General Data Protection Regulation
The right to privacy is part of the 1950 European Convention on Human Rights, stating that, “Everyone has the right to respect for his private and family life, his home and his correspondence.”
This legislation aims to ensure the protection of this right, by outlining the regulatory framework for personal data access, use and processing, along with the data protection principles, accountability and data security.
The UK Government, Information Commissioner’s Office, Medical Research Council Support Centre, the NHS Research Health Authority, Public Benefit and Privacy Panel for Health and Social Care, NHS Digital and the Public Health Scotland’s Information Services Division, provide a list of resources on the regulation of access and use of clinical digital data for research.
The UK Government
The UK Government provide information on the Data Protection Act 2018 and the UK’s implementation of the General Data Protection Regulation (GDPR), that controls how your personal information is used by organisations, businesses or the government.
Data Protection and Digital Information Act
The UK Parliament have issued a Data Protection and Digital Information Bill, outlining the regulation regarding the processing of information relating to identified or identifiable living individuals.
The UK government have published the Goldacre Review, that focuses on the most efficient and safe use of health data for research and analysis aiming to benefit patients and the healthcare sector.
The Information Commissioner’s Office
The Information Commissioner’s Office outlines the data protection principles, rights and obligations that appliy to most UK businesses and organisations. It covers the UK General Data Protection Regulation (UK GDPR), tailored by the Data Protection Act 2018.
ICO Consultation on anonymisation
The Information Commissioner’s Office have published guidance on anonymisation, pseudonymisation and privacy enhancing technologies.
The Information Commissioner’s Office describe the Data protection law and accountability framework regarding good data protection compliance and handling by businesses and organisations.
The Medical Research Council Support Centre
The Medical Research Council Support Centre provide information and guidance for research involving human participants, their tissues, or data.
The Medical Research Council Support Centre provide a useful Health Data Access Tool Kit that helps researchers explore the requirements associated with the access to routinely collected NHS health data.
The NHS Research Health Authority
Confidentiality Advisory Group
The NHS Research Health Authority provide information on how to apply to the Confidentiality Advisory Group (CAG) in order to access confidential patient information without consent in England and Wales.
The Public Benefit and Privacy Panel for Health and Social Care
The Public Benefit and Privacy Panel for Health and Social Care outline guidance on how to apply for access to data managed by Public Health Scotland (PHS) electronic Data Research and Innovation Service (eDRIS).
NHS Digital
General Practice Data for Planning and Research (GPDPR)
NHS Digital have published the General Practice Data for Planning and Research (GPDPR) for the use of patient information for planning and research.
NHS Digital provide patients with the option to opt out of their confidential patient information being used for research and planning through their national data opt-out service.
Public Health Scotland’s Information Services Division
Public Health Scotland’s Information Services Division (ISD) collect and use Scotland’s national health and care datasets, to support policy-making with information, intelligence and tools to assist in planning, delivering and managing local health and care services.