as the national safe haven for health and care data in England.
Types of personal data we process
Data used to identify whether you would be suitable for the Trial includes:
- NHS number
- name
- date of birth
- sex registered at birth
- address
- postcode
- date and time of positive polymerase chain reaction (PCR) test or lateral flow test (LFT)
- registered GP practice
- contact information provided by the patient or their carer at the point of registering their PCR test or LFT
- contact information, mobile number and email address from the patients’ medical record
- health related data (in the form of condition codes held in central NHS records), where the data matches the clinical conditions and ruleset established by NHS England and NIHR
Legal basis of this data collection
The health and social care system is taking action to manage and mitigate the spread and impact of COVID-19.
This action requires the collection, analysis and sharing of information, including confidential patient information where necessary and lawful, amongst health organisations and other appropriate bodies. This is due to the urgent need to protect public health and respond to the COVID-19 outbreak.
To support the healthcare response to COVID-19, NHS Digital has been directed by NHS England under the COVID-19 Directions to both:
- establish information systems to collect and analyse data in connection with COVID-19; and
- develop and operate IT systems to deliver services in connection with COVID-19
Where we are directed to process personal data for COVID-19 purposes, this is a legal obligation, and we are allowed to do this under Article 6 (1)(c) of UK GPDR.
NHS England is directing NHS Digital to process personal data as part of their statutory functions. This is part of their public task and are allowed to do this under Article 6(1)(e) of UK GDPR.
Where we need to process health data and other special categories of personal data, we will only do this where it is necessary as part of our statutory functions. Under UK GPDR we are allowed to do this where it is necessary for substantial public interest reasons (Article 9(2)(g)), and where it is necessary for healthcare purposes (Article 9(2)(h)).
We are also allowed to share your personal data under GDPR where it is necessary for us to do so for one of the purposes explained above.
More information can be found in the 'Who we share your personal data with' section below.
How long we keep your personal data for
We will keep your personal data for as long as is needed for the purpose outlined above in accordance with the Records Management Code of Practice 2021 and NHS Digital’s Records Management Policy.
Other organisations with whom we share your personal data may only keep it for as long as it is needed for the reasons we have shared your personal data. Information about this will be in their transparency or privacy notices which are published on their websites.
Where we store the data
NHS Digital only stores and processes your personal data for this service within the United Kingdom.
Fully anonymous data, for example statistical data (which does not allow you to be identified), may be stored and processed outside of the UK.
Your rights over your personal data
To read more about the health and care information NHS Digital collects, our legal basis for collecting this information and what choices and rights you have, see how we look after your health and care information, our general transparency notice and our Coronavirus (COVID-19) response transparency notice.
You can read more about how NHS England processes your data for COVID-19 purposes at NHS England and NHS Improvement privacy notices.
We may make changes to this transparency notice. If we do, the ‘last updated’ date at the bottom of the notice will also change. Any changes to this notice will apply immediately from the date of any change.
Last edited: 19 May 2022 11:58 am