We have detected that you are using Internet Explorer to visit this website. Internet Explorer is now being phased out by Microsoft. As a result, NHS Digital no longer supports any version of Internet Explorer for our web-based products, as it involves considerable extra effort and expense, which cannot be justified from public funds. Some features on this site will not work. You should use a modern browser such as Edge, Chrome, Firefox, or Safari. If you have difficulty installing or accessing a different browser, contact your IT support team.
DSCRO – other data not elsewhere classified: GDPR information
Summary
Why and how we process your data within DSCRO - Other data not elsewhere classified (NEC), and your rights.
| Controller | NHS Digital |
| How we use the information (processing activities) | A Data Services for Commissioners Regional Office (DSCRO) work with data from GP practices and NHS hospital trusts in regional processing centres. Staff follow strict rules on accessing, analysing and processing data. The powers granted to the organisation by the Health and Social Care Act 2012 which means that staff are operating within an approved legal framework. |
| Does this contain sensitive (special category) data such as health information? | Yes |
| Who are recipients of this data? |
See the data release register for more details. |
| Is data transferred outside the UK? | No |
| How long the data is kept | 20 years maximum |
| Our lawful basis for holding this data | Legal obligation |
| Your rights |
|
| How can you withdraw your consent? |
Consent not the basis for processing |
| Is the data subject to decisions made solely by computers? (automated decision making) | No |
| Where does this data come from? | NHS funded organisation providing health and care |
| The legal basis for collecting this data | Legal obligation (Direction) and management of health and social care systems |
