Triangle

Sharing data with PRIMIS

When sharing GP practice data with PRIMIS:

  • please do not send any data unless we ask you to do so
  • check what we’ve asked for (we never require patient identifiable data, typically practice aggregate or one line per patient de-identified data)
  • check that the data does not contain any patient identifiable data (check all rows when sending an MS Excel file)
  • only send data if you have the permission of the GP practice (the data controller) to do so
  • only send data in accordance with the provisions outlined in the data sharing agreement
  • if sending via email: 
    • use the NHSmail encryption feature
    • ensure that the recipient is expecting your email and is ready to handle the contents appropriately
    • expect the recipient to contact you if they are not expecting your email
    • only copy in parties with permission to access the data

 

If you are a GP practice and you have agreed to share your practice data with us for further analysis, we will do the following:

  • only collect data to the scale and depth for the required purpose
  • only share your data with the parties named in the data sharing agreement and in a format that means that your practice identity is not revealed
  • refer any data breaches to our Governance Sub Committee, comprising a team of independent experts from the NHS, as well as information security specialists from the University of Nottingham
  • notify you of any data breaches involving data that you have submitted to us
  • only keep your data in accordance with the University of Nottingham's policies on records and information management

Visit the PRIMIS provacy notice for further information

PRIMIS privacy notice