Data access requests

We are responsible for the largest programme of clinical audit in the UK. Our data access request service ensures that data from programmes we commission and host – including the data collected through our national clinical audit and patient outcome programme (NCAPOP) – is available for research, quality improvement, service evaluation and evidence-based decision making.

Before you submit an application

Not all enquiries progress to the application stage. It may be that the data you need is available through our existing published data. Please read the following information to see if the data you require is available from another source before proceeding with your application.

We commission approximately 40 national clinical audits and clinical outcome review programmes which make up the National Clinical Audit and Patient Outcomes Programme (NCAPOP).  We also commission some projects outside the NCAPOP and we host the National Joint Registry.

These projects collect data on the quality and outcomes of care in England and Wales. Some projects also collect data in Scotland, Northern Ireland, Isle of Man, Guernsey and Jersey, either under contract to HQIP or separately.

Data from these projects is routinely reported and these reports are available on each project website, as well as on our website. The reported data is also placed on the data.gov.uk website.

We also work to routinely to place outcomes data on the  NHS Choices website. Many of these projects link with third party data sets such as Hospital Episode Statistics (HES) and Office for National Statistics (ONS) data which are managed by NHS Digital.

If you have determined that a data access application is still necessary, you should make contact with the relevant HQIP data provider (i.e. the HQIP commissioned or hosted project) before you submit an application. The HQIP data provider will need to advise if your data requirements can be met and will need to review and approve your application ahead of it being submitted to HQIP.  You can find details of data providers here.

If you wish to make a request for National Joint Registry data, please ensure you have read their approvals process.

When we can release data

We can authorise the release of data for which we are the controller. For most of the projects in the NCAPOP programme, we are a joint controller along with the programme funder.

Some data that we collect is not placed in the public domain. However, as the controller, we can share this data for the purpose of quality improvement, including research, service evaluation, and audit, if certain conditions are met and depending upon permissions in place for each project.

HQIP cannot usually give permission to share data for which we are not a controller; this includes where a project has been linked to a dataset controlled by another organisation, such as NHS Digital.  It is important that where you would like to access a linked dataset, you discuss this with the HQIP project and HQIP before you submit an application.

Submitting an application

We recommend you get in touch with us at [email protected] before you submit your formal application. By discussing your data needs with us, we can offer guidance on how to make a strong application.

Once you’re ready to make a formal application, complete the data access request form. You can download the form at the bottom of this webpage. Applications are reviewed on a monthly basis.

We require you to complete all relevant sections of the request form in full and to have all relevant supporting information and signatures embedded into the document.

The application form has embedded terms and conditions and together they form the data sharing agreement (DSA). All applicants and the data provider are required to sign this document before we authorise the release of data to you.

What happens to your application after submission?

We will confirm receipt of your request. We will undertake an initial review of each application within 3 weeks of submission.

After the initial review, we’ll refer your application to the HQIP Data Access Request Group (DARG) or, if the application has not been satisfactorily completed, we’ll request clarification or further information from you.

Once we have accepted your application after the initial review, the application is subject to our service levels.

We will allocate a reference number to your application. This reference number should be used within the subject field on all correspondence relating to the application.

DARG meets on a monthly basis. Applications which are complete and have addressed all applicable clarifications will be discussed at the next available DARG meeting. We will confirm with you the meeting date once the application is ready for submission.

Each application is reviewed against the following criteria:

  • Is the proposed use of the data clinically appropriate?
  • Is the proposed use of the data methodologically sound?
  • Does the application satisfy the requirements of the GDPR and Data Protection Act 2018?
  • Are the necessary legal and ethical permissions and security arrangements in place?

We will inform applicants of the outcome of a DARG meeting within one week of the meeting.

Following approval, data will be released within a reasonable timeframe agreed with the data processor. This may vary depending upon the complexity of the date requested and the scope of the core audit activity being undertaken at that time. We expect data to be released in a number of weeks. Please discuss any deadlines or timescales with the project before you submit your application to ensure you can get the data you need within your preferred timeframe.

