National Data Opt-Out v5.0.0

Owned by Sharah Crispin (Unlicensed)
Last updated: 31-03-2022 by Jenna Bennett (Unlicensed)
4 min read
IDRM19
Version5.0.0
TypeRoadmap Item


TitleNational Data Opt-Out
Description

National Data Opt-Out: Specification

Date Added 
Standards and CapabilitiesInteroperability Standard
Change RouteManaged Capacity - SRO Priority
Change TypeNew
StatusClosed
Publication date 
Effective Date

 

Incentives / FundingNo
Incentive DatesN/A


Background of Change

The National Data Opt-Out is an option that gives Patients a simple and accessible way of controlling how their Confidential Patient Information (CPI) is used for purposes beyond direct care and it replaces the previous 'type 2' opt-out. The National Data Opt-Out allows Patients to choose if they wish to only allow their CPI to be used for their direct care and treatment, or if they wish to allow their data to be shared with other Health Care Organisations for planning and research purposes.

The National Data Opt-Out Programme has been established to ensure that a mechanism is developed and available for Health and Social Care organisations to use that will enable a Patient’s preference to be honoured accordingly, e.g. if a Patient’s preference is to opt-out then their data is to be withheld from being shared from appropriate disclosures – this is known as the ‘Upholding’ of an opt-out.

The development and implementation of the National Data Opt-Out ‘Upholding’ functionality for Health and Social Care organisations, including GP Practices, is expected to be complete for the 2019 Go-Live.

For further information about the National Data Opt-Out, please see weblink: https://digital.nhs.uk/services/national-data-opt-out-programme

Summary of Change

By 31st March 2021, Suppliers of General Practice systems must be compliant with all requirements pertaining to National Data Opt-Out. Detailed below is the Interoperability Standard that has been introduced and MUST be met.  

Capability-specific interoperability standards

Addition

National Data Opt-Out

The National Data Opt-Out allows Patients to choose if they wish to only allow their CPI to be used for their direct care and treatment, or if they wish to allow their data to be shared with other Health Care Organisations for planning and research purposes. The National Data Opt-Out Programme has been established to ensure that a mechanism is developed and available for Health and Social Care organisations to use that will enable a Patient’s preference to be honoured accordingly, e.g. if a Patient’s preference is to opt-out then their data is to be withheld from being shared from appropriate disclosures – this is known as the ‘Upholding’ of an opt-out.

DCB3058 Compliance with National Data Opt-outs contains further information on the Standard and information on the legal , strategic and policy context behind the requirements

The final set of National Data Opt-Out requirements, v2.0 published April 2019, can be accessed below:

Full Specification

A new Capability-specific interoperability standard "National Data Opt-Out" has been added. The Interoperability Standard is uplifted to include this under Patient Information Maintenance.
The new standard and the uplifted Standards are listed below:

  • Interoperability Standard v11.0.0 (Retired for administrative purposes, to prevent multiple conflicting future updates to the Interoperability Standard. The Interoperability Standard would be updated nearer the Effective date). 
  • (Archived) National Data Opt-Out v4.0.0

Compliance, Assurance and Testing

At a high-level, Compliance, Assurance and Testing of the National Data Opt-Out will align with the following steps:

  1. A GP System Supplier will provide NHS Digital Solution Assurance with their full list of data extractions/ data disseminations impacted for NDOP, for reference.
  2. A GP System Supplier will provide NHS Digital Solution Assurance with their detailed user stories and their associated acceptance criteria, for each NDOP requirements in scope, for reference and any feedback.
  3. A GP System Supplier will provide NHS Digital Solution Assurance with their test cases against each of their user stories and the pass/fail test results against each test case. Evidence of associated test criteria for Supplier test cases may be additionally requested by NHS Digital Solution Assurance. 
  4. A GP System Supplier Testing to include but not limited to:
    1. Retrieval and upholding of Patient National Data Opt-Out preference for a single Patient data dissemination(s)
    2. Retrieval and upholding of Patient National Data Opt-Out preference for multiple Patients data dissemination(s)
    3. Patient changes their National Data Opt-Out choice and its’ effect on data dissemination(s) from the GP System
    4. Testing that any Type 1 opt-out preferences recorded in the GP system for Patients, continue to be respected
    5. Testing that the GP system is able to report with the required report data attributes on whether Patient data was included or removed from a dataset along with the reason for inclusion/exclusion
    6. Audit logging for retrieval of Patient’s National Data Opt-Out preference
  5. NHS Digital Solutions Assurance to sample a set of Supplier test cases for witness testing in a witness test session lasting not exceeding more than one day
  6. FOT (First of Type) DevMAC to be awarded to the GP System Supplier at the end of the successful assurance
  7. FRA (Full Rollout Approval) DevMAC post successful FOT