A movement for patients, relatives and carers. Harnessing the patient voice to build confidence in the use of patient data for research and analysis.

Current data matters: National Data Opt-out Model

National Data Opt-out

(1st March 2018)
The latest newsletter from NHS Digital confirms that the National Data Opt-out has been pushed back from March to May.  The Opt-out will now be aligned with the implementation date for the General Data Protection Regulation (GDPR).  The Opt-out will be in the form of one question, the wording of which is currently being tested by NHS England, with a communications programme to follow.

This is a link to a PDF copy of the Newsletter, plus a link to fill in the national data opt out team contact form to be added to the NHS Digital mailing list.

The following text on this page is extracted from the NHS Digital website:

The National Data Opt-out

NHS Digital is developing a new system to support the national data opt-out which will give patients more control over how identifiable health and care information is used. The system will offer patients and the public the opportunity to make an informed choice about whether they wish their personally identifiable data to be used just for their individual care and treatment or also used for research and planning purposes.

Choosing to opt-out

Patients and the public who decide they do not want their personally identifiable data used for planning and research purposes will be able to set their national data opt-out choice online. We will provide a non-digital alternative for patients and the public who can't or don't want to use an online system. Individuals can change their mind anytime. Existing Type 2 opt-outs (the option for a patient to register with their GP, to prevent their identifiable data leaving NHS Digital) will be converted to the new national data opt-out. Patients with type 2 opt-outs will be informed of this change individually.


NHS Digital is developing the system now. Patients and the public will be able to use the system from 25 May 2018. All health and care organisations will be required to uphold patient and public choices by March 2020. The national data opt-out will be introduced alongside the new data protection legislation.

Information for health and care professionals

If you work in health and care, the introduction of the national data opt-out will mean you have two new areas of responsibility. You will need to be aware of the service in case patients ask you about it and in time you will be expected to uphold these preferences and advise patients. There is an information pack below (Pack E1) which contains information about what organisations need to do now to be ready for the national data opt-out being available from 25 May 2018.

Advising patients

Everyone working in health and care needs to be aware of the national data opt-out so that they can inform and advise patients on where to go for more information about data use and the national data opt-out. The information shared by health and care staff will support patients to make an informed decision about how their personally identifiable data will be used.

Upholding patient preferences

Health and care professionals who send patient identifiable data to other organisations for reasons other than a patient's individual care and treatment will need to know how and when to uphold a patient's preference. More information will be provided on this in due course.


NHS Digital have prepared presentations that can be edited to be relevant to your local settings, to help you inform the health and care professionals you work with about the national data opt-out.

iconPack A The NDG Review and Government Response Published November 2017 [3.21MB]

iconPack B Taking the National Data Opt-out Forward Published November 2017 [3.31MB]

iconPack C National Data Opt-out Approach Published November 2017 [3.26MB]

iconPack D National Data Opt-out Operational Policy Published November 2017 [3.21MB]

iconPack E1 Preparing for Implementation Published November 2017 [4.18MB]

Pack F Patient journey - coming soon

iconPack G Fit with Data Protection Bill (GDPR) Published December 2018 [3.08MB]

NHS Digital will provide more information and resources on their pages as the development of the new system progresses.

(Text extracted from NHS Digital website, 1st March 2018, available here)



National Data Guardian’s 2017 Report

The National Data Guardian (NDG) for Health and Care has published a report reviewing Dame Fiona Caldicott's first term in the office and looking at her current priorities. The publication of the National Data Guardian 2017 report: impact and influence for patients and service users marks just over three years since Dame Fiona was appointed as the first NDG.

The report sets out a clear case for the independent advice and challenge the NDG role provides to ensure that data collected by the NHS and social care services is properly safeguarded and used appropriately to improve care. It reinforces the fundamental requirement of building public trust for successful advancements in health and care based on data sharing.


Government Response to the National Data Guardian’s (NDG) Review (12th July 2017)

The Government published its response to the National Data Guardian’s (NDG) Review of Data Security, Consent and Opt-Outs.  ‘Your Data: Better Security, Better Choice, Better Care’ on 12 July 2017. The response is available here: Government Response, 12th July 2017

Dame Fiona issued an accompanying statement

The Government has accepted all of the recommendations from the NDG’s review.  The benefits of sharing data are emphasised throughout the response, “we are also keen to support the use of patient data in appropriate circumstances and anonymised data for research, and will learn from examples where this is being done effectively”.  Several case studies are included to highlight the rewards of using and sharing patient data.   

