Skip to main content
Creating a new NHS England: Health Education England, NHS Digital and NHS England have merged. More about the merger.

Online connection agreement

Understand the terms of use for some of our APIs.


Before you can use our APIs, you need to understand and agree to the terms of use.

For some of our APIs, we require you to sign a legal document called a 'Connection Agreement'.

For some of our APIs, we require you to accept this page - our online connection agreement.

We ask you to accept this agreement when you onboard to the API. You must be an officer of the organisation with appropriate authority to accept the agreement on behalf of your organisation.

If you have any questions about this agreement, contact us.

Version control

This is version 1 of the online connection agreement.

There are no previous versions.

When we ask you to accept this agreement, we'll also ask you which version of it you are accepting. If we change the agreement, we might ask you to accept the new version.

This version of the online connection agreement is only suitable for APIs which do not give access to personally identifiable data (PID). As such, it does not include clauses on privacy and information governance.

1. Introduction

1.1    The Health and Social Care Information Centre of 7 & 8 Wellington Place, Leeds LS1 4AJ, a non-departmental public body known as "NHS Digital", provides an API platform enabling Connecting Parties to access and use various Services via API connections.  

1.2    To find out more about NHS Digital and the Services visit API platform.

2. When this connection agreement applies

2.1    The Connection Agreement shall govern the connection to, and use by the Connecting Party of, all Services accessed. 

2.2    By completing the digital onboarding process and accessing any Services the Connecting Party agrees to be bound by this Connection Agreement.   

2.3    In order to access Services the Connecting Party must complete a digital onboarding process, resulting in the completion of an Onboarding Form which will specify the details of the Connecting Party, the Service(s) connected to and the Connecting Party’s use case for the Services, and NHS Digital must approve this. 

2.4    If NHS Digital needs to contact the Connecting Party it will use the contact details provided as part of digital onboarding.  The Connecting Party must keep these contact details accurate, this can be done via any developer account associated with the Connecting Party.

3. Definitions and interpretation

3.1    In this Connection Agreement:

“Bespoke Special Terms” means any supplemental terms identified as Bespoke Special Terms in the Onboarding Form and which shall be incorporated into this Connection Agreement;

“Change” means any variation, replacement, addition to or deletion from any aspect of the:

(a)     the Services and their delivery;
(b)    the Requirements;
(c)    the manner of completion or content of the Onboarding Form; and
(d)    this Connection Agreement;

“Clinical Safety Incident” means any unintended or unexpected incident which could have led, or did lead, to harm for one or more patients receiving healthcare, where harm is: death, physical injury, psychological trauma and/or damage to the health or well-being of a patient;

"Connection Agreement" means all of the terms of this agreement and all documents referred to or linked to (by URL or otherwise) in: (i) the following terms and any Bespoke Special Terms; (ii) on the Services Web Pages and supporting repositories maintained by NHS Digital in relation to the onboarding process and Service(s); and (iii) in the Onboarding Form;

"Connecting Party" means the organisation providing a product or service that is interfacing with any Service(s);

"Connection Method" the technical method (for example an application program interface) of interfacing with the Service(s);

"Confidential Information" means all information which is disclosed by one party to the other however conveyed and which: (i) is marked confidential or which is accompanied by a written or oral statement saying that it is confidential or proprietary or (ii) ought reasonably to be considered confidential; and which relates to the business affairs of the party disclosing it (including, products, operations, processes, plans or intentions, developments, trade secrets, know-how, design rights, market opportunities, personnel, customers and suppliers of the party disclosing it (or other companies within a group of companies owned by or under common ownership of that party)), and all information derived from the above;

"Controller", "Processor", “Personal Data” and “Processing” shall have the meanings set out in the Data Protection Laws;

