Compliance and governance requirements
The rules, standards and legal requirements for using this service.
Overview
This section explains the rules and requirements that apply when using this service.
These ensure that information is handled safely, securely and in line with national policy and legal obligations.
Organisations and suppliers must meet these requirements when accessing, using or integrating with the service.
These requirements apply alongside onboarding and implementation guidance and must be followed throughout use of the service.
Principles for using this service
This service must be used in line with the following principles:
- it is used for approved purposes, such as supporting direct care
- access to information is appropriate to the role and context
- systems and users handle data securely and responsibly
These principles apply across all use of the service.
Legal and regulatory requirements
Organisations must comply with relevant legal and regulatory requirements when using this service.
This may include:
- data protection and privacy legislation
- information governance requirements
- national standards for handling and sharing data
The exact requirements will depend on your organisation, role and use case.
Organisational responsibilities
Organisations using this service are responsible for:
- ensuring appropriate use of the service
- managing user access and permissions
- maintaining compliance with applicable policies and standards
This includes monitoring how the service is used and ensuring it supports authorised activities.
Access and usage controls
Access to this service is controlled and may be limited by:
- care setting or organisational context
- approved use cases
- system capability and configuration
Not all features or capabilities are available in all contexts.
Data protection and privacy
Use of this service must comply with data protection and privacy requirements.
This includes:
- ensuring data is only accessed where appropriate
- protecting personal and sensitive information
- meeting obligations for transparency and accountability
Supporting documentation
Further guidance on compliance, governance and data protection may be provided through supporting documentation, policies and standards.
Last edited: 23 June 2026 1:03 pm