The key recommendations regarding data sharing and opt-outs:

  • Ensure that the national opt-out is implemented effectively from March 2018, engaging the public to understand what their data is used for and by whom, and the choices that they can make around that use. Ensure that the NHS and social care manages the transition to the national opt-out effectively by 2020.
  • Support professionals to implement the national opt-out successfully.
  • Support legislation to put the role of the NDG on a statutory footing.
  • Implement stronger measures to protect personal data, through UK data protection legislation to introduce more severe penalties for data breaches and to deter reckless or deliberate misuse of information from May 2018.
  • Work with other stakeholders, including Understanding Patient Data, to develop communication tools to explain effectively to the public, data and information sharing in health and care.
  • Ensure that NHS Digital implements a tool to enable patients to access and understand how their data has been used nationally by March 2020

Existing Type 1 & 2 opt outs are addressed.  Type 2 opt outs will be transitioned and Type 1 opt outs will be honoured until March 2020.  There is information about this on page 26 of the response.

Dame Fiona has also written an article in the Times published today, which I attach and in which Dame Fiona says “Yet my support for the creation of a simple data opt-out does not mean that I want people to use it. I have confidence in the system to use my data responsibly to improve services for all”

National Data Guardian's Review published (6th July 2016)

The National Data Guardian for Health and Care has today published her Review of Data Security, Consent and Opt-Outs.

Dame Fiona Caldicott, the National Data Guardian for Health and Care (NDG), today publishes recommendations to strengthen the security of health and care information secure and to help the public make informed choices about how their data is used.
The proposals are contained in the National Data Guardian for Health and Care: Review of Data Security, Consent and Opt-out. The recommendations are made to the Secretary of State for Health, Jeremy Hunt, following his commissioning of reviews from the NDG and the Care Quality Commission (CQC), which has today also published its report on data security in the NHS.


The National Data Guardian has developed ten new data security standards to apply to all organisations which hold health or care information. Dame Fiona is calling on leaders of health and social care organisations to demonstrate clear accountability and responsibility for data security, just as they do for clinical and financial management and accountability.
Dame Fiona is also calling for a much more extensive dialogue with the public about how their information is used and the benefits, from researchers making breakthroughs in life-saving medicines to regulators spotting quickly when things go wrong.
For those who do not want their confidential information to be used for purposes other than their direct care, Dame Fiona has developed a new opt-out. She has also reaffirmed that whether people opt out or not, they should be reassured that their health and care information will only ever be used if the law allows and never for marketing or insurance purposes, unless they separately consent to this.

Next steps

Dame Fiona has called for a full and comprehensive public consultation on her recommendations and further testing of the proposed consent/opt-out model.

Dame Fiona is clear that that it will be important to hear the views of patients, health and care professionals, researchers, commissioners and others in this consultation and beyond. We hope you will be able to play your part.

Read the Review

Read the Press Release

Video: Dame Fiona explains

Read the CQC Report

(Remaining parts of this page have been extracted directly from several sources)

New Models of Consent

Speaking at the NHS Innovation Expo in Manchester, the Health Secretary announced a review of standards of data security for patients’ confidential data across the NHS to be carried out by the Care Quality Commission (CQC). A clarification shortly afterwards highlighted Dame Fiona Caldicott's contribution to the review, which is shown below:

[Source: GOV.UK]

18 September 2015 - clarification of Dame Fiona Caldicott’s contribution to the review

The National Data Guardian for health and care, Dame Fiona Caldicott, will contribute to this review by developing clear guidelines for the protection of personal data against which every NHS and care organisation will be held to account. She will provide advice on the wording for a new model of consents and opt-outs, to enable patients to make an informed decision about how their data will be shared.

[Source: Health Secretary outlines vision for use of technology across NHS, September 2015]

Review of Informed Choice for Cancer Registration

In April 2016, Cancer Research UK and Macmillan Cancer Support announced a joint Review of Informed Choice for Cancer Registration, to include engagement events for people affected by cancer.

The findings of the review will help inform a decision by the government about how cancer registration will be managed in the future.

[Source: Cancer Research UK and Macmillan Cancer Support]

What is happening in the review?

Cancer Research UK and Macmillan Cancer Support are reviewing how cancer patients in England could be better informed about the use of their data in cancer registration, and how they can choose whether their data are included.

  • We expect this review to help inform an important decision by the government about how cancer patients can choose whether their data are included in the cancer registry.
  • The review will run until July 2016, when we will report to government. We expect to publish our findings by September 2016.


The full details are available here from both charities

[Source: Macmillan Cancer Support, Review of Informed Choice for Cancer Registration]

[Source: Cancer Research UK, Review of Informed Choice for Cancer Registration]