The national data opt-out policy allows organisations to submit the list of NHS numbers for their entire cohorts of patients to the service and then cache the resulting ‘cleaned’ list for a limited time period. This is so that this cached list can then be applied to data disclosures for this limited time period. For example, an organisation may choose to submit the list of NHS numbers for their entire cohort of patients to the service each Sunday evening in order to minimise the impact on their technical infrastructure. However, the terms of this licence agreement impose restrictions on this cached data:
- the entire cohort of patients must include all patients that may appear in data disclosures, i.e. all existing patients, historical patients and deceased patients
- the maximum time period that the cached data may be retained is a calendar week from the point at which it was obtained from the service. In the event of system failures that prevent the cached data being updated as expected, you must ensure that the existing cached data does not continue to be used such that the national data opt-out fair processing window is exceeded, as defined in the operational policy guidance.
- the superseded cached data must not be retained in the ‘live’ system when the cached data is replaced at the prescribed interval of a calendar week. However it is permissible to retain the superseded cached data in order to ensure that national data opt-outs have been applied as expected
- if it is necessary to restore data from a backup, the cached data must be replaced once the restore is complete if the cache is older than the prescribed limit of a calendar week
- the cached data may be disclosed where there is a legal or statutory reason for the disclosure (for example in response to a Subject Access Request from a patient)
- where a data disclosure includes patients (for example new patients) who were not part of the original cohort on which the cache was based, the opt-out preference for these patients must be checked before inclusion in any data disclosure