“Data Protection Laws” means applicable legislation protecting the fundamental rights and freedoms of individuals, in respect of their right to privacy and the processing of their personal data, as amended from time to time, including 'the UK General Data Protection Regulation' ("UK GDPR") and the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations 2003, together with decisions, guidelines, guidance notes and codes of practice issued from time to time by courts, Supervisory Authorities and other applicable government authorities;

"Direct Care" means a clinical, social or public health activity concerned with the prevention, investigation and treatment of illness and the alleviation of suffering of individuals and does not include activities that contribute to the overall provision of services to a population as a whole or a group of patients, as more particularly described in the most up-to-date published guidance of the National Data Guardian;

"Dispute" means any dispute, difference or question of interpretation arising out of or in connection with this Connection Agreement (including any dispute regarding pre- contractual negotiations, the existence, validity or termination of this Connection Agreement or the consequences of non-existence or invalidity of this Connection Agreement), whether contractual or non-contractual;

"End User Organisation AUP" means the End User Organisation acceptable use policy, being requirements and obligations relating to End User organisations use of the Service(s).  A copy is available on the NHS Digital website at End user organisation acceptable use policy.

"End User Organisation" means any recipient or commissioning body using or commissioning a Connecting Party’s products or services which interface with Service(s) (whether directly, or indirectly via an agent or other commissioning body);

"HSSI" (or High Severity Service(s) Incident) sometimes referred to as a 'major incident', is an Incident that causes a serious interruption of business activities.  NHS Digital assesses and defines the severity of an Incident in terms of the urgency and level of adverse impact(s), such as the number of users affected, ability to deliver patient care, data security and/or integrity, reputation and/or financial loss. Incidents with a severity level 1 or 2 are HSSIs;

"HSSI Manager" means an individual who shall be a single point of contact for HSSIs and who possesses the skills, knowledge and experience to resolve incidents in the shortest possible timeframe, and has the authority to convene the relevant experts to meet the objectives of a Multi-Party Intervention;

"Incident" or "Incidents" means an unplanned interruption to any of the Service(s) or a reduction in the quality of such Service(s);

"Individual End User" means an individual recipient accessing any of the Services using the Connecting Party’s products or services which interface with Service(s) as an individual not an organisation;

"Intellectual Property Rights" means: (a) patents, utility models, petty patents, rights in trade secrets and other confidential or undisclosed information (such as inventions (whether patentable or not or know-how), registered designs, database rights, design rights, rights in copyright (including moral rights), semiconductor topography rights, mask work rights, and trademarks: (b) all registrations or applications to register any of the rights referred to in paragraph (a); and (c) all rights in the nature of any of the rights referred to in paragraph (a) including continuations, continuations in part and divisional applications, rights in unfair competition and, without prejudice to anything else in this definition, rights to sue for passing-off and rights having the equivalent or similar effect to, and the right to apply for any of the rights listed in this definition, in any country or jurisdiction;

"Multi-Party Intervention" means a real-time/live collaborative sharing of information using telephone, screen sharing and any other appropriate collaboration technologies, where the objective is to resolve in the shortest possible timescale an Incident caused by or impacting multiple parties accessing the Service(s);

"NHS Code" means the NHS Code of Practice on confidential information, as amended from time to time;

"NHS Constitution" means the NHS Constitution for England as amended from time to time;

"Onboarding Form" means the form completed as part of the digital onboarding process setting out details of the Connecting Party, the Service(s) connected to, the Connecting Party’s use case for the Services and the Connecting Party’s products or services and all information and documents referred to within it;

"Purpose" means the interface of the Connecting Party's product or service with the Service(s) so that the Connecting Party may provide such product or service to the End User Organisation(s), subject to separate terms between such parties, and that is strictly and solely for:

(a)    the purposes of Direct Care; or
(b)    the benefit of the publicly funded health and social care system in England; 

"Requirements" means the requirements as set out in any specifications, policies, guidance and documents outlined on the Services Web Page;

"Service(s)" means each of the selected products and services on the Onboarding Form, which NHS Digital makes available and which the Connecting Party is interfacing with;

"Service Bridge" means the NHS Digital function / team providing support;

"Services Web Page" means NHS Digital's information repository for each of the Service(s) (as may be shown in the Onboarding Form) containing the Requirements, details of Changes and other information relevant to the connection to and receipt of each Service(s), as made available on the NHS Digital website, in particular the API catalogue;

"Working Day" means any day other than a Saturday, Sunday or a public or statutory holiday in England and Wales.

