Date published: 23 May, 2024
Date last updated: 3 June, 2024
Integrated care

Terms of reference for the Federated Data Platform Programme Data Governance Group

Programme/project name: Federated Data Platform Programme
Senior Responsible Owner (SRO): Rebecca Llewellyn
Author: Claire Clements, Head of FDP Information Governance
Version 1, May 2024

Revision history

VersionDateSummary of changes

0.1

15 Feb 2024

First internal NHS England draft

0.2

16 Feb 2024

Second internal NHS England draft

0.3

7 Mar 2024

Third draft with amendment to membership

1.0

15 May 2024

Final version with amendment to membership

Approved by

This document must be approved by the following people:

Title SignatureNameDate Version

Data Governance Group

NA

 

15/05/2024

1.0

Document control

The controlled copy of this document is maintained by NHS England. Any copies of this document held outside of that area, in whatever format (e.g. paper, email attachment), are considered to have passed out of control and should be checked for currency and validity.

1. Purpose

The Data Governance Group (DGG) is being established by NHS England to provide FDP Programme oversight to the approach to data processing and sharing across all Instances of the Data Platform and NHS-PET.

The aim of the group is to facilitate consistency of IG documentation by approving Data Protection Impact Assessments (DPIAs) for Data Platform products prior to these being launched within FDP.

The DGG will also provide approval, on a case by case basis, to all existing and new Instances of the Data Platform where a potential FDP User Organisation cannot demonstrate compliance to the Data Security and Protection Toolkit (DSPT). More specific responsibilities are captured below.

2. Duties and responsibilities

The role of the Group is to:

  • To approve these terms of reference
  • To approve all Products and Instances of the Data Platform prior to them going live, working in collaboration with Cyber Security Group and the Clinical Safety Group
  • To approve all Overarching Data Platform and product DPIA’s before go live and prior to publication
  • On a case-by-case basis, approving existing and new local Instances of the Data Platform, where an NHS Body who applies to become and FDP User Organisation or a User Organisation System Contractor cannot demonstrate compliance to the Data Security and Protection Toolkit (DSPT) to standards met. Approval may be subject to such conditions as the Data Governance Group require.
  • Provide advice to NHS England and FDP User Organisations on the approach to consistent data processing and sharing within the Data Platform and NHS-PET as requested .
  • Approve the FDP IG Audit and Assurance Framework (as referred to in the FDP IG Framework), receive and consider IG audit and assurance reports and advise on any actions in relation to the same
  • Provide oversight of information governance issues relating to:
    • the establishment of new Instances of the Data Platform and NHS-PET
    • the use of Products within the Data Platform and NHS-PET
    • receiving and considering reports on Incidents
    • considering and recommending any changes to the FDP IG Framework
  • Considering and approving any future use cases to be added to FDP.
  • Independent representatives will not have voting rights

3. Membership

The Data Governance Group should be made up of the following personnel;

From NHS England:

  • A representative of the NHS England Caldicott Guardian
  • A representative of the NHS England Data Protection Officer
  • The Head of IG for FDP (who will be chair of the group)

Independent representatives:

  • A representative from the NHS England Advisory Group for Data (AGD)

From other organisations:

Senior information governance representatives from the following organisations:

  • A Trust representative from each region (for Trusts with an Instance of the Data Platform)
  • An Integrated Care Board representative for each region (for ICB’s with an instance of the Data Platform)
  • A representative of the Platform Contractor (attending the first half of the meeting only)
  • A representative of the NHS-PET Contractor (attending the first half of the meeting only)

The names, job titles and contact details for each member and their named deputy should be notified in writing to the Secretariat and kept up to date.

4. Confidentiality and information sharing

All materials and information shared with the DGG are assumed to be confidential and should not be disclosed outside of a member’s organisation, without prior approval from the Group. However, members can discuss broad, non-attributable meeting outcomes once minutes of approvals and actions have been shared.

Members will not disclose information or written material (such as agendas, minutes, discussion papers or other documents) to other parties external from their organisation, without prior written approval from the Chair.

Minutes will be taken of meetings and the detail of approvals and actions from meetings (subject to confidentiality restrictions) will be published on the NHS England website following approval of the minutes by the Group.

5. Declaration of interest

A conflict of interest is a set of circumstances by which a reasonable person would consider that an individual’s ability to apply judgement or act, in the context of delivering, commissioning, or assuring tax payer funded health and care services is, or could be, impaired or influenced by another interest they hold.

All DGG members should ensure that they are not placed in a position that risks, or appears to risk, compromising their role or the NHS public and statutory duties or reputation.

Conflicts of interest should be declared in writing to the Group secretariat and specific conflicts should be raised at the start of any agenda item or discussion for which that conflict arises and may be asked by the Chair to leave the meeting for that item. The secretariat will note conflicts and the actions taken in respect of them in the minutes.

6. Meetings

  • The DGG will meet The Chair of the meeting may convene additional, exceptional meetings, as necessary on providing members with not less than 5 Working Days notice.
  • A minimum of 3 members from NHS England, 2 members from each of the Trust and ICB membership group, and a member from each of the Platform and NHS-PET Contractor should attend each meeting for the meeting to be deemed quorate.
  • When approving a matter the majority of members from the NHS England member group, the Trust representative group and the ICB representative group must support approval, together with the Data Platform representative (for Data Platform related matters) and the NHS-PET representative (for NHS-PET related matters). The Chair has a casting vote where needed.
  • The Chair or the Group may ask any other officials of the FDP programme to attend to assist it with its discussions on any particular matters.
  • When required, the Group maybe asked to approve documentation or provide advice remotely in between the scheduled meeting patterns

7. Agenda and papers

The agenda will be set by the Chair ahead of each meeting, and will be sent out no later than 1 week ahead of the meeting together with any papers or documentation. Late papers or documents will be accepted at the discretion of the Chair, taking into account the time required for members to review the paper or document.

8. Secretariat

The DGG will be supported by secretariat, which will be provided by the FPD Programme from the Project Management Office.

The secretariat can be contacted on england.fdp@nhs.net

Date published: 23 May, 2024
Date last updated: 3 June, 2024