Department of Health Skip to content

Please note that this website has a UK government access keys system.

A complete list of every information system containing personally identifiable information for members of the public

  • Last modified date:
    2 August 2011
  • Gateway reference:
    none required

Question

A complete list of every information system or database that contains personally identifiable information for members of the public.

Response

l attach an excel spreadsheet containing the information you requested including:

  • the date systems were introduced
  • statutory basis where applicable, and
  • whether the system was developed and maintained in-house, or by an external developer

In cases where the relevant statute specifically requires the establishment of lists or records, the statute is shown in the list. Where there is no specific statutory requirement, the field is left blank.

Please note that the attached list includes information systems and databases developed by the Department’s Informatics Directorate (DHID), formerly known as Connecting for Health (CfH) and the National Programme for IT.  However, it does not list databases developed by the individual NHS bodies and the Department does not routinely handle medical records. The Department’s Arms Length Bodies (ALBs), including Executive Agencies and Non-Departmental Public Bodies (NDPBs) are responsible for maintaining their own lists of Assets, and these are not held centrally by the Department.

You also asked

  • How many people's records does the system currently hold?
  • How many people can access information on the system?
  • Organisations with which data has been shared

For some of the systems listed, the numbers of records held for individuals is held centrally and is included in the list provided. For other systems, and for the information you requested on access and sharing of information, the information is not held centrally by the Department as there is no business need to do so.

It may be helpful if l explain that the Department handles personal data within the terms of our registration with the Information Commissioner's Office:

and with our information charter

The Department also maintains a list of information systems in its Information Asset Register (IAR). The IAR is also available via the internet:

If you require further information about any of the databases listed in the IAR, please make a further request

Access keys