How data is kept safe and used responsibly

Putting security and confidentiality first.

The data the National Cancer Registration Service collects and analyses can only be used for health care purposes that will benefit individuals and society. It is never sold and like all clinicians, our absolute responsibility is to make sure that every individual patient’s confidentiality is protected.

Access to the health records of people who have cancer is a great privilege, and everyone who works in the National Disease Registration Service takes great care when handling this data. Personal data that can identify someone is only used when absolutely necessary – such as when the NHS wants to send a questionnaire to patients to get a better understanding of the effects of treatment. For almost all the research work conducted by the registration service and for the work organisations like cancer charities or academics carry out, the data we provide is anonymised or de-personalised before it is released.

The ability to access such sensitive information is granted to the National Disease Registration Service under Section 251 of the 2006 Health and Social Care Act.  This section of the law was introduced to allow the common-law duty of confidentiality to be over-ridden for those important functions when it is not possible to get individual consent.  These functions include protecting the public’s health and some important, ethically approved, medical research.

Each year, Public Health England must apply to the Confidentiality Advisory Group of the Health Research Authority for permission from the Secretary of State to continue to use Section 251 to collect cancer data.  PHE must also report how data has been used and the controls that are in place to safeguard its use. The Confidentiality Advisory Group is made up of patients, legal experts, and scientists and advises the Secretary of State.

This special permission recognises that to combat cancer, being able to collect and analyse as much data about as many cancer patients as possible is essential. Of course, it is possible for anyone to opt-out of the national scheme if they want, but by default everyone who is diagnosed with cancer is automatically enrolled in the scheme, so that we get as complete a picture as possible. And because only a very small percentage of patients have chosen to opt-out, we have been able to accurately study how new treatments given to some patients affect outcomes. It is by analysing data like this that we now know that half of all people who are diagnosed with cancer will now live for at least 10 years.

There are lots of different types of data and it’s a complex subject, so Public Health England, along with all the leading medical charities and research bodies, have set up the organisation Understanding Patient Data, in collaboration with The Wellcome Trust. Its mission is to demystify patient data and explain the safeguards that are in place to protect patient confidentiality.

Naturally, some people will want to look at the data that the National Disease Registration Service holds about them. Patients can make a request to Public Health England to see their data – this is called a Subject Access Request. PHE will first check the identity of the person making the request by asking for copies of some forms of ID. After this, as a further layer of security, PHE will send their information only to their GP or specialist. This process needs to be carried out securely as it is, so that the patient can be certain that their sensitive data is only ever shown to someone who is allowed to see it.