My Lords, the Bill will place the National Data Guardian on a statutory footing and will promote the provision of advice and guidance on the processing of health and social care data in England. It is an honour for me to bring the Bill before your Lordships today.
The Bill is an important step in increasing the public’s and patients’ confidence in the use and appropriate sharing of health and care data. It has gone through the necessary stages in the other place and I extend my thanks to the many people who have helped prepare the Bill, in particular to Jo Churchill for her dedication to the original Private Member’s Bill and to Peter Bone for sponsoring the Bill in the other place and ensuring that it reached this stage. It would be remiss of me to proceed without mentioning and thanking the National Data Guardian, Dame Fiona Caldicott, who has contributed so much to this area. I am grateful to the Parliamentary Under-Secretary of State for coming to listen to the debate. I appreciate the department’s help with the progress we have made so far and the cross-party support for the principle behind the Bill. Indeed, I see that Jo Churchill is also here today and we welcome her. I hope that with that cross-party support, the Bill will go through its stages here as quickly as it did in the other place.
I would like to take some time to reflect on the importance of the role of the National Data Guardian. We all know that when collected and used properly, healthcare data has the potential to be transformative for patients. Sharing data offers immense promise for improving the NHS and the social care system, as well as benefiting individuals through unlocking new treatments and medical breakthroughs. Getting information sharing right can create a better experience for people using services and make care more efficient. Too many people with serious conditions have to tell the same story to multiple people and services involved in their care. Appropriate data sharing could eliminate any unnecessary burden. As well as that, if commissioners have access to data that they need to make the decisions about the best use of their resources locally and nationally, services can be provided where they are most needed and available funds can be maximised and budgets fully optimised.
Of course, our ability to unlock the benefits of data sharing relies on the public having confidence in the health and care system’s appropriate and effective use of data. If data and information is to be used effectively to support better health and care outcomes, the public have to have trust and confidence that there are strong safeguards in place to protect it from inappropriate use. The establishment of the National Data Guardian as an authoritative and independent voice for the patient and service user on how their data and information is used is a crucial element in that. This short but important piece of legislation will promote challenge and build assurance across the health and social care system, enabling the system to access the data it needs to run safely, effectively and efficiently. A statutory National Data Guardian will enable the postholder to speak with increased authority. A statutory basis increases strength of argument, allowing for guidance to be published as standards and good practice to which relevant organisations must have regard.
Importantly, the National Data Guardian is not a regulator. The role is first and foremost to support organisations and individuals who use health and care data to do so in accordance with the relevant laws and good practice. Placing the role on a statutory footing was a manifesto commitment of the Government, and the Government’s support has been clear throughout the Bill’s progress. The Bill will be significant in maintaining public trust and confidence in the appropriate and effective use of health and care data.
I shall give a short summary of the provisions of the Bill, which consists of only six clauses and will establish the statutory role of the National Data Guardian. The Bill also makes provision for the administrative and financial operation of the National Data Guardian’s office. The Bill will give the National Data Guardian the power to publish formal guidance and provide informal advice, assistance and information relating to the processing of health and adult social care data in England. The Bill imposes a corresponding duty on public bodies within the health and adult social care sector and private organisations that contract with them to deliver health and adult social care services. They must have regard to the National Data Guardian’s formal published guidance.
The Bill requires the National Data Guardian to consult with appropriate persons before publishing the guidance and requires the National Data Guardian to produce an annual report including a set of accounts, details of advice given and guidance published in the previous financial year, and the priorities in the forthcoming year. The Bill gives the Secretary of State the power to provide for the commencement of its provisions, and requires him or her to appoint an individual to hold office as the National Data Guardian.
A money resolution to authorise money for the Bill was laid before Parliament on 21 May 2018. The expenditure of £725,000 per annum is necessary for the Office of the National Data Guardian to undertake its statutory function. The cost is based on the current £500,000 per annum provision for the existing non-statutory National Data Guardian office. The overall increase in spend of £225,000 per annum relates predominantly to additional team resources to strengthen
the National Data Guardian office’s ability to prepare and disseminate statutory advice and monitor its impact and relevance, amid anticipated increased demand for independent legal advice and assurance, along with a further responsibility for communication and engagement, including delivery of formal guidance, production of an annual report and accounts, and raising the profile of the National Data Guardian’s website.
I will reflect on a few points which have been raised in discussions over the past couple of weeks. With regard to whether the statutory National Data Guardian will have access to the Information Commissioner’s Office, the National Data Guardian already has a formal understanding and close working relationship with the Information Commissioner’s Office. That is covered by a memorandum of understanding. We would expect to see this updated to reflect the statutory footing. The statutory role allows the opportunity to build on the relationships already developed with regulatory bodies, including the Information Commissioner’s Office, the CQC and NHS Improvement, and to support them in their responsibilities around ensuring that appropriate practices are being adopted by regulated organisations.
I draw your Lordships’ attention to the fact that the Act would come into force,
“on such day as the Secretary of State may by regulations appoint”.
Regulations to this effect made under Clause 5 are to be made by statutory instrument. The Bill contains no other regulation-making powers. There is no intention to amend this.
Lastly, the Bill’s provisions extend to private sector providers that contract with public bodies to deliver health and adult social care services. These must have regard to the National Data Guardian’s published guidance. Data held by privately arranged and funded health and adult social care providers is not covered by the Bill. However, private providers of healthcare will have access to NHS patient data in the vast majority of cases—for example, where patients give their consent for their records to be shared—but this alone will not bring them within the scope of the Bill. The NDG’s remit extends to all health and adult social care data but purely private bodies are not required to have regard to published guidance.
Placing the National Data Guardian on a statutory footing is important for many reasons. This is a significant time in the history of health and care and it is critical to maintain and strengthen public and patients’ support. People want to know what their data is being used for, who it is being shared with and why. A statutory National Data Guardian will be key in ensuring that citizens’ confidential information is safeguarded securely and used fairly and lawfully. I thank everyone for their help so far and I hope that we can make swift progress with the Bill. I beg to move.
10.16 am