NHS Digital Data Release Register - reformatted

Swindon Borough Council projects

7 data files in total were disseminated unsafely (information about files used safely is missing for TRE/"system access" projects).


LAPH HES via NHS England Secure Environment — DARS-NIC-617762-J8X8V

Type of data: information not disclosed for TRE projects

Opt outs honoured: Anonymised - ICO Code Compliant (Does not include the flow of confidential data)

Legal basis: Health and Social Care Act 2012 – s261(2)(a)

Purposes: No (Local Authority)

Sensitive: Sensitive, and Non-Sensitive

When:DSA runs 2023-07-11 — 2026-07-10 2023.07 — 2024.01.

Access method: One-Off, System Access
(System access exclusively means data was not disseminated, but was accessed under supervision on NHS Digital's systems)

Data-controller type: SWINDON BOROUGH COUNCIL

Sublicensing allowed: No

Datasets:

  1. Emergency Care Data Set (ECDS)
  2. Hospital Episode Statistics Accident and Emergency (HES A and E)
  3. Hospital Episode Statistics Admitted Patient Care (HES APC)
  4. Hospital Episode Statistics Critical Care (HES Critical Care)
  5. Hospital Episode Statistics Outpatients (HES OP)

Objectives:

The Health Episode Statistics (HES) Data accessed through the NHS England Secure Environment will be used by the Local Authority in fulfilment of its public health function, specifically to support and improve:

1. the local responsiveness, targeting and value for money of commissioned public health services;
2. the statutory ‘core offer’ public health advice and support provided to local NHS commissioners;
3. the local specificity and relevance of the Joint Strategic Needs Assessments and Health and Wellbeing Strategies produced in collaboration with NHS and voluntary sector partners on the Health and Wellbeing Board;
4. the local focus, responsiveness and timeliness of health impact assessments; and, among other benefits
5. the capability of the local public health intelligence service to undertake comparative longitudinal analyses of patterns of and variations in:

a) the incidence and prevalence of disease and risks to public health;
b) demand for and access to treatment and preventative care services;
c) variations in health outcomes between groups in the population;
d) the level of integration between local health and care services; and
e) the local associations between causal risk factors and health status and outcomes.

The main statutory duties and wider public health responsibilities supporting these processing objectives are as follows:

1. Statutory public health duties that the data will be used to support

a) Duty to improve public health: Analyses of the data will be used to support the duty of the Local Authority under Section 12 of the Health and Social Care Act 2012 to take appropriate steps to improve the health of the population, for example by providing information and advice, services and facilities, and incentives and assistance to encourage and enable people to lead healthier lives;
b) Duty to support Health and Wellbeing Boards: Analyses of the data will be used to support the duty of the Local Authority and the Change to Integrated Care Board (ICB)-led Health and Wellbeing Board under Section 194 of the 2012 Act to improve health and wellbeing, reduce health inequalities, and promote the integration of health and care services; the data will also be used to support the statutory duty of Health and Wellbeing Boards under Section 206 of the 2012 Act to undertake Pharmaceutical Needs Assessments;
c) Duty to produce Joint Strategic Needs Assessments (JSNAs) and Joint Health and Wellbeing Strategies (JHWBs): Analyses of the data will be used to support the duty of the Local Authority under Sections 192 and 193 of the 2012 Act to consult on and publish JSNAs and JHWSs that assess the current and future health and wellbeing needs of the local population;
d) Duty to commission specific public health services: Analyses of the data will be used to support the Local Authority to discharge its duty under the Local Authorities Regulations 2013 to plan and provide NHS Health Check assessments, the National Child Measurement Programme, and open access sexual health services;
e) Duty to provide public health advice to NHS commissioners: Analyses of the data will be used by Local Authorities to discharge its duty under the 2013 Regulations to provide a public health advice service to NHS commissioners;
f) Duty to publish an annual public health report: Analyses of the data will be used by Directors of Public Health to support their duty to prepare and publish an annual report on the health of the local population under Section 31 the 2012 Act;
g) Public Health responses on behalf of the Local Authority to licensing applications and other statutory Local Authority functions requiring public health input: Analyses of the data will be used by the Director of Public Health to support their duty under Part 3 of the National Health Services Act 2006 (as amended by Section 30 of the Health and Social Care Act 2012) to provide the Local Authority’s public health response (as the responsible authority under the Licensing Act 2003, as amended by the Health and Social Care Act 2012 Schedule 5 – Part 1) to licensing applications.

