Protecting information is vitally important to the NHS trusts that make up the NIHR HIC. These trusts work together to ensure that your data is protected at every step of the journey and is only used legally and appropriately.

Each trust collects and processes data about patients they look after, allowing them to provide the best possible care. Each organisation that collects personal data on the patients they treat is known as a ‘data controller’. This means they are responsible for looking after personal data and deciding how it can be processed (or used) to enable the NHS to provide the best service possible. Each trust has a legal obligation to keep your information secure and ensure that it is used appropriately.

Any time data is used for research or other activities as part of the NIHR HIC the trusts involved ensure that your information is processed securely and appropriately by always making sure that the data controllers (trusts responsible for the data) agree and sign off that that they are happy for patient data to be used in this way.

An important objective of the NIHR Health Informatics Collaborative was to develop a governance framework that could be used by NHS trusts to support data sharing in a wide range of research collaborations. Such a framework has been created and any NHS trust that has joined the Collaborative can use it to support the sharing of data. The Collaborative does not oblige any NHS trust to share any data and leaves it to each individual NHS trust to identify any data that it wishes to share. In addition, before sharing any data, the individual NHS trust must be satisfied that it is authorised to share that data. All of the research collaborations that benefit from using the framework developed by the Collaborative have the ultimate aim of improving treatments and outcomes for patients.

Each trust is required to provide a privacy notice that explains how and what they will do with data.

To view the NIHR privacy policy please visit

Read more about our architecture…