This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies.

Legal frameworks

Last updated on 19 Mar 2018

CAG advises under two separate legal frameworks:

The Health Service (Control of Patient Information) Regulations 2002 – also known as ‘Section 251 support’ 

Under this legislation, CAG advises the decision makers – the HRA or the Secretary of State for Health– whether applications to process confidential patient information without consent should be approved or not. 

The Care Act 2014 

This function broadly means that CAG advises NHS Digital on aspects relating to its dissemination function. 

The decision makers 

The following bodies take the final decisions, informed by the advice provided by CAG: 

Research and non-research applications

CAG reviews research and non-research applications and advises whether there is sufficient justification to access the requested confidential patient information. Using CAG advice as a basis for their consideration, the HRA or Secretary of State for Health will take the final approval decision. 

Would you like more information?

Visit our dedicated guidance section, which includes frequently asked questions, decision tools, templates and more.

Data dissemination 

The Health and Social Care Act 2012 (as amended), states that NHS Digital must pay careful attention to CAG advice on data dissemination. 

In turn, CAG considers advice requests from NHS Digital in relation to its dissemination framework, more information on which can be found on the NHS Digital website. 

All of the advice we give to NHS Digital is available in our minutes.

Back to confidentiality advisory group