This site is intended for health professionals only

Data governance update unveiled

13 September 2013

Share this article

Updated personal data guidelines have been released by the government, in the official response to Dame Fiona Caldicott’s report. 

Health and care staff’s responsibility towards sharing data has now been made “crystal clear”, according to the government. 

Health Secretary Jeremy Hunt said that sharing information in the right way is “critical” for ensuring that patients get the right care. 

Hunt said that if patients speak to their GP their data will not leave the surgery. 

The Secretary of State for Health said: “If someone has an objection to their information being shared beyond their own care, it will be respected. All they have to do in that case is speak to their GP and their information won’t leave the GP surgery.”

However, the government also recognises that patient information is important for scientists researching the latest drugs and treatments, as well as for local commissioners. 

The government’s response was released alongside new guidance from the Health and Social Care Information Centre that sets out the responsibilities of staff towards personal confidential data. 

Dame Fiona Caldicott is also chairing a new group to help make sure the NHS keeps to high standards on information sharing. She said:

“The commitment expressed by the government to protecting confidentiality and responding to the wishes of anyone using health or social care services about how they want their information used is extremely heartening.  What this means in practice is spelt out in the Confidentiality Guide which is being published today. 

“Coupled with the scrutiny work that my panel has been commissioned to undertake, I am confident that we can make great strides in terms of putting the patient and service user at the forefront of concerns about safely sharing information.”


The five rules of patient confidentiality, set out in the new HSCIC guidance are:

 1. Confidential information about service users or patients should be treated confidentially and respectfully.

 2. Members of a care team should share confidential information when it is needed for the safe and effective care of individuals.

 3. Information that is shared for the benefit of the community should be anonymised.

 4. An individual’s right to object to the sharing of confidential information about them should be respected.

Organisations should put policies, procedures and systems in place to ensure the confidentiality rules are followed.