We have detected that you are using Internet Explorer to visit this website. Internet Explorer is now being phased out by Microsoft. As a result, NHS Digital no longer supports any version of Internet Explorer for our web-based products, as it involves considerable extra effort and expense, which cannot be justified from public funds. Some features on this site will not work. You should use a modern browser such as Edge, Chrome, Firefox, or Safari. If you have difficulty installing or accessing a different browser, contact your IT support team.
This standard is part of a series of guidance documents to support the various stages of a DARS application.
This section of the application shall provide detail on:
Any flow of data into NHS Digital additionally identifying special categories of personal data such as health data.
Any flow of data out of NHS Digital additionally identifying special categories of personal data such as health data.
Any subsequent flows of data
Data flows should include detail of the level of data flowing at each stage
Which organisation(s) is/are processing which data at each stage (or providing a data flow diagram)
How the data is being processed at each stage/what is being done with the data to achieve the stated purpose
Details of any data linkages, or confirmation that data is not linked
Where linkage is permitted, an explanation of what steps are taken to mitigate any risk of reidentification outside of what is permitted by the DSA. Where multiple linkages are permitted the steps taken to mitigate the risk of reidentification should be set out for each stage/linkage.
Where data is being matched to publicly available data, an explanation of what steps are taken to mitigate any risk of reidentification outside of what is permitted by the DSA. This does not extend to data made public by the data subject for example via social media.
Where applicable, confirmation that there will be no requirement/attempt to re-identify individuals
Confirmation that data processing is only carried out by substantive employees of the data processor(s) and or data controller(s) who have been appropriately trained in data protection and confidentiality.
Where data processing is not carried out by substantive employees of the data processor(s) / data controller(s) detail of what contractual arrangements are in place to protect the data which include training in data protection and confidentiality.
Detail of how the data is being accessed by anyone accessing the data (secure environment/system access/remote access etc)
Where data is stored at premises which are owned by an organisation who is not named in the agreement, the storage arrangements must be explained e.g. the data is stored at X premises. All data stored at organisation X’s premises is held on servers owned/managed by organisation Y (who must be named in the agreement). Organisation X are not able to access the data or servers holding the data.
Any special conditions which should be made transparent to the public, should appear in this section (until such time as Special Conditions is published in the data release register). N.B. This does not include inaccessible/detailed conditions, such as small number suppression rules, which should be recorded in the Special Conditions section only.