Data Sharing Audits
We carry out independent audits to check that our customers are meeting their obligations towards data security.
We carry out independent audits and where necessary post audit reviews to check that our customers are meeting the obligations in their Data Sharing Framework Contracts and Data Sharing Agreements. This helps to ensure that organisations abide by the terms and conditions set by NHS Digital and data is kept safe and secure.
To assist the data recipient with the audit process NHS Digital has produced an Audit Guide and an Action Plan template [52.35KB] . Audits undertaken between October 2016 and December 2017 were against Version 1 of the Audit Guide [618.87KB] . Audits conducted from 1 January 2018 will be against Version 2 of the Audit Guide [1.0MB] .
Each audit and post audit review carried out results in the publication of a formal audit report. From April 2016, audit reports are being published on monthly basis and are scheduled to appear every third Thursday. Note the style of the audit report varies according to version of the Audit Guide the audit was conducted against.
Data Sharing Agreement Audit - Northumberland, Tyne and Wear NHS Foundation Trust [185.3KB]
Data Sharing Post Audit Review - NEW Devon CCG [238.48KB]
Data Sharing Post Audit Review - Leads Teaching Hospitals Foundation Trust [250.77KB]
Data Sharing Post Audit Review - Competition and Markets Authority [152.93KB]
Data Sharing Post Audit Review - University of Manchester [195.14KB]
We published the first set of reports in January 2015.
We are using the information from these audits to improve the processes we use to keep data safe.