Data Sharing Audits

We carry out independent audits and where necessary post audit reviews to check that our customers are meeting the obligations in their Data Sharing Framework Contracts and Data Sharing Agreements. This helps to ensure that organisations abide by the terms and conditions set by NHS Digital and data is kept safe and secure.

Page contents

To assist the data recipient with the audit process NHS Digital has produced an Audit Guide and an Action Plan template. Audits undertaken between October 2016 and December 2017 were against Version 1 of the Audit Guide. Audits conducted from 1 January 2018 will be against Version 2 of the Audit Guide.

Each audit and post audit review carried out results in the publication of a formal audit report. From April 2016, audit reports are being published on monthly basis and are scheduled to appear every third Thursday. Note the style of the audit report varies according to version of the Audit Guide the audit was conducted against.

August 2019

Data Sharing Agreement Audit – University of Cambridge (MRC)
Data Sharing Agreement Audit – University of Leeds (CTRU)
Data Sharing Agreement Audit – East Staffordshire CCG
Data Sharing Post Audit Review – London Borough of Merton

July 2019

Data Sharing Agreement Audit - Cardiff University
Data Sharing Post Audit Review – Derby Teaching Hospital NHS Foundation Trust

June 2019

Data Sharing Agreement Audit - University of Dundee

Data Sharing Post Audit Review - Kent County Council

May 2019

Data Sharing Agreement Audit - University of Bristol

Data Sharing Agreement Audit - The Nuffield Trust

Data Sharing Post Audit Review – Cheshire East Council

April 2019

Data Sharing Post Audit Review – Northamptonshire County Council

Data Sharing Post Audit Review – Civil Eyes Research Ltd

March 2019

Data Sharing Agreement Audit - CHKS
Data Sharing Agreement Audit - Department for Transport
Data Sharing Post Audit Review - University of Liverpool
Data Sharing Post Audit Review - Royal Liverpool and Broadgreen University Hospitals NHS Trust
Data Sharing Post Audit Review - Staffordshire County Council
Data Sharing Post Audit Review - Oxford AHSN

February 2019

Data Sharing Agreement Audit - Meditrends
Data Sharing Agreement Audit - Barts Health Trust
Data Sharing Post Audit Review - CRCTU
Data Sharing Post Audit Review - City of York Council
Data Sharing Post Audit Review - Birmingham MDS
Data Sharing Post Audit Review - Newcastle NHS Trust

January 2019

Data Sharing Agreement Audit - IQVIA
Data Sharing Agreement Audit - LSHTM
Data Sharing Post Audit Review - Cambridgeshire County Council
Data Sharing Post Audit Review - Northumberland NHS Trust
Data Sharing Post Audit Review - Fareham & Gosport CCG
Data Sharing Post Audit Review - SE Hampshire CCG
Data Sharing Post Audit Review – Gateshead Metropolitan Brough Council

November 2018

Data Sharing Agreement Audit - Oliver Wyman Limited
Data Sharing Agreement Audit - Neil Wilson Associates LLP
Data Sharing Agreement Audit - Rod Gibson Associates Limited
Data Sharing Agreement Audit - HQIP
Data Sharing Agreement Audit - Wakefield Council
Data Sharing Post Audit Review - London Brough of Enfield

October 2018

Data Sharing Agreement Audit – CPRD

September 2018

Data Sharing Post Audit Review – PHIN

August 2018

Data Sharing Agreement Audit – Device Access UK Ltd

Data Sharing Post Audit Review – University of Oxford

Data Sharing Post Audit Review – Cheshire West and Chester Council

July 2018

Data Sharing Agreement Audit – Ernst Young LLP

Data Sharing Agreement Audit – Cancer Research UK Clinical Trials Unit

Data Sharing Agreement Audit – London Borough of Merton Council

Data Sharing Post Audit Review - Portsmouth CCG

April 2018

Data Sharing Agreement Audit - University of Liverpool

Data Sharing Agreement Audit - Civil Eyes Research Ltd

Data Sharing Agreement Audit - Gateshead Metropolitan Borough Council

February 2018

Data Sharing Agreement Audit - Northumberland, Tyne and Wear NHS Foundation Trust

