Patient data

What do we do with the data we hold for the purposes of our research studies?

We undertake research with a focus on screening, prevention and diagnosis of bowel cancer. We aim to provide high quality evidence to underpin health policy changes. To achieve this aim, we have carried out, or are carrying out, a number of UK-wide clinical trials which are testing ways to reduce the numbers of people being diagnosed with, and dying from, bowel cancer.

Our team uses statistical methods to look for trends in the data which will help improve our ability to prevent people developing bowel cancer, as well as improving survival if someone is diagnosed with this disease.

What are anonymised, de-identified (pseudonymised) and identifiable/personal data?

Identifiable/Personal Data
Identifiable data or personal data is information about a patient that either on its own or with other information could reveal his/her identity. This type of data must be processed in accordance with Schedule 2 of the Data Protection Act. Also see the ICO’s website which provides a definition of ‘personal data’. Identifiable data can include but is not limited to a patient’s name, address, NHS number and full date of birth.

The CSPRG allocates a unique study number to each study participant. Wherever practicable, we use anonymised and de-identified (explained below) data for our studies to minimise the use of personal data.

De-identified (Pseudonymised) data/information
De-identification (pseudonymisation) is the process of replacing identifiers (such as names, address, NHS number etc) with an artificially created identifier (such as study number) so as to conceal the identity of the individual. The resulting dataset is called pseudonymised or de-identified data.

When our data is pseudonymised, we do not hold patient identifiers; we only hold the clinical data needed for our research (e.g. symptoms, diagnoses, clinical examinations, outcomes, cancers and mortality information) and the study number of the individual. This makes the pseudonymised data held by the CSPRG effectively anonymous to our research team. The identifiable data (e.g. name, NHS number, address) and study number may be held by our data providers such as NHS hospitals responsible for the individual’s care, NHS Digital and The National Cancer Registration Service.

Anonymised data
Anonymised data cannot be used to identify individuals and are not linked to any individual, not even by study number.

Statistical analysis and protecting the identity of individuals.

All our statistical analyses are conducted using de-identified (pseudonymised) or anonymised information (without identifiable data). Our research findings never report on individual cases and all findings are reported for aggregated data so no patients will be identifiable from any of our published research findings.

Information we may hold about you and your options if you wish to opt out.

If you have taken part in the NHS Bowel Cancer Screening Programme, visited your GP with symptoms suggestive of bowel cancer, agreed to participate in one of our studies, visited a hospital with symptoms related to bowel cancer or had bowel cancer treatment on the NHS, we may hold some information about you.

Please look at our individual Studies pages under sections ‘When and where did the study take place’ and ‘Who is included in the study’ to assess whether we may have collected your information for any of our studies.

If we only hold pseudonymised or anonymised (explained above) information about you, we cannot identify you from the data that we hold. This page and our Studies pages lists our data providers so you can approach them directly to find out whether we hold data about you.

According to the Data Protection Act 1998, you have the right to make a Subject Access Request to find out what personal data we hold about you. See the ICO website for your rights on Subject Access Request. If you wish to write to us, our contact details can be found here.

If your information has been used in any of our studies and we can identify you from the data we hold about you, you have the right to refuse or withdraw consent to sharing your information at any moment in time. There are possible consequences to our research if you do not share your information, but these will be fully explained to you to help you with making your decision. You can opt out at any time by contacting us and our contact details can be found here.

How securely are the data kept?

We take our role as guardians of individual/patient data extremely seriously. The CSPRG is part of Imperial College London and we comply with our Data Protection Policy.

The objectives of the policy are to protect the personal information processed by or disclosed to staff of the College or other authorised persons, ensuring its confidentiality, integrity and availability by processing it in accordance with current legislation.

As an organisation which processes personal data, Imperial College London is required to notify the Information Commissioner’s Office (the body that upholds information rights) on an annual basis. Imperial College London’s registration number is Z5940050 and can be searched on the Information Commissioner’s website.

We have administrative, technical and physical safeguards in place to ensure that the data we hold on study participants are held and processed securely. We continuously monitor and improve our Information Governance arrangements to minimise any security risk for our data. Our staff receive regular training on data handling, data confidentiality and Information Governance. As a result of the data handling and IT Security measures we have put in place, we have been granted an Information Governance (IG) toolkit by NHS Digital (see details below).