2. Wider public health responsibilities supported by analysis of the data

a) Health impact assessments and equity audits: Analyses of the data will be used to assess the potential impacts on health and the wider social economic and environmental determinants of health of Local Authority strategic plans, policies and services;
b) Local health profiles: Analyses of the data will be used to support the production of locally-commissioned health profiles to improve understanding of the health priorities of local areas and guide strategic commissioning plans by focusing, for example, on:
i. bespoke local geographies (based on the non-standard aggregation of LSOAs);
ii. specific demographic, geographic, ethnic and socio-economic groups in the population;
iii. inequalities in health status, access to treatment and treatment outcomes;
c) Surveillance of trends in health status and health outcomes: Analyses of the data will be used for the longitudinal monitoring of trends in the incidence, prevalence, treatment and outcomes for a wide range of diseases and other risks to public health;
d) Responsive and timely local health intelligence service: Analyses of the data will be used to respond to ad hoc internal and external requests for information and intelligence on the health status and outcomes of the local population generated and received by the Director of Public Health and their team.

These lists of the statutory duties and wider public health responsibilities of the Local Authority are not exhaustive but set the broad parameters for how the data will be used by the Local Authority to help improve and protect public health, and reduce health inequalities. All such use would be in fulfilment of the public health function of the Local Authority.

No identifiable data can be accessed through the NHS England Secure Environment. The data provided would include, the standard non-sensitive HES fields, and a common (across all Local Authorities) pseudo ID to enable admissions to be linked over time.

Legal Basis for Processing Data:

Article 6(1)(e)
(processing is necessary for the performance of a task in the public interest or in the exercise of official authority vested in the controller)
Public Authority: The Data Protection Act 2018 s7(1)(a) defines ‘public bodies’ for the purpose of the GDPR as “a public authority as defined by the Freedom of Information Act 2000”.
The FOI Act 2000 Part 1, section 3 (1)(a)(i) specifies that a public authority means any body which is listed in Schedule 1.

Schedule 1 of the FOI Act 2000 lists Local authorities within the meaning of the Local Government Act 1972 as public authorities.

‘Public Task’

Local Authorities
Local Authorities have a legal responsibility under Section (1)(2)(3)(4)(5)(6)(7) of the Care Act 2014 to conduct tasks that are in the public interest to:
(1) Promoting individual well-being
(2) Preventing needs for care and support
(3) Promoting integration of care and support with health services etc.
(4) Providing information and advice
(5) Promoting diversity and quality in provision of services
(6) Co-operating generally
(7) Co-operating in specific cases
(8) Duty to meet needs for care and support
The task(s) are necessary (but are by no means an exhaustive list), but provides an indication of the many tasks required under Part 1 of the Care Act 2014 as the council has an obligation to the public to deliver services that are a necessity to the local population - from whom funding is provided to deliver these services/tasks in the form of Council Tax.
Local Authorities have a duty under Section 74 (1)(2)(3)(4) of the NHS Act 2006 to supply goods and services:
(1) In the Local Authorities (Goods and Services) Act 1970 (c. 39) the expression “public body” includes—
(a) any Strategic Health Authority, Special Health Authority or Primary Care Trust, and
(b) so far as relates to his functions under this Act, the Secretary of State.
(2) Subsection (1) has effect as if made by an order under section 1(5) of the Local Authorities (Goods and Services) Act 1970 and may be varied or revoked by such an order.
(3) Each local authority must make services available to each NHS body acting in its area, so far as is reasonably necessary and practicable to enable the NHS body to discharge its functions under this Act.
(4) “Services” means the services of persons employed by the local authority for the purposes of its functions under the Local Authority Social Services Act 1970 (c. 42).

As part of the application process, the requirement for the data requested has been assessed and NHS England is content that it is appropriate, necessary and proportionate for the performance of the task described in the Purpose statement.
‘Necessity’: Throughout the application process, the necessity of the processing for the performance of the task has been assessed. This included but was not limited to ensuring appropriate minimisation of the data to ensure that only the minimum amount of data required are processed. During the application process it has been considered whether the information that the processing aims to determine is already available from other sources or whether the task could be performed using publicly available data or data from alternative sources than NHS England. Consideration has been given to whether the volume of data being requested is proportionate to the expected benefit and, through examination of the expected benefits consideration has been given to whether the task is itself necessary.
Therefore, we are satisfied that this request is appropriate, necessary and proportionate for the performance of the task described in the Purpose statement and that there is no other reasonable means for the data processor to achieve their purpose that is less intrusive to the data subjects.