Data Sharing Post Audit Review - NEW Devon CCG

Data Sharing Post Audit Review - Leeds Teaching Hospitals Trust

Data Sharing Post Audit Review - Competition and Markets Authority

Data Sharing Post Audit Review - University of Manchester - February 2018

January 2018

Data Sharing Agreement Audit - City of York Council

Data Sharing Agreement Audit - Cambridgeshire County Council

Data Sharing Agreement Audit - London Borough of Enfield

Data Sharing Post Audit Review - Moorfields Eye Hospital

Data Sharing Post Audit Review - University of Leeds

November 2017

Data Sharing Agreement Audit - Northamptonshire County Council

Data Sharing Agreement Audit - University of Oxford

Data Sharing Post Audit Review - New Devon CCG

Data Sharing Post Audit Review - SCW CSU

October 2017

Data Sharing Agreement Audit - Arden GEM

Data Sharing Agreement Audit - Cheshire West Council

Data Sharing Agreement Audit - Derby NHS FT

Data Sharing Agreement Audit - Moorfields Eye Hospital

Data Sharing Agreement Audit - Pathway Communications

Data Sharing Post Audit Review - CRAB Clinical Informatics

Data Sharing Post Audit Review - Royal Liverpool

Data Sharing Post Audit Review - University College London

Data Sharing Post Audit Review - University of Bristol

August 2017

Data Sharing Agreement Audit - University of Manchester - August 2017

Data Sharing Agreement Audit - Nottinghamshire County Council

Data Sharing Agreement Audit - South, Central and West CSU

Data Sharing Agreement Audit - Portsmouth CCG

Data Sharing Agreement Audit - Fareham and Gosport CCG

Data Sharing Agreement Audit - South Eastern Hampshire CCG

Data Sharing Agreement Audit - University of York

Data Sharing Post Audit Review - South Gloucester CCG

Data Sharing Post Audit Review - Bristol CCG

Data Sharing Post Audit Review - Kings College, London

Data Sharing Post Audit Review - North Somerset CCG

Data Sharing Post Audit Review - Birmingham City Council

Data Sharing Post Audit Review - Lightfoot Solutions - August 2017

July 2017

Data Sharing Agreement Audit - Kent County Council

Data Sharing Agreement Audit - Leeds Teaching Hospitals

Data Sharing Agreement Audit - University College London

Data Sharing Agreement Audit - Staffordshire County Council

Data Sharing Post Audit Review - University of Leicester

Data Sharing Post Audit Review - Lincolnshire County Council

April 2017

Data Sharing Agreement Audit - Harvey Walsh

Data Sharing Agreement Audit - Competition and Markets Authority

Data Sharing Agreement Audit - FTI Consulting

Data Sharing Agreement Audit - New Devon CCG

Data Sharing Agreement Audit - Oxford AHSN

March 2017

Data Sharing Agreement Audit - Somerset CCG

Data Sharing Agreement Audit - Newcastle upon Tyne Hospitals NHS Foundation Trust

January 2017

Data Sharing Agreement Audit - RSR

Data Sharing Agreement Audit - University of Bristol

February 2017

Data Sharing Agreement Audit - CRAB Clinical Informatics

Data Sharing Agreement Audit - Cheshire East Council

Data Sharing Agreement Audit - Birmingham MDS

Data Sharing Post Audit Review - Nuffield Trust

Data Sharing Post Audit Review - East and North Hertfordshire

December 2016

Data Sharing Agreement Audit - North Somerset CCG

Data Sharing Agreement Audit - Birmingham City Council

Data Sharing Post Audit Review - McKinsey & Company

Data Sharing Post Audit Review - Lightfoot Solutions - December 2016

November 2016

Data Sharing Agreement Audit - South Gloucester CCG

Data Sharing Agreement Audit - NHS South Central and West CSU

Data Sharing Agreement Audit - Bristol CCG

October 2016

Data Sharing Agreement Audit - Lincolnshire County Council

Data Sharing Agreement Audit - PHIN

September 2016

Data Sharing Post Audit Report - Barts

August 2016

Data Sharing Agreement Audit - McKinsey

Data Sharing Agreement Audit - Health IQ

Data Sharing Post Audit Report - AQuA

Data Sharing Post Audit Report - Birmingham Clinical Trials Unit

Data Sharing Post Audit Report - University of Nottingham

July 2016

Data Sharing Agreement Audit - Lightfoot Solutions - July 2016

Data Sharing Post Audit Report - Cegedim Strategic Medical Research

Data Sharing Post Audit Report - CHKS

Data Sharing Post Audit Report - Clarity Informatics

May 2016

Data Sharing Agreement Audit - East and North Hertfordshire

Data Sharing Agreement Audit - University of Leicester

Data Sharing Agreement Audit - BUPA Healthcare Services Limited

Data Sharing Agreement Audit - Methods

Data Sharing Agreement Audit - Royal Liverpool and Broadgreen University Hospitals NHS Trust

April 2016

Data Sharing Agreement Audit - Derby Hospital NHS Trust

Data Sharing Agreement Audit - Leeds City Council

Data Sharing Agreement Audit - Clarity Informatics

Data Sharing Agreement Audit - Kings College London

Data Sharing Agreement Audit - University of Manchester - April 2016

Data Sharing Agreement Audit - Cegedim Strategic Medical Research Ltd

Data Sharing Agreement Audit - Aintree University Hospitals

Data Sharing Agreement Audit - AQuA

Data Sharing Agreement Audit - University of Nottingham

Data Sharing Agreement Audit - Barts Health NHS Trust

February 2016

Data Sharing Agreement Audit - Bedford CCG

Data Sharing Agreement Audit - Birmingham Clinical Trials Unit

Data Sharing Agreement Audit - CHKS

Data Sharing Agreement Audit - Medeanalytics

Data Sharing Agreement Audit - University of Sheffield

November 2015

Data Sharing Agreement Audit - Nuffield Trust

Data Sharing Agreement Audit - North Yorkshire and Humber CSU

Data Sharing Agreement Audit - University of Leeds

Data Sharing Agreement Audit - West Herts

Data Sharing Post Audit Report - Dr Foster

July 2015

Data Sharing Agreement Audit - Beacon Consulting

Data Sharing Agreement Audit - Dr Foster Intelligence

Data Sharing Post Audit Report - Methods Consulting

Data Sharing Post Audit Report - NHiS

Data Sharing Post Audit Report - University Hospitals Birmingham

January 2015

We published the first set of reports in January 2015.

Audit Report - Methods Consulting

Audit Report - NHiS

Audit Report - PA Consulting Services

Audit Report - University Hospitals Birmingham

We are using the information from these audits to improve the processes we use to keep data safe.

Last edited: 30 August 2019 2:11 pm