3.2    In this Connection Agreement (unless the context requires otherwise):

(a)    the words "including", "include", "for example", "in particular" and words of similar effect shall not limit the general effect of the words which precede them;
(b)    reference to any agreement, contract, document or deed shall include that document as varied, supplemented or novated from time to time;
(c)    reference to a party shall, upon any assignment or other transfer that is permitted by this Connection Agreement, be construed to include those successors and permitted assigns or transferees;
(d)    words importing persons shall include natural persons, bodies corporate, unincorporated associations and partnerships (whether any of them have separate legal identity);
(e)    words importing the singular shall include the plural and vice versa;
(f)    words importing any one gender shall not exclude other genders;
(g)    the headings are for reference only and shall be ignored when construing this Connection Agreement;
(h)    reference to any legislative provision shall be deemed to include any statutory instrument, by- law, regulation, rule, subordinate or delegated legislation or order and any rules and regulations which are made under it, and any subsequent re- enactment or amendment of the same; and
(i)    references to a clause are references to the clauses in this Connection Agreement.

3.3    If there is any conflict between the terms of this Connection Agreement, the following order of precedence shall apply:

(a)    Bespoke Special Terms;
(b)    the front-end terms of this Connection Agreement;
(c)    all other information contained on the Services Web Pages; and
(d)    the Onboarding Form.

4. Term

The Connection Agreement shall take effect on the earlier of approval of the completed Onboarding Form by NHS Digital or access to any Services by the Connecting Party and shall continue until terminated in accordance with its provisions.

5. Connection criteria and requirements

5.1    In consideration of the provision of the Service(s) by NHS Digital, the Connecting Party shall comply with its obligations as described in this Connection Agreement.

5.2    It is a condition of this Connection Agreement that the Connecting Party shall (and shall procure that all of its contractors, subcontractors and agents shall):

(a)    use the Service(s) for the Purpose only;
(b)    not cause NHS Digital to be in breach of the Health and Social Care Act 2012, NHS Code, DHSC guidance, or other statutory duties governing how NHS Digital may disseminate information; 
(c)    develop and maintain a Connection Method in accordance with the Requirements relevant to the Service(s); and
(d)    ensure that all statements and representations made to NHS Digital in relation to this Connection Agreement and the Service(s) are true, accurate and complete, and remain so throughout the duration of this Connection Agreement.

5.3    The Connecting Party shall remain liable for the act and/or omissions of any third party engaged.

5.4    The Connecting Party shall comply at its own cost with the Requirements, information given in the Onboarding Form and any related requirements of this Connection Agreement. 

5.5    The Connecting Party shall inform NHS Digital of any changes required to the Onboarding Form as soon as it becomes aware (or ought reasonably to be aware) of the same, and shall on an annual basis on the anniversary of this Connection Agreement, confirm to NHS Digital that the Onboarding Form remains true, accurate and complete.

5.6    The Connecting Party accepts that NHS Digital may request evidence of continuing compliance with this Connection Agreement, and may request copies of documentation, design and relevant external certifications, and the Connecting Party shall co-operate, provide all relevant assistance and fulfil such requests within the timescales requested provided the requests and timescales are reasonable.

5.7    Each party shall perform its obligations in relation to this Connection Agreement in accordance with all applicable laws, regulations and official government guidance as may be published from time to time.

