General Data Protection Regulation

The right to privacy is part of the 1950 European Convention on Human Rights, stating that, “Everyone has the right to respect for his private and family life, his home and his correspondence.” 

This legislation aims to ensure the protection of this right, by outlining the regulatory framework for personal data access, use and processing, along with the data protection principles, accountability and data security.

The UK GovernmentInformation Commissioner’s OfficeMedical Research Council Support Centre, the NHS Health Research AuthorityPublic Benefit and Privacy Panel for Health and Social CareNHS Digital and the Public Health Scotland’s Information Services Division, provide a list of resources on the regulation of access to and use of clinical digital data for research.

The UK Government

Data Protection Act 2018

The UK Government provide information on the Data Protection Act 2018 and the UK’s implementation of the General Data Protection Regulation (GDPR), that controls how your personal information is used by organisations, businesses or the government.

 

Data Protection and Digital Information Act

The UK Parliament have issued a Data Protection and Digital Information Bill, outlining the regulation regarding the processing of information relating to identified or identifiable living individuals.

 

Goldacre Review

The UK government have published the Goldacre Review, that focuses on the most efficient and safe use of health data for research and analysis aiming to benefit patients and the healthcare sector.

 

The Information Commissioner’s Office

UK GDPR

The Information Commissioner’s Office outlines the data protection principles, rights and obligations that appliy to most UK businesses and organisations. It covers the UK General Data Protection Regulation (UK GDPR), tailored by the Data Protection Act 2018.

ICO Consultation on anonymisation

The Information Commissioner’s Office have published guidance on anonymisation, pseudonymisation and privacy enhancing technologies.

 

GDPR Data Subject Rights

The Information Commissioner’s Office describe the Data protection law and accountability framework regarding good data protection compliance and handling by businesses and organisations.

 

 

 

The Medical Research Council Support Centre

MRC Regulatory Support Centre

The Medical Research Council Support Centre provide information and guidance for research involving human participants, their tissues, or data.

 

Health Data Access Toolkit

The Medical Research Council Support Centre provide a useful Health Data Access Tool Kit that helps researchers explore the requirements associated with the access to routinely collected NHS health data.

 

 

The NHS Research Health Authority

Confidentiality Advisory Group

The NHS Research Health Authority provide information on how to apply to the Confidentiality Advisory Group (CAG) in order to access confidential patient information without consent in England and Wales.

 

The Public Benefit and Privacy Panel for Health and Social Care

PBPP

The Public Benefit and Privacy Panel for Health and Social Care outline guidance on how to apply for access to data managed by Public Health Scotland (PHS) electronic Data Research and Innovation Service (eDRIS).

 

NHS Digital

General Practice Data for Planning and Research (GPDPR)

NHS Digital have published the General Practice Data for Planning and Research (GPDPR) for the use of patient information for planning and research.

 

National Data Opt-Out

NHS Digital provide patients with the option to opt out of their confidential patient information being used for research and planning through their national data opt-out service.

 

Public Health Scotland’s Information Services Division

PHS Opt-Out

Public Health Scotland’s Information Services Division (ISD) collect and use Scotland’s national health and care datasets, to support policy-making with information, intelligence and tools to assist in planning, delivering and managing local health and care services.