Creating a new NHS England: NHS Digital and NHS England have now merged. Health Education England will join us in April 2023. Learn more.

NHS England - Transformation Directorate

Information governance guidance

We hope that you find the guidance on these pages useful. Have we done a good job? Let us know through our feedback form, or alternatively contact us

New elearning - Information sharing For frontline and admin health and care staff, this module is designed to empower staff to share information for individual care

Take the 'information sharing' module

Available now - our free elearning provides practical tips and real life scenarios to enhance your understanding of the principles for sharing information securely for individual care, research and planning.
View all Integrated care Sharing with other sectors Communications tools Consent Individual rights Sharing preferences COVID-19 Sharing with colleagues Research Enabling remote working Template Confidentiality Personal health records Comms with patients or service users Social care Common law UK GDPR and data protection

Joining up and supporting care

Panel Guidance

Information Governance Framework: Shared Care Records

The Information Governance Framework for Integrated Health and Care: Part 1 - Shared Care Records has been developed to provide a structured approach to ensure Shared Care Records meet their legal obligations.

Integrated care Sharing with other sectors Sharing with colleagues Personal health records Social care
External Guidance

Using cyber technology: top tips for pharmacy teams

This factsheet provides pharmacy teams with top tips on the communication tools to use to support the care of patients and service users, particularly during the pandemic.

Communications tools Comms with patients or service users
Panel Guidance

Use and share information with confidence

This guidance will support you to use and share information with confidence when caring for patients and service users.

Sharing preferences Sharing with colleagues Confidentiality Social care Common law UK GDPR and data protection
Panel Guidance

Using video conferencing and consultation tools

This guidance sets out how video conferencing and consultation tools can be used safely and securely.

Communications tools COVID-19 Enabling remote working Comms with patients or service users
Panel Guidance

Information sharing in Multidisciplinary Teams (MDTs)

A MDT is a group of health and care staff from different organisations and professions that together make decisions regarding the treatment of individual patients and service users. There are some IG considerations when working as part of an MDT.

Integrated care Sharing preferences Sharing with colleagues Template Social care
Panel Guidance

Sharing information with the voluntary sector

This guidance provides information to health and care organisations on how information about patients and service users can be shared safely with the voluntary sector

Integrated care Sharing with other sectors Consent Sharing preferences Social care Common law
Panel Guidance

Use of mobile devices by patients in hospitals

This guidance provides advice for patients using mobile devices such as phones, tablets and cameras in acute hospitals.

Communications tools Individual rights COVID-19 Comms with patients or service users
Panel Guidance

Video conferencing with colleagues

This advice sets out the IG considerations when staff are using video conferencing tools to communicate with other members of staff during the COVID-19 pandemic.

Communications tools COVID-19 Sharing with colleagues Enabling remote working
Panel Guidance

Access to patient records through the NHS App

The NHS App is changing to make it easier for patients to read new entries in their GP record. This guidance covers the key things that patients, GPs and IG professionals should know.

Integrated care Personal health records Comms with patients or service users
Panel Guidance

Sharing information with unpaid carers

This guidance aims to advise those being cared for, carers and health and care professionals about how to share confidential information about an individual to support their care.

Integrated care Sharing with other sectors Sharing preferences Sharing with colleagues Comms with patients or service users Social care

Managing information

Panel Guidance

Records management guidance for the transition of CCGs to ICBs

Guidance for CCGs on records management as they transition to ICBs

Integrated care Personal health records Social care
Panel Guidance

Personal data breaches

This guidance will help health and care organisations deal with personal data breaches, for example, losing personal information. It provides advice on what a personal data breach is and the steps that need to be taken if a breach occurs.

Individual rights Template Confidentiality Personal health records Comms with patients or service users Social care UK GDPR and data protection
Panel Guidance

Records Management Code of Practice

The Records Management Code of Practice 2021 sets out how records relating to health and care should be managed.

Integrated care Individual rights Personal health records Social care
Panel Guidance

Sharing information with the police

This guidance is about disclosure of information by health and care organisations to the police.

Sharing with other sectors Communications tools Individual rights Confidentiality Social care Common law UK GDPR and data protection
Panel Guidance

What is and isn’t direct marketing?

The ICO has produced wider guidance on direct marketing for the public sector. This guidance, produced by the panel, specifically considers the rules on direct marketing in the context of health and care communications.

