Data Sharing Audits

We carry out independent audits and where necessary post audit reviews to check that our customers are meeting the obligations in their Data Sharing Framework Contracts and Data Sharing Agreements. This helps to ensure that organisations abide by the terms and conditions set by NHS Digital and data is kept safe and secure.

To assist the data recipient with the audit process NHS Digital has produced an Audit Guide and an Action Plan template. Audits undertaken between October 2016 and December 2017 were against Version 1 of the Audit Guide. Audits conducted from 1 January 2018 will be against Version 2 of the Audit Guide.

Each audit and post audit review carried out results in the publication of a formal audit report. From April 2016, audit reports are being published on monthly basis and are scheduled to appear every third Thursday. Note the style of the audit report varies according to version of the Audit Guide the audit was conducted against.

Data Sharing Post Audit Review – PHIN

Data Sharing Agreement Audit – Device Access UK Ltd

Data Sharing Post Audit Review – University of Oxford

Data Sharing Post Audit Review – Cheshire West and Chester Council

Data Sharing Agreement Audit – Ernst Young LLP

Data Sharing Agreement Audit – Cancer Research UK Clinical Trials Unit

Data Sharing Agreement Audit – London Borough of Merton Council 

Data Sharing Post Audit Review - Portsmouth CCG

Data Sharing Agreement Audit - University of Liverpool

Data Sharing Agreement Audit - Civil Eyes Research Ltd

Data Sharing Agreement Audit - Gateshead Metropolitan Borough Council

Data Sharing Agreement Audit - Northumberland, Tyne and Wear NHS Foundation Trust

Data Sharing Post Audit Review - NEW Devon CCG

Data Sharing Post Audit Review - Leeds Teaching Hospitals Trust

Data Sharing Post Audit Review - Competition and Markets Authority

Data Sharing Post Audit Review - University of Manchester - February 2018

Data Sharing Agreement Audit - City of York Council

Data Sharing Agreement Audit - Cambridgeshire County Council

Data Sharing Agreement Audit - London Borough of Enfield

Data Sharing Post Audit Review - Moorfields Eye Hospital

Data Sharing Post Audit Review - University of Leeds

Data Sharing Agreement Audit - Northamptonshire County Council

Data Sharing Agreement Audit - University of Oxford

Data Sharing Post Audit Review - New Devon CCG

Data Sharing Post Audit Review - SCW CSU

Data Sharing Agreement Audit - Arden GEM

Data Sharing Agreement Audit - Cheshire West Council

Data Sharing Agreement Audit - Derby NHS FT

Data Sharing Agreement Audit - Moorfields Eye Hospital

Data Sharing Agreement Audit - Pathway Communications

Data Sharing Post Audit Review - CRAB Clinical Informatics

Data Sharing Post Audit Review - Royal Liverpool

Data Sharing Post Audit Review - University College London

Data Sharing Post Audit Review - University of Bristol

Data Sharing Agreement Audit - University of Manchester - August 2017

Data Sharing Agreement Audit - Nottinghamshire County Council

Data Sharing Agreement Audit - South, Central and West CSU

Data Sharing Agreement Audit - Portsmouth CCG

Data Sharing Agreement Audit - Fareham and Gosport CCG

Data Sharing Agreement Audit - South Eastern Hampshire CCG

Data Sharing Agreement Audit - University of York

Data Sharing Post Audit Review - South Gloucester CCG

Data Sharing Post Audit Review - Bristol CCG

Data Sharing Post Audit Review - Kings College, London

Data Sharing Post Audit Review - North Somerset CCG

Data Sharing Post Audit Review - Birmingham City Council

Data Sharing Post Audit Review - Lightfoot Solutions - August 2017

Data Sharing Agreement Audit - Kent County Council

Data Sharing Agreement Audit - Leeds Teaching Hospitals

Data Sharing Agreement Audit - University College London

Data Sharing Agreement Audit - Staffordshire County Council

Data Sharing Post Audit Review - University of Leicester

Data Sharing Post Audit Review - Lincolnshire County Council

Data Sharing Agreement Audit - Harvey Walsh

Data Sharing Agreement Audit - Competition and Markets Authority

Data Sharing Agreement Audit - FTI Consulting

Data Sharing Agreement Audit - New Devon CCG

Data Sharing Agreement Audit - Oxford AHSN

Data Sharing Agreement Audit - Somerset CCG

Data Sharing Agreement Audit - Newcastle upon Tyne Hospitals NHS Foundation Trust

