FAQs

How is Federated Data Platform different?

The Federated Data Platform is not a data collection. It is software that will help connect disparate sets of data and allow them to be used more effectively for care.

It will sit across NHS trusts and integrated care systems allowing them to connect data they already hold in a secure and safe environment. GP data will not be part of the national platform.

The software will be ‘federated’ across the NHS. This means every hospital and integrated care board will have its own version of the platform that can connect and collaborate with other data platforms as a ‘federation’. This makes it easier for health and care organisations to work together, compare data, analyse it at different geographic, demographic and organisational levels and share and spread new effective digital solutions.

The FDP is for the NHS, or those commissioned by them, to access data for direct care and population health planning purposes; it will not be used for external research.

The NHS Research SDE Network is for external users and/or those conducting research to access data.

Can I request an opt-out of? If yes, how?

We need researchers to keep trying to find new, life-saving medicines and treatments, especially for our biggest health problems such as cancer and dementia.

We also need a better understanding of the health and care needs of people living in our region so we can support them to live healthier, longer lives by transforming the way we work.

What we can learn by analysing people’s health and care data is the key to making all this possible.

If you are happy for your health and care information to be used for research and care planning, you do not need to do anything.

However, it is entirely your decision. If you would like to opt out, you can do the National Data Opt-Out.

Will SDEs include social care data?

The ambition is to make social care data accessible for research through SDEs. In order to achieve this aim, we need to ensure more providers are digitised, and have standards in place to ensure data being recorded is consistent and of high quality.

Who owns the data in SDEs?

Whilst the Data for R&D Programme will be working to ensure information governance processes are streamlined and interoperable, SDEs do not alter data ownership, and will uphold governance approvals and legislation.

Will organisations be able to continue to access to my data for research outside of an SDE?

Secure Data Environments for research will be the primary way of accessing data, although there may be exemptions in very specific circumstances, such as consented clinical trials. In these cases, the highest standards of security and confidentiality will continue to apply. Any organisation that wants access to data must have a clear and legal reason to do so for health and care purposes (never for insurance or marketing). Only the minimum amount of data needed to meet the specific purpose will be made available.

When providing external partners (for example researchers and industry) access to data for legally valid reasons, they must meet very high standards around transparency and accountability. These are clearly set out in our five principles governing data-sharing arrangements entered into by NHS organisations, published in July 2019. These principles are also in line with the Data Ethics Framework.

Why is data shared with organisations outside the NHS and care system?

To analyse and make best use of all of the data it holds; the NHS and care system needs to work in partnership with a wide range of organisations:

  • academic researchers may be able to answer important new questions using data
  • commercial analytical companies may have the best expertise and technologies for making sense of large and complex information from hospitals and GP practices
  • charities need data to evaluate services, advocate for patient communities and identify ways to improve care.
  • pharmaceutical companies use data to help develop drugs or test their effectiveness or safety.

How to find out how my data was used?

Currently individuals can access data held about them via a subject access request or via a freedom of information request.

Is my data identifiable in an SDE?

No, before giving access to the data, it undergoes de-identification that guarantees that your personal data will be pseudonymised and not be accessed by researcher.

In some cases, researchers may gain approval to access identifiable data within a Secure Data Environment, where it is necessary to conduct research for patient benefit. Only approved aggregated outputs can leave the Secure Data Environment. SDEs make gaining access to life-saving data and linking it both more secure and faster, while offering the highest levels of data privacy.

Who can access my data?

Only approved users, with approved projects, are allowed to access and analyse data, and only approved non-identifiable outputs can leave the environment. SDEs will allow the NHS to control:

  • who can become a user to access the data
  • the data that users can access
  • what users can do with the data in the environment
  • the information users can remove

Where is my data shared?

The anonymised data will be shared with a researcher inside the SDE system, and it won’t leave the environment. After the research is finished, researcher can take the anonymised summary of it out of the SDE.

How is my data protected?

NHS and care organisations are committed to keeping patient information safe and being transparent on how it is used. There are strict rules around how data can, and cannot, be used and shared to protect privacy, security, and confidentiality. Providing access to data must have an explicit aim to benefit for patients and/ or the NHS. Data must never be shared for insurance or marketing purposes.