Article 9(2)(h)

(processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services on the basis of Union or Member State law or pursuant to contract with a health professional and subject to the conditions and safeguards referred to in paragraph 3)

• The data are required for the purpose of commissioning.
• The data required by the data controllers is the least intrusive to the data subject possible to be able to conduct their functions.
• The data required for commissioning purposes is pseudonymised by NHS England to minimise the risk of identification.

As part of the standard Data Access Request Service application process:
• the applicant’s technical and organisational measures to safeguard the data have been assessed and meets NHS England’s acceptance criteria;
• the requested data has been assessed as proportionate to the aim pursued;
• respect to the essence of the right to data protection has been assessed (e.g. security assurance, data retention, controls and processing activities, etc.);
• measures to protect the rights and freedoms of data subjects have been assessed including transparency (fair processing) publishing subject’s rights to withdraw consent and/or have their data erased or rectified, etc.

Article 9(3)

(Personal data referred to in paragraph 1 may be processed for the purposes referred to in point (h) of paragraph 2 when those data are processed by or under the responsibility of a professional subject to the obligation of professional secrecy under Union or Member State law or rules established by national competent bodies or by another person also subject to an obligation of secrecy under Union or Member State law or rules established by national competent bodies.)

Existing DAE users will migrate to NHS England’s Secure Environment.

NHS England’s Controlled Environment is a data storage and access platform that enables approved users to access de-identified data and analytical tools for approved projects. Users must identify themselves via a multi-factor authentication mechanism and are only able to access the datasets detailed within this agreement. Users can request that aggregated outputs are exported from the system following approval by trained NHS England staff. The access and use of the system is fully auditable, and all users must comply with the use of the data as specified in this agreement.

Expected Benefits:

Access to the data will enable the Local Authority to undertake locally-focused and locally-responsive analyses of health status and health outcomes. For example, the data will be used to produce analyses of health inequalities for non-standard geographies and for specific social or ethnic groups in the local population to help ensure that the health challenges facing the local population – particularly the most disadvantaged – have been identified and responded to appropriately by the Local Authority and its partners.

It is recognised that in fulfilling its public health duties using HES data, the Local Authority will deliver significant benefits. The Local Authority therefore commits in any renewal request to providing additional detail on benefits that relate to their local use of the data.

Outputs:

The results of the analyses of the data will be used by the Local Authority to support the discharge of its statutory duties in relation to public health, and wider public health responsibilities. Outputs will include (but not be limited to) the routine and ad hoc production of:

a) Joint Strategic Needs Assessments;
b) Joint Health and Wellbeing Strategies;
c) the annual report of the Director of Public Health;
d) reports commissioned by the Health and Wellbeing Board;
e) public health and wider Local Authority health and wellbeing commissioning strategies and plans;
f) public health advice to NHS commissioners;
g) responses to licensing applications and other statutory Local Authority functions requiring public health input;
h) local health profiles;
i) health impact assessments and equity audits; and, among other outputs
j) responses to internal and external requests for information and intelligence on the health and wellbeing of the population.

The specific content of and target dates for these outputs will be for the Local Authority to determine, although it is required to comply with national guidance published by the Department of Health, The UK Health Security Agency (UKHSA) and others as appropriate, for example, on the timetable for publishing refreshed JSNAs.

All outputs shared outside of the Public Health Team will be of aggregated data with small numbers suppressed in line with the HES Analysis Guide.

Processing:

Access to the Pseudonymised HES/ECDS will enable the Local Authority to undertake a wide range of locally-determined and locally-specific analyses to support the effective and efficient discharge of its statutory duties in relation to public health, and wider public health responsibilities.

This application/agreement is for online access to the record level HES database via the NHS England Secure Environment. The system is hosted and audited by NHS England meaning that large transfers of data to on-site servers is reduced and NHS England has the ability to audit the use and access to the data.

The NHS England Secure Environment is a secure method giving access to datasets and associated analytical tools. It is accessed via a secure authentication method to named users. Users are only able to access the datasets detailed within this agreement. Users log onto the secure environment and are presented with analysis tools which allow them to access the relevant data sets and reference data tables so that they can return appropriate descriptions to the coded data. The access and use of the system is fully auditable and all users must comply with the use of the data as specified in this agreement.

