Login

CH212. National Data Opt-Out

{{org_field_logo}}

{{org_field_name}}

National Data Opt-Out (England) Policy

Policy Statement

This care service complies with the National Data Opt-Out Policy, which comes into force from 31 July 2022 for all regulated social care providers in England.

The service’s policy is to comply with these requirements, enabling people who use services to opt out from the use of their data for anything other than their individual care and treatment, for example research or planning purposes. This is in line with the recommendations from the 2018 National Data Guardian in Review of Data Security, Consent and Opt-Outs.

The term “confidential patient information” is used as a legal term in the NHS where the opt-out is already in force. In this context “confidential patient information” relates to information about individuals’ health or social care that may identify them.

The General Data Protection Regulation (GDPR) definition is that: “Personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

This care service has an obligation to be compliant by informing people receiving care about their right to choose to opt out of data sharing and provide information if required. It also meets other data protection requirements from national care standards and regulations on good governance of record keeping for purposes beyond direct care and records that are comprehensively fit for purpose and securely maintained.

The national care standard is as follows:

National Data Opt-Out Policy

Under the national data opt-out everyone who uses publicly-funded health and/or care services can prevent health and care organisations sharing “confidential patient information” with other organisations if it is not about managing or delivering individual care.

For example, if data is used for research or planning purposes, or sent to university and hospital researchers, medical royal colleges, pharmaceutical companies researching new treatments.

If confidential patient information is used for research or planning purposes and this processing relies upon Regulation 5 of the COPI Regulations 2002, {{org_field_name}} recognises the opt-out does apply.

Where care services are involved in research with universities, they will liaise with their academic partners and follow Health Research Authority guidance, Social Care Research.

Complying with Data Opt-Out Choices

This care service’s policy is that all the information received about or from person who uses services is confidential and that only those who need to know the information will have access to it. The service will always seek the written permission of its users prior to sharing personal information about them with anyone else, for purposes other than direct care. See Confidentiality of People Receiving Care’s Information (England) Policy.

To comply with national data opt-out, this care service has procedures in place to review use or disclosure of confidential patient information and is transparent with the information it handles as to how and when individuals’ preference for data opt-out has been applied.  

If the person is unable to give their consent, a decision will be taken in line with “best interests” procedures set by the Mental Capacity Act 2005. In these circumstances, someone else can set an opt-out choice on behalf of a person who uses services, by proxy, if they have a formal legal relationship with the person, for example they have lasting power of attorney LPA) or are a court-appointed deputy.

Information is available on request from the registered manager for people who use services, next of kin or LPA. See Mental Capacity: Quick Facts.

How People Receiving Care Can Opt Out

As national data opt-outs are set or changed by individuals themselves, this must be done by the person receiving care or someone legally able to act on their behalf.

For people receiving care who do not wish their information shared for research and planning purposes, they can opt out online at https://your-data-matters.service.nhs.uk or by phone: 0300 303 5678 — NHS Digital Contact Centre.

To opt out by post on behalf of a person receiving care a form can be downloaded and printed off: Manage Another Person’s Choice on Their Behalf, NHS Data Opt-Out. It can only be done by an individual who holds an LPA.

If people receiving care are happy for information to be shared, they do not need to do anything.

Policy Statement

This care service is satisfying obligations to make provision to inform people receiving care of compliance with the national data opt-out policy. Supporting Your Patients — Information and Resources, NHS Digital.

This care service does not share people’s information with any pharmaceutical, medical or other researchers and we do not use sensitive information for purposes beyond an individual’s care and treatment.

This care service will keep a record and comply with data opt-out decisions, but people receiving care can change their mind at any time.

This will not affect individual care provision, nor how this care service shares information with other organisations specifically to arrange and manage individuals’ personal care.

It will also not apply if people receiving care have given explicit consent to share information or if such information is appropriately anonymised.

{{org_field_name}} reviews all of our data processing on an annual basis to assess if the national data opt-out applies. This is recorded in our Record of Processing Activities. All new processing is assessed to see if the national data opt-out applies.

If any data processing falls within scope of the National Data Opt-Out, we use the Messaging Exchange for Social Care and Health (MESH) system to check if any of people receiving care have opted out of their data being used for this purpose.

This care service is aware that national data opt-out requirements have been waived by the Secretary of State for Health and Care for invoice validation purposes. Any payment flows not reliant on Regulation 5 support are not included.

Data submitted to the Capacity Tracker as outlined in DHSC: Admission and Care of Residents in a Care Home During COVID-19 is also not in scope of the national data opt-out.

This care organisation proves compliance by publishing their Privacy Notice and submitting their Data Security and Protection Toolkit Assessment. See New Data Security and Protection Toolkit.

Should use of confidential patient data change in the future, this policy will be amended and procedures will be brought in line with those used nationally. In the event of any such change, this will be publicised internally, within {{org_field_name}} and via our website.

This care service will:

Training

Other Legal Requirements

This care service complies with all relevant regulations and legislation relating to people receiving care, including:

Responsible Person: {{org_field_registered_manager_first_name}} {{org_field_registered_manager_last_name}}

Reviewed on: {{last_update_date}}

Next Review Date: {{next_review_date}}

Copyright ©2024 {{org_field_name}}. All rights reserved

Leave a Reply

Your email address will not be published. Required fields are marked *

Agency Care Staff Ltd trading as e-Care Hub

Facebook-f Instagram Linkedin Youtube

Policies

Menu

Important