Questions have intensified across England after members of the public, particularly those engaged through the “Not With My NHS Data” campaign, contacted the Office of the National Data Guardian to challenge how patient information is being accessed within the NHS Federated Data Platform (NHS FDP) and its linked National Data Integration Tenant (NDIT).
At the centre of the concern is whether external contractor staff are able to view identifiable patient records.
Campaigners argue this raises serious trust and privacy issues, especially given the sensitive nature of NHS-held health data.
While acknowledging the volume and seriousness of the correspondence, the National Data Guardian (NDG) has indicated it cannot respond to individuals one by one, but has issued a consolidated statement addressing the key issues raised.
NDG Responds: Role, Limits, and Public Trust Mandate
National Data Guardian for Health and Social Care explained that its function is to provide independent advice and challenge across England’s health and social care system regarding the safe use of data.
The office is designed to support trust and proper handling of patient information, but it does not operate as a regulator and holds no enforcement or investigatory authority.
Dr Nicola Byrne emphasised that public trust remains central to any use of health data.
According to the NDG, it is entirely appropriate for citizens to question how their information is accessed and shared within national digital programmes, particularly those involving large-scale data platforms.
However, the office stressed that its role is advisory, aimed at shaping policy and standards rather than investigating individual complaints.
Ongoing Involvement in NHS FDP Programme Oversight
Since the early development stages of the NHS FDP initiative, the NDG has been actively engaged in providing guidance to both the Department of Health and Social Care and NHS England.
Ahead of procurement, the NDG outlined key principles it believed essential to maintaining public confidence, including transparency, appropriate safeguards, and strict controls on data access.
More recently, the office has participated in three independent advisory groups focused on governance, assurance, and public engagement.
In these settings, its input has been grounded in the Caldicott Principles, particularly the requirement that access to personal health information should follow a strict “need-to-know” basis and that patients should be properly informed about how their data is used.
The NDG reports that its concerns raised in these forums have generally been taken seriously, with a strong internal commitment observed among NHS England teams to responsible data use and improving care outcomes.
Contractor Access Issue Prompts Fresh Review of Data Controls
A key point of tension has emerged around whether external contractors can access identifiable patient data within the NDIT environment.
During earlier assessments, the NDG and the Information Commissioner’s Office reviewed a Data Protection Impact Assessment (DPIA) for the programme.
That document stated that access to identifiable data would be restricted to NHS staff with a legitimate operational need.
However, recent reporting and confirmation from programme officials suggest that some external contractor staff may also have access to identifiable information within NDIT.
The NDG has stated it was not previously aware of this development.
As a result, the office has formally written to NHS England seeking clarification on the discrepancy between the documented safeguards and the current operational reality.
It has also called for greater consistency between internal practices and public transparency materials, warning that inconsistencies risk undermining confidence in the programme.
The NDG further stressed the importance of timely communication whenever significant changes occur, particularly where those changes may affect public trust in national health data systems.
Clarifying Consent, Care Use, and Opt-Out Limitations
The statement also addressed growing public confusion over consent and the national opt-out system in relation to the NHS FDP.
The NDG explained that not all uses of patient data within the NHS require explicit consent at every stage.
In routine care, clinicians often access patient records as part of delivering treatment, such as when a hospital specialist reviews a GP referral.
This access is considered an integral part of providing safe and effective care.
Within this context, the NHS FDP is intended to support the delivery of healthcare services by enabling appropriate data sharing between authorised professionals.
The NDG also clarified that the national data opt-out system applies only to secondary uses of data, such as research and planning.
It does not extend to data used directly for patient care.
As the FDP is currently described as being used solely for care delivery, the opt-out mechanism does not apply to data processed within the programme at this time.
Next Steps: Assurance, Scrutiny, and Public Accountability
Looking ahead, the NDG has outlined several immediate priorities.
It will await formal assurance from NHS England addressing the identified inconsistency regarding contractor access and expects any necessary updates to transparency and governance documentation to follow.
The office also confirmed it will continue to engage with the NHS FDP programme through its established advisory groups, maintaining its role in scrutinising and challenging data governance practices.
A further update will be published once a response is received from NHS England.
Concluding its statement, the NDG expressed appreciation for the public’s engagement, noting that trust from both patients and professionals remains essential to the success of efforts to integrate health data systems and improve care delivery across the NHS.
