The law pulls in two opposite directions. Human Rights and Data Protection legislation, along with our domestic common law duty to respect confidentiality, require us to protect information that could identify an individual. The Freedom of Information Act requires public authorities to release information about their activities, and this message is reinforced by the governments transparency agenda.
Although the law makes a clear distinction between identifying and non-identifying data, where that line should be drawn may be far from clear in practice.
That is why this anonymisation standard for publishing health and social care data is needed. This process standard provides an agreed and standardised approach, grounded in the law, enabling organisations to:
- distinguish between identifying and non-identifying information
- deploy a standard approach and a set of standard tools to anonymise information to ensure that, as far as it is reasonably practicable to do so, information published does not identify individuals.
Note that this information standard was approved for publication by the Information Standards Board for Health and Social Care (ISB). It has not yet been accepted by SCCI for publication under the Health and Social Care Act 2012.