IG toolkit – assessment of our data handling processes.

As our research involves data from NHS patients we must demonstrate that we handle this sensitive information in accordance with the Department of Health’s stringent requirements. We have carried out an assessment of how we handle the sensitive information we use for our research using the Department of Health’s Information Governance (IG) Toolkit. The aim of the IG toolkit is for an organisation to demonstrate that it can be trusted to keep your data securely and maintain confidentiality. We have met those requirements and our IG toolkit assessment can be found here.

What permissions do we need before we can collect the data we use for our research?

Ethics approval
All research involving human participants in the UK, whether in the NHS or the private sector, must be approved by an independent research ethics committee. These committees protect the rights and interests of the people who will be the subject of the research study. Before we conduct any research, we submit a detailed plan of our proposed research (protocol) to a recognised research ethics committee.  We cannot begin our studies until the appropriate ethics committee(s) have reviewed and approved it. See details here. The ethics committees that review clinical trials in the NHS are part of the Health Research Authority’s National Research Ethics Service (NRES). NRES publishes plain-language summaries of clinical trials so that the research is accessible to anyone who is interested.

Research and development (R&D) approval
For any research that involves NHS patients, we have to obtain permission from NHS Trusts to collect and use data from their patients. The Research and Development (R&D) Office(s) at each NHS Trust assesses the study carefully before approving it. See details here. All NHS organisations are required to give permission before research can begin within their organisation (this is in addition to ethical approval). Without this approval, indemnity/insurance cannot be assumed to be in place to cover the proposed research activity.

Section 251 Approval
In some circumstances informed consent for a research study cannot be obtained, and anonymised or de-identified (pseudonymised) data are not sufficient to answer the research question(s). In these circumstances, and if research is deemed to be in the interests of patients or the wider public, permission to use identifiable data can be exceptionally sought from bodies with legal responsibility for the protection of the interests of patients and the public in health research. In England and Wales, approval is obtained from the Confidentiality Advisory Group (CAG) of the Health Research Authority under Section 251 of the National Health Service Act 2006. The ‘Section 251 agreement’ (previously Section 60 of the Health and Social Care Act 2001 as re-enacted by Section 251 of the NHS Act 2006) allows the Secretary of State for Health to make regulations to set aside the common law duty of confidentiality for defined medical purposes. In Scotland, approval can be sought from Caldicott Guardians and in Northern Ireland from Medical Directors.

We are also required to comply with the Data Protection Act 1998 which requires us to process personal data fairly and lawfully and details can be found here.

Privacy Advisory Committee
In Scotland,  permission from the Privacy Advisory Committee (PAC) is required to approve any information released by the Information Services Division (ISD). From 1st May 2015 a single application and scrutiny process is now operated across Scotland by the newly formed Public Benefit and Privacy Panel for Health and Social Care.

Why do we need to collect additional data from other sources?

In some cases, our research may require us to collect additional data for the following reasons:

  • To provide supplementary data that we may not have been able to obtain during the initial data collection stage because it was not available at that time.
  • For validation of the quality of datasets i.e. to ensure that datasets are consistent and accurate, usually by cross-checking data from different sources.
  • To enable research that follows the health outcomes of individuals over extended periods of time. For example, for the UK Flexible Sigmoidoscopy Trial (UKFSST), for which recruitment and screening started in November 1994 and was completed in March 1999, we are still collecting data for the purposes of this study to understand the duration of the protective effect of screening.
  • To collect information on cancer diagnoses and deaths over the long term and combine this with clinical data collected from our studies. This enables us to use statistical methods to improve our understanding of bowel cancer prevention, screening and treatment strategies, which we anticipate will help improve bowel cancer survival.

Which external agencies/data providers do we use to obtain data?

