The National Data Guardian has written to NHS England demanding clarification after it emerged that external contractors had been granted access to identifiable patient information within the NHS Federated Data Platform contradicting assurances previously given to the watchdog.

A Governance Gap At The Heart Of NHS Data Infrastructure

The body charged with safeguarding the responsible use of NHS data has taken the unusual step of publicly challenging the programme it was appointed to advise, after discovering that its own understanding of patient data access controls had been materially wrong.

In a statement published on 3 June 2026, Dr Nicola Byrne, the National Data Guardian (NDG) for health and social care, confirmed that her office had not been informed that external contractor staff were accessing identifiable patient information within the National Data Integration Tenant (NDIT), a component of the wider NHS Federated Data Platform (NHS FDP). 

The revelation directly contradicts the Data Protection Impact Assessment (DPIA) that the NDG reviewed, which stated that access to identifiable records would be restricted to NHS staff with a legitimate clinical need.

“We were not aware of this,” the statement reads. “We have therefore written to the programme to seek clarification on this inconsistency.”

What Is The NHS Federated Data Platform And Why Does It Matter?

The NHS FDP has been one of the most significant and contested digital health infrastructure projects in recent years. Designed to consolidate the fragmented data landscape across NHS trusts and services, the platform aims to give NHS staff a joined-up view of patient records, operational data, and care pathways. 

Proponents argue it is essential for modernising NHS community health services and improving outcomes in an increasingly stretched system. Critics have consistently raised concerns about privacy, commercial involvement, and the opacity of governance arrangements.

The platform is built and operated with significant involvement from external technology companies, an arrangement that has attracted sustained attention from patient rights campaigners. 

The Not With My NHS Data campaign, which prompted the NDG’s latest statement, has mobilised thousands of members of the public to contact the watchdog with concerns about who can access their health records and under what conditions.

The Inconsistency The Watchdog Could Not Ignore

At the heart of the NDG’s concern is a straightforward but serious discrepancy. The DPIA reviewed by the watchdog the formal document that is supposed to define precisely how data is used, who can see it, and what protections are in place drew a clear boundary: identifiable patient data would only be accessible to NHS staff. That boundary, it now appears, was not maintained in practice.

The NDG’s statement makes clear that the office only became aware of the situation through media reporting, and that subsequent confirmation came from the NHS FDP programme team itself. For an independent advisory body whose credibility depends entirely on being given accurate information, the episode represents a significant breakdown in the relationship.

Dr Byrne’s office has emphasised it needs to be confident he said, “that the positions presented to us are accurate, consistent, and clearly reflected in public-facing transparency materials,” and has stressed the importance of timely engagement whenever significant programme decisions change in ways that may affect public trust.

Consent, Opt-Out, And The Limits Of Patient Choice

The controversy has also reignited questions about what rights patients actually have when it comes to how their NHS data is used. 

The NDG’s statement attempts to draw a distinction between data used to support direct patient care which is what the NHS FDP is currently designated to do and data used for secondary purposes such as research and planning.

The national data opt-out, the mechanism through which NHS patients in England can ask that their data not be used for purposes beyond their own care, does not apply to the NHS FDP under its current designation. This is because the platform is classified as supporting care delivery rather than secondary use, a distinction that many members of the public engaging with the Not With My NHS Data campaign may not have been aware of before contacting the NDG.

The statement is careful not to suggest patients have been harmed, and acknowledges the complexity of how information flows legitimately across the NHS. But the framing of the opt-out exclusion is likely to attract further scrutiny at a time when public confidence is already fragile.

What Happens Next

The NDG has outlined a series of next steps, including awaiting formal assurance from NHS England that the inconsistency has been addressed, continuing scrutiny through the existing independent advisory groups, and updating the public once a response has been received. 

For care providers, NHS commissioners, local authorities, and technology suppliers operating in or around NHS data environments, the episode is a reminder that governance documentation is not a formality. DPIAs, data sharing agreements, and transparency materials need to reflect operational reality, not just the intended design. When they do not, public trust erodes in ways that are difficult and slow to rebuild.