Skip to the content

Frequently asked questions (FAQs)

1. What is health and care data?

Your health and care information is held by organisations that provide your care, like your GP, hospital or care home. This information is often stored electronically (not on paper). Data about you can be used to:

  • provide your personal care
  • plan health and care services
  • carry out research to find new treatments or services.


2. Why is information shared?

Good quality data is essential to help make sure that you get the best possible care. All staff who help look after you need to have up-to-date information about you. Staff in your GP practice, hospital or care home need this information to guide your care.

Everyone should be able to access information about their own health and care. This can help them manage their own health. It can help to keep information accurate and up to date.  It can also help to reduce the times you have to repeat the same information to lots of different people.


3. What information is shared?

There are several systems for sharing health and care information. Information is shared between health and care staff and the organisations they work for. The sort of information that is shared includes:

  • illnesses you have
  • your treatment and care
  • test results
  • medicines you are taking
  • allergies
  • information about hospital appointments and admissions.


4. Who can see my information?

Each organisation that holds data about you decides who can see it. Which staff can see information depends on their job. A doctor will be able to see more information than a receptionist.  Health and care staff should only access your health and care record if they:

  • need to provide care for you or
  • need information to manage care, like making outpatient appointments.


5. How can I access my information?

Download the NHS App

You can download the NHS App. This shows some data held by your GP, like allergies and medicines. It also allows you to do things like book GP appointments.

Your Frimley local health and care app

In Frimley Health and Care we have developed an app that will let you see your health and care information. You will be able to sign-up to the app here soon.

Ask Your Care Provider

Contact the Data Protection Officer at the organisation providing your care. This could be your local hospital or GP practice. Details of how to do this can be found on the organisation’s website. If you ask to see your data, you should get a reply within one month. If it is complicated to reply, you should be told how long it will take. They should reply finally within three months of your request.


6. How is my information used for planning and research in healthcare?

Information about all people using health services can help plan future services. This might be by looking at data about:

  • who is using services. For example, looking at how many children are born to plan services for young people, or
  • by doing research to understand new treatments.

By linking together small amounts of data from lots of patients, planners and researchers can look for patterns. This helps them identify ways to improve health and care services. The information is really valuable to help to:

  • understand more about disease
  • develop new treatments
  • monitor safety
  • plan services and
  • see if NHS policy is working.


7. How is my information used in research?

Planners and researchers use patient data to help them to:

  • understand more about disease
  • develop new treatments
  • monitor safety
  • plan services and
  • see if NHS policy is working. 

This kind of research is vital to improve health and care for everyone. Researchers and planners can ask to use data from several sources, such as:

  • Audits like the National Diabetes Audit
  • Disease registers like the National Cancer Registry
  • Service data like Hospital Episode Statistics
  • Prescribing databases
  • Patient surveys like the National Inpatient Survey
  • GP records.

Before research starts, the plan is usually looked at by an independent committee. The committee checks that using the data is appropriate and in the best interests of patients. Wherever possible data used is anonymised, (link to anonymisation Q). Researchers should be given the smallest amount of data needed to answer their questions. Data must be stored securely. A legal contract must be signed before data can be shared or used.

Often a study will need to use data about an individual that is held in more than one place. A trusted third party, usually NHS Digital, links the data using a unique code which is then removed. This means the researcher cannot re-identify individuals.


8. Can I be identified when my data is used for planning or research?

Data that has had information removed (or hidden) that identifies who you are, like name, address and date of birth, is used as much as possible for things that are not your personal care. Often, it is only a row of numbers and codes that can be seen. This is de-personalised or anonymised data.

Statistics are published regularly by the NHS, like A&E waiting times or vaccination coverage. This type of information can only be published if the data is anonymous. This means it is not possible to identify any individual.

Personally identifiable data can only be used if you give your permission or if it is required by law. It can then be used only if the proper safeguards are in place. It cannot be used for insurance, marketing or released to an employer without your consent.


9. What does anonymised mean?

Anonymised information is data where details that can identify a person, like name, address and date of birth, are removed.

When fully anonymised information from lots of people is put together, it is impossible to identify individuals. This data can then be used to plan and improve health and care services. 

There are different levels of identifiability.

When all the information about a person is present, the person is fully identifiable. As information is removed or hidden, the image is more and more blurred. It becomes more difficult to identify who that person is. When most personal information has been removed, it is not possible to identify someone.  This means they are anonymous.

The Information Commissioner’s Office gives guidance about what data must be removed or hidden. It also makes rules that must be followed to anonymise data properly: Anonymisation: managing data protection risk code of practice (


10. Can I stop my information being shared?

You can object to how your data is used or shared. This is controlled by data protection law.

Data about you can be used for:

  • providing your individual care
  • planning health and care services
  • research to find new treatments or services.


Sharing data for your individual care

Information about you is shared between people and organisations that provide your care. If you do not want information about you shared, even for your own care, you should contact the Data Protection Officer. Contact the Data Protection Officer at the organisation providing most of your care, or your most recent care. This could be your GP practice or local hospital. 

Your request will be discussed with relevant staff, like your doctor. They will decide if there might be a serious risk to you if your information is not shared. They may also discuss your request with other organisations that provide care for you.

It is unlikely that it will be possible to share just some of your data. For example, only sharing information about your physical health, but not your mental health. If you opt-out of sharing information for your own care, it is likely that none of your data will be shared across organisations. If you opt-out, you can change your mind and opt back in at any time. if you do this there may be some gaps in the data available to be shared.  It might not include all the information for the period that you opted out.


Sharing data for planning or research

You can request to opt-out of sharing your data for planning or research.

National Data Opt-out: You can opt-out of people being able to use your personally identifiable data for planning or research through the National Data Opt-out scheme:

If your data is anonymised, so that it is not identifiable, it can still be shared. This will happen even if you use the National Data Opt-out.  If you do not want this to happen, you need to also object (refer to see section on sharing data for individual care).

If you opt-out, data will still be shared in some situations.

For details please see:

National Data Opt-out


11. How can I be sure that my data is kept safe?

It is really important that we keep your data safe. There are a number of ways we do this:

  • Using technology to restrict who can access your data. This can be done with passwords, swipe cards or encryption, so the data can only be read using a code
  • Making sure that anyone who can access your data has the right training
  • Making sure that anyone who can access your data is approved by their organisation
  • Keeping computer systems up to date to protect against viruses and hacking
  • Having an audit trail every time personally identifiable data is looked at or used.

If someone misuses patient data, they could lose their job or be prosecuted.