Data Sharing Agreement Audit - RSR

Data Sharing Agreement Audit - University of Bristol

Data Sharing Agreement Audit - CRAB Clinical Informatics

Data Sharing Agreement Audit - Cheshire East Council

Data Sharing Agreement Audit - Birmingham MDS

Data Sharing Post Audit Review - Nuffield Trust

Data Sharing Post Audit Review - East and North Hertfordshire

Data Sharing Agreement Audit - North Somerset CCG

Data Sharing Agreement Audit - Birmingham City Council

Data Sharing Post Audit Review - McKinsey & Company

Data Sharing Post Audit Review - Lightfoot Solutions - December 2016

Data Sharing Agreement Audit - South Gloucester CCG

Data Sharing Agreement Audit - NHS South Central and West CSU

Data Sharing Agreement Audit - Bristol CCG

Data Sharing Agreement Audit - Lincolnshire County Council

Data Sharing Agreement Audit - PHIN

Data Sharing Post Audit Report - Barts

Data Sharing Agreement Audit - McKinsey

Data Sharing Agreement Audit - Health IQ

Data Sharing Post Audit Report - AQuA

Data Sharing Post Audit Report - Birmingham Clinical Trials Unit

Data Sharing Post Audit Report - University of Nottingham

Data Sharing Agreement Audit - Lightfoot Solutions - July 2016

Data Sharing Post Audit Report - Cegedim Strategic Medical Research

Data Sharing Post Audit Report - CHKS

Data Sharing Post Audit Report - Clarity Informatics

Data Sharing Agreement Audit - East and North Hertfordshire

Data Sharing Agreement Audit - University of Leicester

Data Sharing Agreement Audit - BUPA Healthcare Services Limited

Data Sharing Agreement Audit - Methods

Data Sharing Agreement Audit - Royal Liverpool and Broadgreen University Hospitals NHS Trust

Data Sharing Agreement Audit - Derby Hospital NHS Trust

Data Sharing Agreement Audit - Leeds City Council

Data Sharing Agreement Audit - Clarity Informatics

Data Sharing Agreement Audit - Kings College London

Data Sharing Agreement Audit - University of Manchester - April 2016

Data Sharing Agreement Audit - Cegedim Strategic Medical Research Ltd

Data Sharing Agreement Audit - Aintree University Hospitals

Data Sharing Agreement Audit - AQuA

Data Sharing Agreement Audit - University of Nottingham

Data Sharing Agreement Audit - Barts Health NHS Trust

Data Sharing Agreement Audit - Bedford CCG

Data Sharing Agreement Audit - Birmingham Clinical Trials Unit

Data Sharing Agreement Audit - CHKS

Data Sharing Agreement Audit - Medeanalytics

Data Sharing Agreement Audit - University of Sheffield

Data Sharing Agreement Audit - Nuffield Trust

Data Sharing Agreement Audit - North Yorkshire and Humber CSU

Data Sharing Agreement Audit - University of Leeds

Data Sharing Agreement Audit - West Herts

Data Sharing Post Audit Report - Dr Foster

Data Sharing Agreement Audit - Beacon Consulting

Data Sharing Agreement Audit - Dr Foster Intelligence

Data Sharing Post Audit Report - Methods Consulting

Data Sharing Post Audit Report - NHiS

Data Sharing Post Audit Report - University Hospitals Birmingham

We published the first set of reports in January 2015.

Audit Report - Methods Consulting

Audit Report - NHiS

Audit Report - PA Consulting Services

Audit Report - University Hospitals Birmingham

We are using the information from these audits to improve the processes we use to keep data safe.