Urgent help

Data Hub Acceptable Use Policy 

Policy details

Prepared for: NHS Norfolk and Suffolk ICB
Status: Approved
Version: 1.0
Date: 1/04/2026

Document control details:

  • 29/03/2022 – Version 0.1, Initial draft
  • 6/04/2022 – Version 0.2, Minor corrections
  • 30/05/2022 – Version 0.3, Restructure and revision
  • 5/06/2024 – Version 0.4, Updates regarding change of Data Hub hosts and governance arrangements
  • 15/05/2024 – Version 1, Various updates to majority of sections and move to Data Hub policy templates. Created as version 1 due to volume of changes.
  • 1/04/2026 – Current version, Revised to apply to Norfolk and Suffolk ICB, instead of Norfolk and Waveney ICB

Purpose and overview

Purpose

The Data Hub is a data centre that contains information for a wide range of health and care services across the Norfolk and Suffolk Integrated Care Partnership (ICS). It will become a core part of making information accessible across the ICS for secondary care purposes and support direct patient care through its Reidentification capabilities.  

The Acceptable Use Policy (AUP) explains the behaviours expected from all users of the Data Hub and its data. This AUP has examples of restricted behaviour but does not list all restricted behaviours.  

The Data Hub is the responsibility of the NWICB and governed by the ICS Data Hub Joint Controllers managed via a Joint Controller Group. 

By using the services, Data Hub users agree to the latest version of this policy. If you violate the policy or authorise or help others to do so, we may suspend or terminate your use of the services. Misuse of the Data Hub may also constitute a breach of confidentiality and be treated as gross misconduct in breach of member organisation’s local policies. 

The intended audience for this policy is all users of the Data Hub, this includes: 

  • Analysts interrogating the underlying data, whom have the relevant permissions,  
  • Engineers and Infrastructure employees that have access to the underlying platforms and restricted data areas and  
  • End users of the analytics via PowerBI or reporting applications. 

General Principles 

Access and Accounts 

Access to Data Hub and the data held within it is strictly controlled on a role-based access basis. Roles exist across 3 domains Infrastructure and Engineers who maintain the environment, analysts that have access to the analytical tables and processed data sources and finally end users who consume the data and analytics provided. 

Access to Data Hub data will be limited using the principle of least privilege.  

Data Hub data will be provided following the approval of a Use Case. If pseudonymised data, or local ID is required, then this must be justified and signed off within the Use Case. The Data Hub runs on a basis of all analytical resources are either Pseudonymised or Anonymised.  

When access to Data Hub data is provided, it must only be used for the purpose stated. Any other usage is strictly prohibited.  

The Data Hub has been provided to aid the provision and planning of health and social care and should not be used for any other purpose.  

When given access to the Data Hub (as an analyst or end user), it will be limited to certain data items and will be pseudonymised as a minimum. At no point should you attempt to reidentify any patients or access data outside your permissions. 

All data retained within the Data Hub is the responsibility of the ICB and Data Hub team to ensure only data retained, processed and published is in line with agreed use cases and governance controls. See section three for more details.  

Data Hub accounts are linked to you, personally. Where accounts are no longer used, they are automatically removed after a period of inactivity. 

The Data Hub team reserves the right to withdraw a Data Hub account from use should operational requirements dictate. This may include limiting service or complete de-activation.  

Your organisation maintains day to day administration responsibility for who has Data Hub access (including ensuring its part of a starters and leavers process). If your user breaches this AUP or the Data Access Policy, your organisation has the right to undertake disciplinary procedures in accordance with your local policies.  

Data Hub data use is governed by Use Case Approval. Data from the Data Hub should not be used for a purpose other than that covered by an approved use case. 

Data Hub hosted information is not the definitive data source. Data Hub process and hosts data and as such any information taken from the Data Hub and its reports is a snapshot of a provided position. Data is not live and may not be a totally complete and an accurate record. Users of the information must ensure they fully understand the lineage of any data being used. 

Data Hub is a collaboration system not a clinical records or patient data system. Content of this nature must be stored in your local organisations patient record systems in accordance with local IG policies.  

Although the Data Hub is hosted in the Microsoft Azure Cloud, access to the environment is tightly controlled and only approved organisations will be granted access to specific components. Access to the environment will be from UK locations only.  These controls form part of a wider layered approach to security to ensure that only the appropriate people from appropriate locations can access the environment. 

