Skip to main content
NHSProviders homepage
NHSProviders homepage
Home
Resources
Digital transformation in the NHS: a reference guide
Data transparency and usability

Digital transformation in the NHS: a reference guide

Data transparency and usability

Data is the backbone of shifting care to a preventative neighbourhood model of health. By linking data together, the NHS can unlock powerful insights to support more proactive, personalised and equitable healthcare. Routine data collection in the NHS holds immense opportunity to tackle key challenges and target interventions effectively based on forecasting and data analysis. 

When used strategically, data can help measure future inequalities, understand their causes, allocate resources more equitably and inform workforce planning to ensure services are responsive to population demands and future needs. 

The NHS comprises different organisations which have developed their own digital operational systems provided by different companies, therefore data custodianship is distributed across different organisations. This, combined with the patchwork of computer systems procured by different NHS organisations, mean that the infrastructure in place in the NHS makes interoperability a challenge. 

Health data in the NHS is governed by a number of pieces of cross-sector and health-specific policy. The Sudlow review argues for a culture shift towards a health data ecosystem that promotes the use of health data for patient and public benefit and rewards and incentivises organisations that drive this. 

Over the last 18 months, ministers have made high-profile announcements on data, such as the Health Data Research Service, national data opt-out reform, reform of legal frameworks around the secondary use of data, and single patient record in the NHS App. Legislative activity will support these changes (for instance via forthcoming secondary legislation on health IT standards).

 

Spotlight on policy: Information Standards for IT Providers 

Following the Data (Use and Access) Act 2025 (effective June 2025), new powers are in place for the government of the day to establish binding information standards covering IT services and systems used in health and adult social care. These standards are expected to mandate requirements around: 

  • functionality, connectivity, interoperability, portability
  • data storage, access and security.

Definitions in the Data Use and Access Act allow the government to set up approval schemes for health IT providers and enforce compliance. If not, the providers could be publicly named.  

Further information

Read The Data Use and Access Act 2025 (DUAA) - what does it mean for organisations?  

 

The vast majority of people in the UK support the use of their health data to benefit themselves and others but also want clarity around how their data is used and stored and how their privacy is protected. The NHS is by far the most trusted organisation with data, garnering high levels of support. Research from NHS England shows 72 per cent of people trust the NHS with their data, and a study from Boston Consulting Group found 90 per cent support sharing their data with the NHS for any purpose. 

A minority of people oppose their health data being used by anyone for any reason. Studies put this figure somewhere between 14 per cent and 21 per cent of the population. There is low awareness of how data is used to improve health and care services, according to research by Understanding Patient Data. A majority know ‘nothing at all’ (20 per cent) or ‘a little’ (34 per cent) about how patient data is used

This is echoed by similar findings from the Health Foundation. 57 per cent of people do not recall ever receiving any information about the data held in their records. Public misconceptions about data are common, including who can access data, what data is in people’s patient records and how the data is used. For instance, 61 per cent of people in England incorrectly believe there is already a single national patient record in place.  

Research has found that caution about sharing data is primarily driven by a fear of data breaches, unscrupulous profit-seeking, and that trust is driven by faith in data protection regulations. In England, reporting on health data initiatives has often focused on the risks of using data. This, coupled with lobbying from privacy campaigners and parts of the medical profession, has led to media coverage about patient data leaning negative and further increasing public scepticism. 

Improving transparency and public engagement will be key to building trust and unlocking the full value of health data. NHS leaders play a pivotal role in ensuring that health data is used transparently, securely and in ways that build public trust. As care increasingly shifts from hospital to community settings, leaders must actively engage the public to explain how their data supports population health management and integrated care. Improving transparency and fostering meaningful public engagement are essential to unlocking the full value of health data.

As set out in our Frontline Digitisation report (2024), efforts toward EPR system convergence have sparked valuable strategic discussions within and across trusts and ICSs about streamlining clinical and administrative services. However, there is benefit for NHS leaders in prioritising interoperability rather than pursuing full convergence of EPR systems. This means enabling staff across organisations to access consistent, shared data sets, regardless of the systems in use. A focus on interoperability is vital to avoid any one vendor dominating the market and allow for flexibility to local needs. 

Examples such as the London Care Record and OpenSAFELY demonstrate the potential of joined-up data. The London Care Record brings together data from five ICSs, including 111, London Ambulance Service, hospitals, primary care, mental health and community as well as social care. The extent to which different sources of data are included varies across local authorities. The London Care Record uses the Health Information Exchange (HIE) from Oracle, comprising one central HIE connected to a series of HIEs in each integrated care system around London, to join up data.  

At the population level, OpenSAFELY  joins up the health records of 58 million people in England and includes the GP records of the entire population in England. OpenSAFELY has achieved this by implementing their software inside the data centres of the biggest EPR providers for general practice. Data is never moved out of the secure environment, and their analysts run large scale computation across pseudonymised patient data for research. 

 

Key organisation: Understanding Patient Data

Understanding Patient Data Logo

Understanding Patient Data (UPD) is a hosted organisation of the NHS Confederation. 

Its focus is on data routinely collected as part of a person’s interactions with the health service which might be used for purposes beyond individual care without explicit consent. 

UPD provides objective information about how patient data is used and brings the views of patients and the public to policymakers and data holders, to ensure data is being managed and used in ways that are worthy of public trust.

Further information

Visit Understanding Patient Data.

PreviousNext