6. Restrictions

6.1    To protect the availability of the Service(s) as a shared resource for the delivery of health and social care services in England, where (in its sole discretion) NHS Digital has concerns in respect of the clinical risk, security, information assurance or information governance arrangements of an organisation applying for access or a connection to the Service(s), or NHS Digital’s vires, it reserves the right to:

(a)    modify a Service(s); 
(b)    refuse access to a Service(s);
(c)    restrict or modify access to a Service(s); and/or
(d)    suspend access to a Service(s),
    and where reasonably possible in the circumstances, NHS Digital shall endeavour to give prior notice to the Connecting Party of such action.

6.2    The Connecting Party shall not (and shall ensure that any third parties acting on its behalf shall not) use the Service(s) in a manner that (in NHS Digital's reasonable opinion) constitutes:

(a)    excessive use beyond fair usage volumes and/or a breach of usage policies published by NHS Digital from time to time; 
(b)    a failure to comply or is inconsistent with any reasonable instructions provided by NHS Digital from time to time; and/or 
(c)    a failure to comply with the standards expected of a Connecting Party of clinical IT services in relation to security and/or Clinical Safety Incidents, including but not limited to compliance with DCB0129 (as updated).

6.3    Any person who makes use of the Service(s) does so entirely at their own risk and NHS Digital assumes no duty of care or other legal liability or responsibility to any person who makes use of the Service(s) for any loss or damage suffered by them as a result of such use, nor shall NHS Digital be liable to contribute to or otherwise share in any liability to compensate any third party harmed as a result of the usage of the Service(s).

6.4    The Service(s) are provided on an "as is" and "as available" basis without (to the extent permitted by law) any warranty or representation of any kind either express or implied (including the implied warranties of merchantability and fitness for a particular purpose).

6.5    To the extent permissible by law, NHS Digital shall not be liable for any direct, special, indirect or consequential losses and/or damages nor for any loss (whether direct or indirect) of use, data, business or profits arising out of or in connection with this Connection Agreement, whether such liability arises from any claim based upon contract, warranty, tort (including negligence), strict liability or otherwise, and whether or not NHS Digital has been advised of the possibility of such loss or damage.

6.6    The Connecting Party shall not make any press announcements or publicise this Connection Agreement or its contents in any way without the prior written consent of NHS Digital.

6.7    Each party acknowledges to the other that nothing in this Connection Agreement either expressly or by implication constitutes an endorsement of any products or services of the other party (including the Service(s) and the Connecting Party’s products and services) and each party agrees not to conduct itself in such a way as to imply or express any such approval or endorsement.

7. End user organisations

7.1    Clauses 7.2 to 7.5 do not apply if the Connecting Party has indicated in the Onboarding Form that all users of its products or services are Individual End Users.
7.2 The Connecting Party is fully accountable and responsible for the identification, onboarding and management of all End User Organisations (including for the service, management and delivery of its services), and shall:
(a)    upon request from NHS Digital, provide to NHS Digital the identity and details of all End User Organisations associated with any Service(s) within such reasonable timescales as NHS Digital may request; 
(b)    ensure that all End User Organisations are made aware of the End User Organisation AUP
(c)    ensure that all End User Organisations are provided (upon request) with the Requirements and information contained within the Onboarding Form; and
(d)    if applicable, prior to onboarding any End User Organisation, check that such End User Organisation is registered for the Data Security Protection Toolkit and has a current latest status rating of at least ‘standards met’. 
7.3    In some circumstances an End User Organisation may have a lead role and accordingly: i) be authorised to act for a number of End User Organisations and ii) take responsibility for disseminating the obligations set out in the AUP to the other End User Organisations.  Where this is the case the Connecting Party can meet its obligations pursuant to clauses 7.1(a) and 7.1(b) by meeting them in respect of any such lead End User Organisation.  The Connected Party must meet its obligations pursuant to clauses 7.1(c) and 7.1(d) in respect of each End User Organisation.
7.4    The Connecting Party shall not include any terms in its arrangements with End User Organisations which conflict with this Connection Agreement or the End User Organisation AUP.
7.5    If an End User Organisation does not comply with the End User Organisation AUP, NHS Digital may itself, or may require the Connecting Party to, disconnect the End User Organisation and/or suspend the End User Organisation's access to the Connecting Party’s products or services, or otherwise, to the extent necessary so that the End User Organisation cannot receive the benefit of the Service(s).
7.6    Where Individual End Users access the Connecting Party’s products and services directly the Connecting Party is fully accountable and responsible for delivery of its services to any such Individual End Users.

