Data Services for Commissioners (DSfC)
The Data Services for Commissioners supports the provision of data to facilitate healthcare planning and payment within the NHS.
Health care commissioners need information about the treatment of patients to review and plan current and future health care services. To do this they need to be able to see information about the health care provided to patients which can include patient level data.
The law says commissioners are not allowed to access Personal Confidential Data (PCD) because they are not providing direct patient care. So they need an intermediary service called Data Services for Commissioners Regional Office (DSRCO), that specialise in processing, analysing and packaging patient information within a secure envronment into a format commissioners can legally use; anonymised patient level data
Anonymised patient level data allows a patients 'events' to be linked without revealing the identity of that person.
Applications for the receipt of data are usually used to support three main areas of work:
- Risk stratification: is a process that uses personal data from health care services to identify and support patients with long term conditions and to help minimise unplanned hospital admissions.
- Invoice validation: is a process that uses personal data to make sure health care organisations providing care are paid correctly.
- Commissioning is a process using data coded to hide the identity of patients. It is used by organisations to plan and commission health care services.
NHS Digital, formally known as HSCIC, is able to disseminate data to commissioners under the Health and Social Care Act (2012). The act provides the powers for NHS Digital to collect, analyse and disseminate national data and statistical information. To access this data organisations must submit an application and demonstrate that they meet the appropriate governance and security requirements.
NHS Digital, through its Data Services for Commissioners Regional Offices (DSCROs), is permitted to collect, hold and process Personal Confidential Data (PCD). This is for purposes beyond direct patient care to support NHS commissioning organisations and the commissioning functions within local authorities
Data regarding health care treatment can only be shared with commissioning organisations where a formal Data Sharing Framework Contract (DSFC) is in place alongside a Data Sharing Agreement (DSA)
Data Sharing Agreements place a clear obligation on the receiving organisation to only use the supplied information for the agreed purposes. This data can not be shared with others unless specified within the DSA.
These contracts are supported by 'Legitimate Relationships' which map. the association between commissioners and regional teams within NHS Digital (DSCROs). This is to ensure data is only shared where necessary and is kept to a minimum.
The Data Services for Commissioners (DSfC) Live Service team process and ensure approvals are in place for requests to create new Legitimate Relationships, or for changes to existing relationships, between organisations for commissioning purposes.
This process ensures patient information is protected and that the organisations requesting commissioning information have a legitimate right to access the data. Organisations including Clinical Commissioning Groups (CCGs), Commissioning Support Units (CSUs), NHS England commissioning hubs, DSCROs and any other commissioning organisations may set up new, or amend existing, relationships, where there is a signed service contract in place relating to the provision of data processing services.
Details of current Legitimate Relationships can be found here.
If you would like any further information relating to this service please email us.
The Data Protection Act requires organisations, including those in the NHS, to process personal data fairly and lawfully. NHS Digital cannot release patient level data to a commissioning organisation unless it has a data sharing framework contract and a data sharing agreement in place. If you wish to receive data under a data sharing agreement please contact email@example.com before requesting any data.