Requesting information from NHSBSA
There are several ways to request information from us.
The Freedom of Information Act (FOI) gives you the right to ask for information held by a public authority. Anyone can ask for this information, and we’ll provide it if it is not exempt from disclosure.
Data protection law gives you the right to ask for information about yourself. This is called a subject rights request. Anyone can exercise this right with us if we hold your personal information.
In your professional role, you may have powers under other UK legislation to request information from us. For example, you may be:
- a counter fraud officer
- a police officer
- in possession of a court order conducting research that requires access to data held by us that does not fall under the Freedom of Information Act, or is patient-identifiable
Freedom of information (FOI) requests
Anyone can request the information we hold. You should first check our publication scheme and our previous requests and responses to see if we’ve already published the information you’re looking for. We publish some information regularly and we publish the responses to all FOI requests. If the information you are looking for is not already published, you can make a new request.
Your FOI request must be in writing, and you must provide your name and contact details.
The easiest way to make a new FOI request is by using our FOI request portal, which will guide you through the process. We’ll normally respond to your request within 20 working days of receiving it.
If you have further questions about our FOI processes or wish to make enquiries about an ongoing request, email us at foirequests@nhsbsa.nhs.uk.
Requesting information about you or someone you represent
Data protection law provides you with certain rights regarding your personal information, such as the right to receive a copy of the information we hold about you.
You can request that your information be:
- changed, if you believe it was not correct at the time you provided it
- deleted, if you believe we are keeping it for longer than necessary
You must provide us with details that will help us find your personal information, and by law, we must confirm who you are before processing your request.
The easiest way to make a rights request is by using our subject rights request portal.
You can make a request:
We’ll normally respond to subject rights requests within one calendar month, but this could be up to 3 months for large or complex requests.
If you have any questions about our subject rights request process, or want to ask about any ongoing request, email us at dataprotection@nhsbsa.nhs.uk
Find out about your rights and how we use your information.
Requesting patient-identifiable data
Requests for patient identifiable medicines data should be made via the DARS application process at NHS Digital.
Information on the process for all other patient identifiable data requests, such as dental data, is available via the Patient identifiable data requests webpage.
Request non-identifiable patient data or data from multiple sources not covered by FOI
Dental Data:
Information on the process for submitting a request for ad-hoc dental data, NHS Commissioner dental patient letters or NHS Counter Fraud Authority (NHSCFA) and NHS Local Counter Fraud dental data can be accessed via the Requesting our data webpgae.
The importance of using data
We recognise the importance of using data to benefit public health. It’s important to use data in an ethical, controlled, and consensual way.
Our policies make sure that data used for public health research remains confidential.
All requests for data are subject to the provisions outlined in:
- Common Law Duty of Confidentiality
- data protection legislation
- the Caldicott principles
- the Information Commissioner’s statutory data sharing code of practice (PDF: 1.3 MB)
- the national data opt-out programme.
Find out more about our governance framework.