Users can produce outputs from the system in a number of formats. The system can produce row level extracts for local analysis in local analysis software.

Any record level data extracted from the system will not be processed outside of the Public Health team. Only registered NHS England Secure Environment users will have access to record level data downloaded from the system. Following completion of the analysis the record level data will be securely destroyed.

Access to the data is provided to the Local Authority only, and will only be used for the public health purposes outlined above. The data will only be processed by Local Authority employees in fulfilment of their public health function, and will not be transferred, shared, or otherwise made available to any third party, including any organisations processing data on behalf of the Local Authority or in connection with their legal function. Such organisations may include Commissioning Support Units, Data Services for Commissioners Regional Offices, any organisation for the purposes of health research, or any Business Intelligence company providing analysis and intelligence services (whether under formal contract or not).

The Local Authority will use the data to produce a range of quantitative measures (counts, crude and standardised rates and ratios) that will form the basis for a range of statistical analyses of the fields contained in the supplied data. Typical uses will include:

1. Analyses of disease incidence, prevalence and trends: The age, sex, LSOA, ethnic group, Indices of Deprivation and diagnosis fields typically will be used to produce directly standardised coronary heart disease admission rates for the Local Authority, and for appropriate benchmark and comparator areas. Confidence intervals will then be produced for these rates, and the rates analysed using statistical process control methods, to determine whether there are any significant variations in the prevalence of heart disease with the Local Authority. The data will also be used to analyse changes over time in the prevalence of heart disease. The results of these analyses will then be used to inform the production of local health profiles, JSNAs and JHWSs; support the ‘core offer’ public health advice provided by the Director of Public Health to NHS commissioners; and advise any enquiries into health inequalities requested by the Health and Wellbeing Board.

2. Analyses of hospital admission rates: The data will also be used, for example, to produce comparative and longitudinal hospital admission rates among children and young people, particularly for injury and self-harm, to support the overarching responsibility of the Local Authority to safeguard and promote the health and welfare of all children and young people under the 1989 and 2004 Children Acts. Statistics based on these analyses will be used by the Director of Public Health to advise the Director of Children’s Services and Lead Member for Children’s Services, and inform and guide the provision of safeguarding services by the Local Authority.

Conditions of supply and controls on use

In addition to those outlined elsewhere within this application, the Local Authorities will:
1. only use the HES/ECDS data for the purposes as outlined in this agreement;
2. comply with the requirements of NHS England Code of Practice on Confidential Information, the Caldicott Principles and other relevant statutory requirements and guidance to protect confidentiality;
3. not attempt any record-level linkage of HES/ECDS data with other data sets held by the Local Authority, or attempt to identify any individuals from the HES/ECDS data;
4. not transfer and disseminate record-level HES data to anyone outside the Local Authority;
5. not publish the results of any analyses of the HES/ECDS data unless safely de-identified in line with the anonymisation standard; and
6. comply with the guidelines set out in the HES Analysis Guide;
7. ensure role-based control access is in place to manage access to the HES/ECDS data within the Local Authority.

The Director of Public Health will be the Information Asset Owner for the HES/ECDS data and be responsible on behalf of the Local Authority to NHS England for ensuring that the data is only used in fulfilment of the approved public health purposes as set out in this application. The Local Authority confirms that the Director of Public Health is a contracted employee to the permanent role within the Local Authority, accountable to the Chief Executive.

Data retention
A maximum of ten full years data will be accessed through the NHS England Secure Environment at any point, such that as each new data year is available, access to the oldest year will be suppressed i.e. at any point in time only ten historic years of data plus the current year is available. The Local Authority will securely destroy any record level data downloaded for the year’s data within six weeks of receiving access to the latest annual dataset and provide a data destruction certificate to NHS England.

The historic data will be used by the Local Authority in fulfilment of its public health function, and specifically to:
a) recognise and monitor trends in disease incidence and prevalence and other risks to public health;
b) recognise and monitor trends in treatment patterns, particularly hospital readmissions, and outcomes;
c) recognise and monitor trends in access to treatment and care between demographic, geographic, ethnic and socio-economic groups in the population; and
d) recognise and monitor trends in the association between the wider social, economic and environmental determinants of health and health outcomes for the purpose of informing the planning, commissioning and provision of effective health and care services at a local level.