8. Service management

8.1    The Connecting Party shall reasonably collaborate with NHS Digital and third parties also connecting to the Service(s) to help investigate and resolve Incidents.

8.2    The Connecting Party shall provide a suitable service desk and support model during its documented support hours for the reporting, management, and communication related to Incidents.

8.3    The Connecting Party shall publish an appropriate escalation and complaints process for use by third parties connecting to the same Service(s).

8.4    The Connecting Party shall:

(a)    notify NHS Digital of HSSIs which it becomes aware of, which impact the Service(s), or the integration of those Service(s) and such notification shall include as a minimum the minimum data set as required by NHS Digital; and
(b)    provide NHS Digital with updates on the status of each reported HSSI and such update shall include as a minimum the minimum data set as required by NHS Digital until resolution.

8.5    If NHS Digital defines an Incident as a HSSI, the Connecting Party shall co-operate and engage as required irrespective of its own definition and assessment of the severity of the Incident.

8.6    The Connecting Party may request that NHS Digital convenes a Multi-Party Intervention where, acting reasonably, the Connecting Party determines that it cannot reasonably bring all relevant and necessary parties together to resolve an Incident.

8.7    The Connecting Party shall ensure that a HSSI Manager is available to cover its defined documented support hours. Upon request from the Service(s) Bridge, the Connecting Party's on duty HSSI Manager shall attend and contribute to a Multi-Party Intervention within 30 minutes of notification by the Service(s) Bridge.

8.8    The Connecting Party shall during its documented support hours report all Clinical Safety Incidents that are not defined as HSSI and are deemed to impact the Service(s) within 48 hours of becoming aware of the Clinical Safety Incident. NHS Digital will provide a recommendation to the Connecting Party if it deems that the reported Clinical Safety Incident is not a Clinical Safety Incident.

9. Change management

9.1    If the Connecting Party intends to or does make changes to its products and services and such changes could reasonably be expected to impact the Service(s), the Connecting Party’s use of the Services, any End User Organisations or the Onboarding Form the Connecting Party shall:

(a)    comply with the relevant NHS Digital service management processes and procedures regarding notification of such changes; and
(b)    update the Onboarding Form as necessary such that the same remain true, accurate and complete. 

9.2    NHS Digital is providing standard services to the Connecting Party and, subject to clauses 9.3 to 9.6, NHS Digital may, from time to time, make Changes.

9.3    In the event that a particular Service has a specific change management process to address Changes to the relevant Service, its delivery or to the relevant Requirements such change management process shall be detailed on the specific Services Web Page and shall be complied with by both NHS Digital and the Connecting Party. 

9.4    In the event that a particular Service does not have a specific change management process and in respect of any Changes to the manner of completion or content of the Onboarding Form or to this Connection Agreement NHS Digital will publish to the relevant Services Web Page:

(a)    full details of each Change; and
(b)    an effective date for each Change.

9.5    It is the Connecting Party’s responsibility to monitor the Services Web Pages for details of all Changes.

9.6    NHS Digital’s will follow any notice periods in any specific change management process for any Service and otherwise provide reasonable notice between publication of any Change and its effective date, provided that NHS Digital reserves the right to make urgent Changes in instances where genuine emergency conditions are considered to be appropriate, such as:

(a)    national information, data or cyber security incidents as classified by the appropriate body; and
(b)    inappropriate, incorrect or missing drug or patient safety guidelines/alerts and other clinical safety issues and incidents as determined by an appropriate body.

