We have detected that you are using Internet Explorer to visit this website. Internet Explorer is now being phased out by Microsoft. As a result, NHS Digital no longer supports any version of Internet Explorer for our web-based products, as it involves considerable extra effort and expense, which cannot be justified from public funds. Some features on this site will not work. You should use a modern browser such as Edge, Chrome, Firefox, or Safari. If you have difficulty installing or accessing a different browser, contact your IT support team.
8. Applying the national data opt-out
-
Previous chapter: Policy considerations for specific organisations or purposes
-
Current chapter – 8. Applying the national data opt-out View all chapters
Summary
Health and care organisations are required to apply national data opt-outs in line with this policy with all organisations achieving compliance by March 2020.
NHS Digital has developed a technical service which enables health and adult social care organisations to check if their patients have a national data opt-out in order to enable them to comply with this policy.
This service can be used in two ways:
- organisations can submit a list of NHS numbers that they need to disclose and the service looks these up against the central repository of national data opt-outs. It returns a “cleaned list” of those that do not have a national data opt-out i.e. it removes the NHS numbers for those with a national data opt-out. This is most suitable for one-off and infrequent disclosures of data.
- organisations can submit the NHS numbers for all patients with whom they have a legitimate relationship and then store temporarily the list of patients who do not have an opt-out at the current time and whose data they may be able to disclose. (Organisations would still need to have the appropriate legal basis for any such disclosures. This must not be interpreted as, or confused with, a patient’s explicit consent to the sharing of their data.) There are a number of policy rules around the storage and use of this “temporary cache” of data which are set out below. This is most suitable for large scale and frequent disclosures of data.
More information on accessing the service, guidance and the timetable for the implementation of the national data opt-out through to March 2020 is provided on the National Data Opt-out webpages. There is also a forthcoming Information Standard on Compliance with the National Data Opt-out which will set out the requirements to achieve compliance and signposts to further technical and implementation guidance.
The policy rules for applying national data opt-outs are set out below.
Publication chapters
- National data opt-out operational policy guidance document
- 1: Introduction
- 2: What are national data opt-outs?
- 3. Setting an opt-out
- 4. Which organisations does the opt-out apply to?
- 5. When does a national data opt-out apply?
- 6. When does a national data opt-out not apply?
- 7. Policy considerations for specific organisations or purposes
-
8. Applying the national data opt-out
- 9. Analysis of national data opt-outs
- 10. Compliance with the national data opt-out
- 11. Further information
- Appendix 1: Abbreviations
- Appendix 2: Definitions
- Appendix 3: Rationale and supporting information
- Appendix 4:Changes to NHS number
- Appendix 5: Information required by law or court order
- Appendix 6: Confidential Patient Information (CPI) definition
- Appendix 7: External review of the national data opt-out policy