When data is used for purposes beyond individual care and treatment it is normally anonymised, which means that information that identifies an individual patient has been removed or pseudonymised. A pseudonym is a unique identifier which does not reveal the patient’s ‘real world’ identity.
The intent of anonymisation is to turn data into a form which does not directly identify individuals and where re-identification is not likely to take place.
If the anonymisation is carried out so that it meets the requirements of the Information Commissioner’s Office (ICO)’s anonymisation code of practice then the information will no longer be considered to be confidential patient information, and so the national data opt-out policy would not apply.
The ICO's code covers a range of types of anonymised data from aggregate data through to de-identified individual-level data and sets out how this can meet the legal tests required under the Data Protection Act (DPA) when considering the risk of identification of an individual.
You should make sure you're compliant with the latest guidance on anonymisation before you decide whether national data opt-outs need to be applied or not.
It's important to understand that data cannot be anonymised simply by removing the NHS number or other demographic details, as there is still a risk of the data being re-identified when compared with other data sets.
Further information about anonymisation can found at: www.understandingpatientdata.org.uk/what-does-anonymised-mean