9.7    From the effective date applicable to any Change:

(a)    such Change shall be in full force and effect and supersede all previous versions; and
(b)    the Connecting Party shall comply with such Change, including making any necessary changes to its products and services and to the Onboarding Form.

9.8    In the period between a Change being published on the Services Web Page and the relevant effective date the Connecting Party may elect to comply with the Change.  

9.9    Any variation, replacement or deletion to: i) any information set out in the Onboarding Form (including Services interfaced with); or iii) any Bespoke Special Term; shall not be binding upon the parties unless it is in writing and agreed by both parties to this Connection Agreement.

10. Licences

10.1    NHS Digital hereby grants to the Connecting Party a non- exclusive, non-transferable, royalty free, revocable licence to connect, access and use the Service(s) and any related information, data or documentation provided by NHS Digital to the Connecting Party for the duration of the Connection Agreement, for the Purpose only. On termination or expiry of this licence, the Connecting Party shall comply with NHS Digital’s instructions in relation to the destruction or return of any such materials.

10.2    The Connecting Party hereby grants to NHS Digital a non-exclusive, transferable, royalty free, irrevocable, perpetual licence to use any information, data or documentation provided in relation to this Connection Agreement and/or the Service(s) by the Connecting Party to NHS Digital.

11. Intellectual property rights

11.1    All Intellectual Property Rights created and developed by NHS Digital which subsist or are used in, or in connection with, the Service(s) and Services Web Page will be the absolute property of and will vest and remain vested in NHS Digital. The Connecting Party acknowledges and accepts that NHS Digital publishes standard APIs for connecting to its Service(s) and that there are limited methods to meet the API requirements and as such, the intellectual property rights relating to such methods will not vest solely with the Connecting Party.

11.2    The Connecting Party shall not use NHS Digital’s name, logo or brand, or any other NHS names, logos or branding without the prior written consent of the relevant owner, and in each case, only as permitted by the NHS identity guidelines.

12. Security and data privacy

12.1    The Connecting Party shall, as applicable to the nature of its products or services:

(a)    comply with its obligations under the Data Protection Laws and with the terms of any agreement relating to its Processing of Personal Data that it has entered into with the relevant End User Organisation(s); and
(b)    register for the Data Security Protection Toolkit and maintain a current latest status rating of at least ‘standards met’. 

12.2    The Connecting Party must, when integrating with the Service(s), exercise security measures (including up-to-date anti-virus software) as would reasonably and ordinarily be expected from a skilled and experienced person or body engaged in a similar undertaking in the same or similar circumstances and exercising a degree of skill and care, diligence, prudence and foresight.

12.3    The Connecting Party must notify NHS Digital if it becomes aware of any actual or possible security issues associated with the Service(s).

12.4    The Connecting Party must not integrate with the Service(s):

(a)    in a way that could damage, disable, overburden, impair or compromise NHS Digital’s systems, Service(s), or security or interfere with other users; or
(b)    to knowingly transmit any data, send or upload any material designed to adversely affect the operation of any computer software or hardware.

13. Confidentiality

13.1    This Connection Agreement is not confidential and does not contain any Confidential Information.   The fact that the Connecting Party has entered into this Connection Agreement and that it is using the Services is not Confidential Information, and accordingly NHS Digital may publish the names and a brief description of the Connecting Party and its products and services which are using the Services.

13.2    Subject to the provisions as set out in this paragraph 13, each party may however give Confidential Information to the other party and in such cases, subject to other provisions in this Connection Agreement, all Confidential Information given by one party to the other, or otherwise obtained or developed by one party relating to the other, shall be kept secret and confidential by the receiving party for the duration of this Connection Agreement plus 3 years following its termination or expiry and shall not be used or disclosed without the prior written consent of the other party other than for the purposes of the proper performance of this Connection Agreement.

