The deadline for health and care organisations to comply with national data opt-out policy is currently the end of September 2020. The deadline was extended to enable health and care organisations to focus their resources on the coronavirus (COVID-19) outbreak. It may be reviewed again. This requirement is supported by Information Standard: DCB3058: Compliance with National Data Opt-outs.
To comply with national data opt-out policy, you need to put procedures in place to review uses or disclosures of confidential patient information against the operational policy guidance.
See our guidance overview of the national data opt-out policy to help you understand how it works and which data uses, or disclosures, are in scope.
If current uses or disclosures should have national data opt-outs applied, you need to:
- implement the technical solution to enable you to check lists of NHS numbers against those with national data opt-outs registered
- have a process in place, when you get the results back, to ensure that you only use or disclose information for the returned list of NHS numbers, as any with national data opt-outs registered will have been removed
If you have no uses or disclosures which need to have national data opt-outs applied, you must still put procedures in place to assess future uses or disclosures against the national data opt-out operational policy guidance, and can choose to either:
- implement the technical solution in readiness, or
- be ready to implement it if needed for future data uses or disclosures