If DARG do not approve the release of the data, you will be advised on steps required to improve the quality of your application. This advice will be provided on the listed outcome date. Once your application has been updated with requested clarification and returned to HQIP it will either be submitted for chairs action or be submitted for review at the forthcoming DARG.

Details of the meeting dates, submission deadlines, and outcome dates are available here.

Costs of data access

We will request payment from you to cover the cost of administering and processing your request.

Our payment schedule means how much you pay is determined by the amount of time, effort and approvals required. We review our pricing structure on an annual basis.

How charges are calculated

You will need to identify what type of application you are submitting:

  1. Basic
  2. Standard
  3. Complex
  4. Change

In addition, some applications might be eligible for discounted or waived fees, including:

  1. Applications to the National Joint Registry (NJR) – (please get in touch with the NJR as their own cost recovery fees may apply).
  2. NHS England / Getting It Right First Time applications.
  3. Unfunded applications.

Definitions for all applications are included in the application form.

Fee structure 2019/20

The fees listed are in pounds (£) sterling and are exclusive of VAT, which shall be paid in addition at the appropriate rate, where applicable. Fees will be agreed before the process starts.

Fee Type Fee detail Fee charge
1. Basic Anonymous data £1,000
2. Standard De-personalised

Personally identifiable

£1,500

£1,500

3. Complex Complex data project/new approaches £2,000
4. Change Amendment

Annual renewal

£500

£500

5. National Joint Registry Contact NJR’s Research and Governance Manager TBC
6. NHS England/GIRFT Contact HQIP’s Information Governance Officer £0
7. Unfunded Contact HQIP’s Information Governance Officer TBC

We also authorise individual NCAPOP projects who advise, support and release the data to recoup reasonable costs. These costs may vary depending upon the specific request. To find out more, please contact the individual national clinical audit or clinical outcome review programme in the first instance using the contact details listed on our website.

More information about the payment process is included in the application form.

Outputs or reports

We are committed to ensuring that, where possible, all data, outputs and publications are made publically available for the benefit of the public and the NHS.

Applicants for data, especially for the purposes of research, are expected to publish any findings or outputs resulting from their analysis of NCAPOP data. Applicants should reference that the data used was collected by HQIP. The acknowledgement should take this form:

Data has been provided by the Healthcare Quality Improvement Partnership from the xxx Programme

Data from the National Joint Registry (NJR) should use the NJR acknowledgement guidance.

To be transparent, we will publish a public register of approved data sharing applications. We will include within this register the lay title and lay summary of your project that you will have provided within your data sharing application form.

Special requests

If you wish to access a small amount of anonymous and aggregate information that has not yet been published by the HQIP project please contact HQIP or the HQIP project directly. These requests may not require the completion of a Data Access Request Form.

Reproducing HQIP copyright material

If you do not wish to access data but wish to reproduce tables, text or other information that is included in an NCAPOP project report or output under HQIP copyright, please contact us directly at [email protected].

Glossary of terms

Controller

A controller is either a person or an organisation who determines the purposes and the manner in which any personal data are, or are to be, processed.

Joint controllers

There can be more than one controller for a data set. Joint controllers occur when two or more persons or organisations act together to decide the purpose and manner of any data processing.

We commission and manage national audits and outcome reviews on behalf of NHS England, the Welsh Government, and sometimes healthcare organisations in Scotland, Northern Ireland, Isle of Man, Jersey and Guernsey. As such, we are joint controller with these organisations.

Processor

A processor is any individual or organisation (other than an employee of the controller) who processes the data on behalf, and at the behest, of the controller. The audit and outcome review providers we commission are processors on behalf of HQIP.

 

Contact us

You can contact us by email at: [email protected].

For information relating to National Joint Registry data access, please email [email protected].