13.3    The obligations of confidentiality in this clause 13 shall not extend to any matter which the receiving party can show:

(a)    is in, or has become part of, the public domain other than as a result of a breach of the obligations of confidentiality under this Connection Agreement;
(b)    was independently disclosed to it by a third party entitled to disclose the same; or
(c)    is required to be disclosed under any applicable law, or by order of a court or governmental body or authority of competent jurisdiction.

13.4    For the avoidance of doubt, NHS Digital may disclose the Connecting Party’s Confidential Information:

(a)    to the Department of Health and Social Care, NHS England, and to any other commissioners of Direct Care and/or any health or social care body or organisation whose remit relates to Direct Care;
(b)    to any central government body;
(c)    to the UK Parliament, Scottish Parliament or Welsh or Northern Ireland Assemblies, including their committees;
(d)    if NHS Digital (acting reasonably) deems disclosure necessary or appropriate while carrying out its public functions;
(e)    on a confidential basis to exercise its rights or comply with its obligations under this Connection Agreement; and/or
(f)    on a confidential basis to a proposed transferee, assignee or novate of, or successor in title to, NHS Digital.

13.5    References to disclosure ‘on a confidential basis’ will mean disclosure subject to a confidentiality agreement or arrangement containing the same obligations as those placed on NHS Digital.

13.6    The reference in this clause 13 to central government bodies shall include the following sub-categories of the Central Government classification of the Public Sector Classification Guide, as published and amended from time to time by the Office for National Statistics:

(a)    Government Department;
(b)    Non-Departmental Public Body or Assembly Sponsored Public Body (advisory, executive, or tribunal);
(c)    Non-Ministerial Department; and
(d)    Executive Agency.

13.7    In relation to NHS Digital's obligations under the Freedom of Information Act 2000 and/or Central Government transparency requirements, the Connecting Party hereby gives its consent for NHS Digital to: (i) publish to the general public; and/or (ii) disclose to a specific requester or requesters, the Confidential Information. NHS Digital shall, prior to publication, take reasonable steps to consult with the Connecting Party on the manner and format of publication and to inform the Connecting Party of its decision regarding any redactions but NHS Digital shall have the final decision in its absolute discretion and the Connecting Party acknowledges that NHS Digital may be required to disclose Confidential Information without consulting the Connecting Party.

14. Remediation

14.1    Where the Connecting Party fails to meet the Requirements and/or is otherwise in breach of its obligations under this Connection Agreement, then the Connecting Party shall agree a remediation plan with NHS Digital in reasonable timescales and will provide evidence of the actions taken as part of the remediation plan at specified points during the period agreed for implementation of the remediation plan.

14.2    Unless otherwise agreed, the period for implementation of the remediation plan shall be 30 days. 

15. Termination

15.1    If the Connecting Party is in breach of obligations under this Connection Agreement then NHS Digital shall be entitled to require a remediation plan as described in clause 14 and/or suspend the Connecting Party’s ability to on board new End User Organisations and/or suspend access to the Service(s) and/or terminate any or all of the Service(s) and/or terminate this Connection Agreement.

15.2    NHS Digital reserves the right to inform the Connecting Party's End User Organisations of the pending suspension and termination.

15.3    NHS Digital may, on 30 days written notice to the Connecting Party terminate this Connection Agreement and the Connecting Party’s access or integration with the Service(s).

15.4    Subject to complying with clause 15.5, the Connecting Party may terminate this Connection Agreement and its access or integration with the Service(s):

(a)    on written notice to NHS Digital with effect from the date any Change comes into full force and effect in accordance with clause 9; or
(b)    at any time on 30 days written notice to NHS Digital.

15.5    The Connecting Party shall comply with any exit or offboarding requirements as NHS Digital may reasonably specify.