There are several government agencies/data repositories in the UK that hold patient information that we require for our research. We have to apply to each agency separately and comply with their criteria in order to obtain or hold this information. In addition to this, in many cases, we have to submit annual reviews/assessments to show that we are complying with all the requirements. Some of the data repositories/agencies we use are listed below:

  • Office of National Statistics (ONS) – collects information on cause of death from civil registration records related to a person’s death taken from the death certificates for all deaths registered in England and Wales. In the past, we obtained information on cancer diagnoses and deaths from the ONS. The CSPRG no longer obtains follow-up data on cancer diagnoses and deaths from the ONS directly, instead getting this data via NHS Digital. All researchers who process this data are required to be ONS Approved Researchers.
  • NHS Digital (formerly the Health and Social Care Information Centre) –we obtain ONS cancer and mortality data through NHS Digital. We comply with the Information Governance (IG) Toolkit required by the NHS Digital, which is a detailed assessment to ensure that we follow strict Information Governance policies and standards to ensure the confidentiality of the data held by us. Our IG Toolkit reference is 8HL46-FOM-CSPRG.
  • Cancer Registries –The National Cancer Registration Service (NCRS) registers all cancers and some pre-cancerous lesions diagnosed in England. We obtain cancer staging information, which is based on the size and/or extent (reach) of the original (primary) tumour, the location of the cancer and whether or not the cancer has spread in the body. This provides very valuable insight for our bowel cancer research. The NCRS also requires us to comply with the IG Toolkit and we also have to obtain permission from the Office for Data Release (ODR). The ODR ensures that all data releases are conducted in accordance with the rights of the data subject, the legislative framework including the principles set out in the Data Protection Act 1998 and the seven Caldicott Principles.
  • NHS Bowel Cancer Screening Programme (BCSP) – we sometimes request pseudonymised data (no patient identifiers are shared with us) that are collected as part of the Bowel Cancer Screening Programme in order to re-apply our research techniques to very large numbers of people included in the NHS Bowel Cancer Screening Programme as this helps ensure our results are of high quality. We have to obtain permission from the Office for Data Release (ODR). The ODR ensures that all releases are conducted in accordance with the rights of the data subject, the legislative framework including the principles set out in the Data Protection Act 1998 and the seven Caldicott Principles.
  • NHS National Services Scotland (NSS) – Information Services Division (ISD) Scotland is part of NHS National Services Scotland and we obtain the cancers and mortality data that are registered in Scotland for patients who either currently live in Scotland or who previously lived in Scotland. We have to submit an application to the NSS Privacy Advisory Committee (PAC) who would approve the data release before ISD can release any information to us. From 1st May 2015 a single application and scrutiny process will be operated across Scotland by the newly formed Public Benefit and Privacy Panel for Health and Social Care.
  • NHS Central Register (NHSCR) – The National Health Service Central Register (NHSCR) exists mainly to allow the smooth transfer of patients who move between Health Board areas (or across borders within the UK). We obtain the cancer and mortality data that are registered in Scotland for patients who either currently live in Scotland or who previously lived in Scotland. It allows us to validate the data provided by the NSS or NHS Digital and obtain cancer or mortality data that may have been missed by other agencies. Before we obtain any data we have to obtain Privacy Advisory Committee (PAC) approval (as explained above) and in the future we will have to obtain approval from the Public Benefit and Privacy Panel for Health and Social Care.

Do we share the personal data we hold, and if yes, with whom do we share it?

The data we hold are only shared when we have received permission to do so as part of the approvals process for our research study. Moreover, data collected by the CSPRG are only shared with the following groups, where a clear legal basis for such sharing exists:

  • Approved collaborators, sub-contractors and joint principal investigators for specific studies on a need to know basis if they have legal contracts with Imperial College London or CSPRG. Wherever possible no patient identifiable data are shared , unless absolutely necessary and where we have the appropriate approvals in place to do so.
  • Organisations such as NHS Digital (formerly the HSCIC), Cancer Registries, GPs, etc. to obtain additional data for research. These organisations already hold the patient identifiable information which they obtain from the NHS and other sources. We sometimes provide them with a list of patients taking part in a particular study and ask them to match our study participants to their data so that they can supply us with follow-up data that are required for our research. For example, we supplied NHS Digital details of individuals on our UKFSST study to determine who has been diagnosed with a colorectal cancer.

The legal contracts with collaborators ensure that the shared data is held and processed securely and no further sharing is allowed without our permission or knowledge.