Skip to main content
Creating a new NHS England: Health Education England, NHS Digital and NHS England have merged. More about the merger.

Data security and information governance

NHS Digital offers guidance on protecting data and handling information securely. Our guidance is designed to help health and care organisations meet the standards required to handle care information.

Search A-Z

Search A-Z


Codes of practice for handling information in health and care

What health and care organisations must do to look after information properly, covering confidentiality, information security management and NHS records management.


Data and cyber security: protecting information and data in health and care

Our Data Security Centre supports health and care to keep patient information and computer systems safe.

Data Security and Protection Toolkit

The Data Security and Protection Toolkit is an online self-assessment tool that all organisations must use if they have access to NHS patient data and systems.


IG Statement of Compliance

IG requirements for organisations accessing NHS digital services including N3.


National Data Guardian (NDG)

The National Data Guardian independently advises advises on the use of confidential health and care information.

NHS and social care data: off-shoring and the use of public cloud services

National guidance for health and care organisations who want to use cloud services or data offshoring to store patient information.


Publication scheme

Our publication scheme, drawn up under the Freedom of Information Act 2000, fulfils the requirements of the Information Commissioner's Office (ICO) and sets out our commitment to make certain classes of information routinely available as per the model publication scheme for public authorities.


Supporting open data and transparency

Open data is data that can be used and shared by anyone, for any purpose. We make this data publicly available to improve transparency in health and care.


UK Caldicott Guardian Council

A Caldicott Guardian is a senior person responsible for protecting the confidentiality of people's health and care information and making sure it is used properly.