15.6    The termination or expiry of this Connection Agreement shall not affect any provision of the Connection Agreement which is expressly or by implication intended to come into or remain in effect on or after termination or expiry. The suspension or termination of a Service(s) shall not affect the continuation of other Services to the Connecting Party if NHS Digital deems this to be appropriate.

16. Notices

All notices given by one party to the other under this Connection Agreement shall be in writing and sent to the following email addresses or such further email address as the relevant party shall nominate from time to time:

Connecting Party: the email address given on the Onboarding Form;

NHS Digital: [email protected]

17. Dispute resolution

17.1    If a Dispute arises out of or in connection with this Connection Agreement, then the matter shall be escalated to authorised senior officers. If the escalation to authorised senior officers does not resolve the Dispute within 5 Working Days, then either party shall give to the other written notice of the Dispute, setting out its nature, together with supporting documentation and shall attempt in good faith to resolve the Dispute.

17.2    Nothing shall prevent either party from seeking urgent injunctive relief from the courts nor from following alternative dispute resolution such as mediation or expert determination to resolve a Dispute if the parties agree and/or if it is prescribed in the Requirements as a process for Dispute resolution for the relevant Service(s).

18. Relationship of the parties

18.1    Nothing in this Connection Agreement is intended to create a partnership, joint venture or legal relationship of any kind between the parties that would impose liability upon one party for the act or failure to act of the other party, or to authorise party to act as agent for the other.

19. Waiver and cumulative remedies

19.1    No failure or delay by either party to exercise any right or remedy existing under, or in connection with, this Connection Agreement (collectively, any "action") will act as a waiver, or otherwise prejudice or restrict the rights of that party, in relation to that action or any other contemporaneous or future action.

19.2    The rights and remedies arising under, or in connection with, this Connection Agreement are cumulative and, except where otherwise expressly provided in this Connection Agreement, do not exclude rights and remedies provided by law or otherwise.

20. Third parties

20.1    A person who is not NHS Digital or the Connecting Party shall have no right under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of this Connection Agreement. This clause does not affect any right or remedy of any person which exists, or is available, other than pursuant to that Act.

20.2    The rights of the parties to rescind or vary this Connection Agreement are not subject to the consent of any other person or entity.

21. Severance

21.1    If any provision of this Connection Agreement is or becomes illegal, invalid or unenforceable in any respect, it shall not affect or impair the legality, validity or enforceability of any other provision of this Connection Agreement.

21.2    If any illegal, invalid or unenforceable provision would be legal, valid or enforceable if some part of it were deleted, such provision shall apply with the minimum modification(s) necessary to make it legal, valid or enforceable.

22. Assignment and novation

NHS Digital may at its discretion assign, novate or otherwise dispose of any or all of its rights, obligations and liabilities under this Connection Agreement to:

(a)    any central government or NHS body or other body established by the Crown or under statute in order substantially to perform any of the functions that had previously been performed by NHS Digital; or
(b)    any body which substantially performs the functions of NHS Digital;

and the Connecting Party shall, at NHS Digital’s request, enter into a novation agreement in such form as NHS Digital shall reasonably specify in order to enable NHS Digital to exercise its rights pursuant to this paragraph 22.

23. Entire agreement

23.1    This Connection Agreement constitutes the entire understanding between the parties relating to the Service(s) and supersedes and cancels all prior written and oral agreements, connection agreements (including any previously agreed Bespoke Special Terms) and understandings with respect to the subject matter of this Connection Agreement.

23.2    Nothing in this Connection Agreement shall restrict or exclude any party's liability for (or remedy in respect of) fraud or fraudulent misrepresentation.

24. Governing law and jurisdiction

This Connection Agreement and any Dispute or non- contractual obligation arising out of or in connection with it shall be governed by and construed in accordance with the laws of England and Wales. Subject to section 9 of the NHS Act 2006, each party hereby submits to the exclusive jurisdiction of the courts of England over any Dispute arising out of or in connection with this Connection Agreement.

Last edited: 10 August 2022 9:36 am