Subject to the appropriate authentication, aggregated data embedded in delivery mechanisms such as Reports will be made accessible over the public internet however any access should only be done in accordance with your local organisation’s policies and procedures. 

Responsibilities for users of the Data Hub

Responsibilities and safe practice 

This section is aimed at users of the Data Hub.

No attempts should be made to try and re-identify the individual, this also includes accidental reidentification e.g where data is shared with an organisation that has access to link data such as Local IDs and or access to source system where event dates and times could be used match a patient.  When accessing data or analytics provided via Data Hub (Data tables or reports). The data while pseudonymised will still contain lots of information regarding a person. 

Reidentification is only permitted through the correct Data Hub processes and policies. 

If you are accessing the reports as a sub licensee, they you must not share information outside your organisation. 

When you set up your Data Hub account you must identify yourself honestly, accurately, and completely.  

You must ensure your password and answers to your security questions for the Data Hub services are always kept confidential and secure. You should notify your Local Administrator if you become aware of any unauthorised access to your Data Hub account or believe your account to be compromised. You must never input your Data Hub password into any websites including social media sites. You will never be asked for your Data Hub password. Do not divulge this information to anyone, even if asked. The Data Hub will use Multi Factor authentication as default, should you not be able to use this then access to Data Hub will not be possible. Your organisation is responsible for ensuring you have the necessary equipment to access the Data Hub. 

You must not use any of the Data Hub services for commercial gain. This includes, but is not limited to unsolicited marketing, advertising, and selling goods or services. 

All use of the Data Hub services is assumed to be official from you acting in your official capacity on behalf of your organisation. This should be in accordance with your local organisation’s policies for use and exchange of data.  

You must not attempt to interfere with the technical components, both hardware and software, of the Data Hub system in any way.  

You must familiarise yourself and regularly check the Data Hub support site which includes important policy documentation, service status information, training and guidance materials, information about known issues with the service and user/administration guides.  

Access to Data Hub has to be from a corporate device. Security protocols and access remains the same if using another device e.g Home computer. However the organisation cannot allow data to be potentially download onto a non-corporate device. Access will always be subject to the same authentication checks regardless. Your organisation is responsible for assuring you have an appropriate device when accessing the Data Hub. 

It is your responsibility to ensure you are up to date with your local IG training. 

When accessing the underlying data (access to back end tables and data) in Data Hub you must be trained and understand how to navigate relational databases. Inappropriate use of the environment such as complex and unnecessary running of queries can incur additional costs. As such poor performing work and tasks left running over a long time period should be avoided or discussed with the Data Hub technical team. Activity will be monitored to ensure users of Data Hub use it fairly. 

When requesting analyst access (access to back end tables and data) You must declare if you have access to any source system such as local hospital or GP administration systems (e.g TPP, EMIS). Access to these system and access to Data Hub (as an analyst user) can result in the accidental or deliberate reidentification of data. Failure to disclose this will result in an IG incident being raised and removal from the Data Hub. End users of Data Hub analytical platforms, such as Power BI reports, will not be able to access row-level data (via this platform) and therefore do not need to declare if they have source system access. 

You must not use Data Hub to violate any laws, copyright or regulations of the United Kingdom or other countries. Use of the service for illegal activity is grounds for immediate dismissal and any illegal activity will be reported to the police.  

Data Hub data should not be extracted and linked to non Data Hub data sources. The linkage of data has to exist with Data Hub where controls are in place to only allow relevant data to carry a consistent pseudo ID. 

IG Considerations 

Data Hub is a centralised data repository but does not replace local provider clinical and administration systems. Data items that are required for retention/compliance purposes should be stored within your organisation’s document management systems in accordance with local Information Governance policies.  

Organisational administrators are entitled to request access to audit files to view your usage of the Data Hub 

Data Hub policy documents do not override local IG policies and processes. Any conflicts between local and Data Hub policy can be referred to the Data Hub team for review. 

To access Data Hub, health and care organisations must complete and publish the Data Security and Protection Toolkit or successor framework as applicable to the organisation type. This submission is to be a minimum of Standards Met. Where this is not achieved, then the organisation’s action plan must be agreed by NHS England.  

Any IG Incidents must be reported to your organisations IG lead, as per your standard organisation processes.  This must also be notified to the IG Team [email protected]