On 13 November 2014, the National Information Board (“NIB”) (established by the Department of Health (“DH”) and chaired by NHS England’s National Director for Patients and Information) set out a vision for how technology should work smarter and harder for people and patients by 2020. This “framework for action” details how real time data will be available to health care professionals to ensure that patients receive safe and effective treatment at the point of care. In addition, the framework for action aims to ensure that all NHS funded care services have digital and interoperable systems that remove the limitations of paper records and slow bureaucratic systems by 2020.

Although most care providers have adopted computerised record systems, these often lack the capability to share information with other care professionals. Most hospital information systems remain impenetrable to care professionals outside the hospital network and there is little or no electronic exchange of information about the 150,000 patients cared for in nursing homes and hospices. The NIB has confirmed that a number of major, long term contractual arrangements will come to an end in the next three years (including the remaining local service provider contracts, primarily covering hospital and community services, GP systems and a number of infrastructure contracts such as N3, the NHS’s secure network) and this represents opportunity to address these issues.

The framework for action

The framework for action is not a national plan or strategy, but a vision that is intended to support health care staff, patients and people to take better advantage of the digital opportunity. The NIB will report annually on progress made against the priorities detailed in the framework and review them each year to reflect changing technology and accommodate new requirements from the public and staff.

The proposals in the framework for action represent the core and immediate priorities for delivery of modern digital health and care services. The overarching aim is to give everyone online access to their GP records by 2015 and to ensure that records held by hospitals and community mental health and social care services can be viewed through digital platforms and approved apps by 2018.

The NIB will consult with care providers in social, domiciliary and residential care on the development and publication of appropriate datasets to provide an effective insight into the safety and quality of care services. Subject to ongoing evaluation, and with full safeguards, the ‘care.data’ programme (which links data from GP records to existing data collected from hospitals) will be extended nationally to other care settings to enable safe data sharing for better analysis of care homes.

NHS England will develop data standards to support new costing, pricing and payment systems to incentivise new models of care to deliver best outcomes and value for patients. The NIB envisages that such changes will improve coordination of care and benefit those with complex conditions.  In addition, a recent study for NHS England indicated that digital investments deployed as part of transformational change can deliver significant savings. Accordingly, the use of technology is also intended to create a more efficient NHS and deliver savings which are needed to contribute to the £22 billion efficiency savings target which is set out in the NHS “Five Year Forward View” plan. Later in the financial year, the NIB will release more detailed plans for taking forward the framework for action.

Chapter 8

Chapter 8 of the framework for action is focused on building and sustaining public trust. It sets out the proposals for establishing an approach to collecting and using data that is adopted across the care system as a whole, by all participants, whether users or providers of care services or suppliers of clinical systems or apps. Some of the key proposals can be summarised as follows: -

  • by April 2016 the NIB will publish a roadmap for moving to a whole-system, consent-based approach, which respects citizens’ preferences and objections about how their personal and confidential data is used, with the goal of implementing that approach by December 2020;
  • by October 2015, the Health and Social Care Information Centre (“HSCIC”) will publish enhanced data security standards and requirements for all publicly funded providers of care;
  • the DH will develop proposals to further strengthen the role, responsibilities and functions of senior information risk owners and information asset owners in the health and care system; and
  • by October 2015 the DH will relaunch the Information Governance Toolkit (an online system which allows NHS organisations and partners to assess themselves against DH Information Governance policies and standards) (“IG Toolkit”) to reflect enhanced information governance and data security requirements.


It is clear that the NIB is very keen to contribute to a more efficient care service. However, the overall effectiveness of the framework for action will ultimately depend upon the ability of care providers to adopt common approaches with the rest of the health and social care sector and the wider economy. For example, it is important that care organisations collaborate on areas requiring investment and invest in information and technology services that support service transformation.

Until more detailed plans are released, it is unclear how care providers can take the digital initiative forward. However data protection compliance, information security and the need to ensure the accuracy of data (particularly where this is submitted remotely by care recipients and patients) are likely to be of paramount importance given the sensitive nature of the data being held on those systems. In order to be prepared for the release of the new and enhanced information governance requirements in October 2015, care providers should therefore review current data protection compliance and policies and procedures. In particular they should assess themselves against the existing IG Toolkit (this is a requirement under the NHS Standard Contract) and put in place any measures to improve their performance level now before moving to the new regime. In the longer term, care providers will need to carefully consider how they also protect personal data when putting arrangements in place with the suppliers of any associated technology solution to mitigate the risk associated with migration from paper to digital records.

The data protection compliance challenges don’t end when migration occurs. When the technology solutions are implemented, care providers will need to carefully monitor how systems are used to ensure data is collected, processed and disclosed in accordance with the Data Protection Act 1998, in line with all applicable NHS standards and the conditions of the NHS Standard Contract. For example, care providers would need to be confident that the digital records cannot be accessed by anyone other than those authorised to do so, such as trained care home staff. This will be essential to ensure public trust in the new technology and the benefits of greater co-ordination and data sharing across the health and social care sector are fully realised.

These radical new plans show that the health sector is embracing modern technology and moving with the times. If implemented, the plans will transform the NHS and the way in which health and care services are provided.