Skip to main content
Pragmatic Clinical Trials Unit

Data Security and Protection Toolkit

Information is a vital asset, in terms of running clinical studies and the efficient management of services and resources within the PCTU. It plays a key part in service planning, service delivery and performance management. It is therefore of paramount importance that information is efficiently managed and that appropriate policies, procedures, management accountability and structures are implemented for a robust governance framework of information management.

Information governance refers to the policies, procedures, processes, strategies, systems and controls implemented to manage information in an organisation so that the security and confidentiality of information is assured and so that the organisation abides by all appropriate regulatory and legal frameworks. Information governance provides a way for employees and others linked with the PCTU to deal consistently with the many different rules about how information is handled such as The Data Protection Act, the common law duty of confidentiality, The Freedom of Information Act, etc.

NHS digital is commissioned by the Department of Health to develop and maintain rules, policies and guidance regarding information governance that all Health and Social Care service providers, commissioners and suppliers need to comply with. These rules, policies and guidance are drawn together and grouped into categories in the Data Security and Protection Toolkit, a set of information governance requirements. All organisations that have access to NHS patient data must provide assurances that they are practising good information governance and use the Information Governance Toolkit to evidence this.

The PCTU has Data Security and Protection Toolkit registration and uses the framework of this Toolkit to ensure a process of continuous quality improvement in relation to information governance within the unit. It is expected that all persons involved in PCTU-linked studies must complete PCTU-specific Information Governance Training.

Find out more

Please see the PCTU Data Security and Protection (IG) Policy [PDF 526KB](previously the Information Governance Policy) for further information. 

For all Information Governance queries, please contact the Information Governance Team.

Data protection

The PCTU research privacy statement [PDF 155KB] describes how we collect and use personal information in the course our research in accordance with the General Data Protection Regulations (GDPR).

Data sharing

To find out more about how the PCTU shares data generated from its clinical trials and how to make a request, please visit the Data Sharing section. 

Back to top