Communications tools Individual rights Sharing preferences Research Comms with patients or service users UK GDPR and data protection
Panel Guidance

Understanding Health Data Access (UHDA)

A suite of short films and resources explaining the rules that govern how health and social care data is shared beyond the treatment of individuals.

Sharing with other sectors Research Confidentiality
Panel Guidance

Digital staff passport

A summary of the information governance steps which need to be taken to set up Digital Staff Passports

COVID-19 Sharing with colleagues Confidentiality
Template

Data sharing agreement template

A data sharing agreement template and accompanying guide which can be used by local organisations.

Integrated care Sharing with other sectors Consent Individual rights Template Confidentiality Social care UK GDPR and data protection
Panel Guidance

Bring your own device (BYOD) guidance

BYOD is a service offered by organisations to their employees to enable them to use their own devices for work, such as mobile phones, laptops and tablets. This guidance focuses on the IG considerations.

Communications tools Enabling remote working UK GDPR and data protection
Panel Guidance

Using mobile messaging

This guidance will support the safe and secure use of mobile messaging software in health and care settings.

Communications tools Confidentiality Social care
Panel Guidance

Subject Access Requests

This guidance will help you understand what a Subject Access Request is and how they are responded to.

Individual rights Confidentiality Comms with patients or service users UK GDPR and data protection
Panel Guidance

Consent and confidential patient information

This guidance is about consent and what it means when sharing Confidential Patient Information.

Integrated care Sharing with other sectors Consent Individual rights Sharing with colleagues Comms with patients or service users Common law UK GDPR and data protection
Panel Guidance

Email and text message communications

This guidance is about how you can safely use email and text messages to communicate with patients and service users.

Communications tools Individual rights Sharing preferences Confidentiality Comms with patients or service users
Template

Template for email and text message communications

This is a template policy which can be adapted for when using text and emails to communicate with patients/service users.

Communications tools Sharing preferences Template Comms with patients or service users
External Guidance

Caldicott principles

Eight principles to ensure people's information is kept confidential and used appropriately.

Individual rights Sharing with colleagues Confidentiality Personal health records
Panel Guidance

Amending patient and service user records

This guidance provides advice on patients and service users requesting changes to their health and care records. It also covers how staff should amend records.

Integrated care Individual rights Personal health records Social care Common law
Panel Guidance

Access to the health and care records of deceased people

This guidance provides advice on access to health and care records following the death of an individual.

Consent Individual rights Sharing preferences Research Confidentiality Personal health records Social care Common law

New technology

Panel Guidance

Virtual wards

Virtual wards support people, who would otherwise be in hospital, to receive the care and treatment they need in their own home or usual place of residence. Virtual wards are suitable for a range of conditions that can be safely and effectively monitored at home including respiratory conditions, heart failure and COVID-19.

Integrated care Sharing with other sectors COVID-19 Enabling remote working Template Confidentiality Comms with patients or service users UK GDPR and data protection
Panel Guidance

Artificial Intelligence

This guidance focuses on the IG implications of using AI in health and care settings, and should help support the lawful and safe use of data for AI innovations.

Integrated care Consent Individual rights Research Common law UK GDPR and data protection
External Guidance

Legal requirements for using health and care data in data-driven technologies

This guidance gives an overview of the legal requirements for using health and care data in the development and deployment of data-driven technologies.

Sharing with other sectors Communications tools Research Confidentiality Common law UK GDPR and data protection
External Guidance

Accessing health and care data for research on data-driven technology

This guidance gives a step-by-step overview of the process for accessing health and social care data for research of data-driven technologies.

Sharing with other sectors Communications tools Research Confidentiality Common law UK GDPR and data protection

Research

External Guidance

UK GDPR guidance for researchers and study coordinators

This operational guidance has been produced by the Health Research Authority for researchers and study coordinators on the implications of the UK GDPR for the delivery of research in the UK.

UK GDPR and data protection
External Guidance

Guidance for CAG Applicants

Detailed guidance from the Health Research Authority on submitting an application to Confidentiality Advisory Group (CAG) for both research and non-research purposes.

Consent Research
External Guidance

Information governance in local quality improvement

This guide by Healthcare Quality Improvement Partnership (HQIP), describes how information governance (IG) laws and principles apply to the use of personal data in multi-agency healthcare quality improvement studies.

Research UK GDPR and data protection